From 32d17447a258188b2d534bcb0bf65a659ba7b7d0 Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 29 Aug 2008 12:11:34 +0000 Subject: Initial import. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- bkucommon/src/main/java/META-INF/MANIFEST.MF | 3 + .../egiz/bku/binding/AbstractBindingProcessor.java | 86 ++ .../at/gv/egiz/bku/binding/BindingProcessor.java | 75 ++ .../egiz/bku/binding/BindingProcessorManager.java | 102 ++ .../bku/binding/BindingProcessorManagerImpl.java | 258 +++++ .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 62 ++ .../at/gv/egiz/bku/binding/DataUrlConnection.java | 79 ++ .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 216 +++++ .../gv/egiz/bku/binding/DataUrlConnectionSPI.java | 42 + .../at/gv/egiz/bku/binding/DataUrlResponse.java | 98 ++ .../java/at/gv/egiz/bku/binding/ExpiryRemover.java | 67 ++ .../gv/egiz/bku/binding/FixedFormParameters.java | 28 + .../java/at/gv/egiz/bku/binding/FormParameter.java | 39 + .../at/gv/egiz/bku/binding/FormParameterImpl.java | 93 ++ .../at/gv/egiz/bku/binding/FormParameterStore.java | 146 +++ .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 820 ++++++++++++++++ .../main/java/at/gv/egiz/bku/binding/HttpUtil.java | 78 ++ .../src/main/java/at/gv/egiz/bku/binding/Id.java | 27 + .../java/at/gv/egiz/bku/binding/IdFactory.java | 106 +++ .../main/java/at/gv/egiz/bku/binding/IdImpl.java | 80 ++ .../java/at/gv/egiz/bku/binding/InputDecoder.java | 41 + .../gv/egiz/bku/binding/InputDecoderFactory.java | 89 ++ .../bku/binding/MultiPartFormDataInputDecoder.java | 133 +++ .../at/gv/egiz/bku/binding/RemovalStrategy.java | 26 + .../gv/egiz/bku/binding/SLCommandInvokerImpl.java | 66 ++ .../egiz/bku/binding/XWWWFormUrlInputDecoder.java | 101 ++ .../binding/multipart/InputStreamPartSource.java | 66 ++ .../egiz/bku/binding/multipart/SLResultPart.java | 57 ++ .../bku/slcommands/AccessControlInvocation.java | 21 + .../bku/slcommands/CreateXMLSignatureCommand.java | 25 + .../bku/slcommands/CreateXMLSignatureResult.java | 20 + .../at/gv/egiz/bku/slcommands/ErrorResult.java | 20 + .../gv/egiz/bku/slcommands/InfoboxReadCommand.java | 20 + .../gv/egiz/bku/slcommands/InfoboxReadResult.java | 20 + .../gv/egiz/bku/slcommands/InvocationStrategy.java | 20 + .../egiz/bku/slcommands/NullOperationCommand.java | 20 + .../egiz/bku/slcommands/NullOperationResult.java | 20 + .../java/at/gv/egiz/bku/slcommands/SLCommand.java | 31 + .../gv/egiz/bku/slcommands/SLCommandContext.java | 42 + .../gv/egiz/bku/slcommands/SLCommandFactory.java | 370 +++++++ .../gv/egiz/bku/slcommands/SLCommandInvoker.java | 45 + .../java/at/gv/egiz/bku/slcommands/SLResult.java | 44 + .../at/gv/egiz/bku/slcommands/SLSourceContext.java | 63 ++ .../at/gv/egiz/bku/slcommands/SLTargetContext.java | 50 + .../impl/CreateXMLSignatureCommandImpl.java | 229 +++++ .../impl/CreateXMLSignatureResultImpl.java | 138 +++ .../egiz/bku/slcommands/impl/ErrorResultImpl.java | 60 ++ .../slcommands/impl/InfoboxReadCommandImpl.java | 409 ++++++++ .../bku/slcommands/impl/InfoboxReadResultImpl.java | 171 ++++ .../slcommands/impl/NullOperationCommandImpl.java | 43 + .../slcommands/impl/NullOperationResultImpl.java | 47 + .../gv/egiz/bku/slcommands/impl/SLCommandImpl.java | 162 ++++ .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 117 +++ .../impl/xsect/AlgorithmMethodFactory.java | 79 ++ .../impl/xsect/AlgorithmMethodFactoryImpl.java | 125 +++ .../impl/xsect/ByteArrayDereferencer.java | 65 ++ .../egiz/bku/slcommands/impl/xsect/DataObject.java | 1006 ++++++++++++++++++++ .../bku/slcommands/impl/xsect/IdValueFactory.java | 37 + .../slcommands/impl/xsect/IdValueFactoryImpl.java | 127 +++ .../slcommands/impl/xsect/LocRefDereferencer.java | 113 +++ .../bku/slcommands/impl/xsect/STALPrivateKey.java | 122 +++ .../bku/slcommands/impl/xsect/STALProvider.java | 64 ++ .../bku/slcommands/impl/xsect/STALSignature.java | 165 ++++ .../impl/xsect/STALSignatureException.java | 92 ++ .../egiz/bku/slcommands/impl/xsect/Signature.java | 935 ++++++++++++++++++ .../slcommands/impl/xsect/SignatureContext.java | 129 +++ .../slcommands/impl/xsect/SignatureLocation.java | 235 +++++ .../impl/xsect/SimpleDOMErrorHandler.java | 98 ++ .../impl/xsect/URIDereferncerAdapter.java | 103 ++ .../bku/slcommands/impl/xsect/XSECTReference.java | 112 +++ .../bku/slcommands/impl/xsect/XSECTTransforms.java | 124 +++ .../egiz/bku/slexceptions/SLBindingException.java | 31 + .../egiz/bku/slexceptions/SLCanceledException.java | 26 + .../egiz/bku/slexceptions/SLCommandException.java | 30 + .../at/gv/egiz/bku/slexceptions/SLException.java | 88 ++ .../egiz/bku/slexceptions/SLExceptionMessages.java | 50 + .../egiz/bku/slexceptions/SLRequestException.java | 30 + .../egiz/bku/slexceptions/SLRuntimeException.java | 37 + .../egiz/bku/slexceptions/SLViewerException.java | 25 + .../at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd | 877 +++++++++++++++++ .../at/gv/egiz/bku/slcommands/schema/xml.xsd | 145 +++ .../bku/slcommands/schema/xmldsig-core-schema.xsd | 308 ++++++ .../bku/slcommands/schema/xmldsig-transforms.xsd | 41 + .../slexceptions/SLExceptionMessages.properties | 97 ++ .../slexceptions/SLExceptionMessages_de.properties | 98 ++ 85 files changed, 10905 insertions(+) create mode 100644 bkucommon/src/main/java/META-INF/MANIFEST.MF create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlResponse.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/ExpiryRemover.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/FixedFormParameters.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameter.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterStore.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/IdFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoder.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoderFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/MultiPartFormDataInputDecoder.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/RemovalStrategy.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/AccessControlInvocation.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureCommand.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/ErrorResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InvocationStrategy.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationCommand.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommand.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandContext.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationCommandImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/ByteArrayDereferencer.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureContext.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureLocation.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SimpleDOMErrorHandler.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/URIDereferncerAdapter.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTReference.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTTransforms.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLBindingException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCanceledException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCommandException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRequestException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRuntimeException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xml.xsd create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-core-schema.xsd create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-transforms.xsd create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/META-INF/MANIFEST.MF b/bkucommon/src/main/java/META-INF/MANIFEST.MF new file mode 100644 index 00000000..5e949512 --- /dev/null +++ b/bkucommon/src/main/java/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java new file mode 100644 index 00000000..17ce29ce --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java @@ -0,0 +1,86 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.InputStream; +import java.util.Date; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.stal.STAL; + +public abstract class AbstractBindingProcessor implements BindingProcessor { + protected Id id; + protected STAL stal; + protected SLCommandInvoker commandInvoker; + protected long lastAccessedTime = System.currentTimeMillis(); + + public AbstractBindingProcessor(String idString) { + this.id = IdFactory.getInstance().createId(idString); + } + + /** + * @see java.lang.Thread#run() + */ + public abstract void run(); + + /** + * The caller is advised to check the result in case an error occurred. + * + * @see #getResult() + */ + public abstract void consumeRequestStream(InputStream aIs); + + public Id getId() { + return id; + } + + public STAL getSTAL() { + return stal; + } + + public SLCommandInvoker getCommandInvoker() { + return commandInvoker; + } + + public void updateLastAccessTime() { + lastAccessedTime = System.currentTimeMillis(); + } + + public Date getLastAccessTime() { + return new Date(lastAccessedTime); + } + + /** + * To be called after object creation. + * + * @param aStal + * must not be null + * @param aCommandInvoker + * must not be null + */ + public void init(STAL aStal, SLCommandInvoker aCommandInvoker) { + if (aStal == null) { + throw new NullPointerException("STAL must not be set to null"); + } + if (aCommandInvoker == null) { + throw new NullPointerException("Commandinvoker must not be set to null"); + } + stal = aStal; + commandInvoker = aCommandInvoker; + Thread.currentThread().setName("BPID#"+getId().toString()); + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java new file mode 100644 index 00000000..c386508d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java @@ -0,0 +1,75 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.util.Date; +import java.util.Locale; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.stal.STAL; + +/** + * Represents an single instance of a SL HTTP binding. + * + * @author wbauer + * + */ +public interface BindingProcessor extends Runnable { + + /** + * The stream must be read completely within this method. + * + * The caller is advised to check the result in case an error occurred. + * + * @see #getResult() + */ + public void consumeRequestStream(InputStream aIs); + + /** + * The unique Id of this http binding instance. + * @return + */ + public Id getId(); + + /** + * The used underlying STAL instance + * @return + */ + public STAL getSTAL(); + + public SLCommandInvoker getCommandInvoker(); + + public Date getLastAccessTime(); + + public void updateLastAccessTime(); + + public String getResultContentType(); + + public void writeResultTo(OutputStream os, String encoding) throws IOException; + + public void init(STAL aStal, SLCommandInvoker aCommandInvoker); + + /** + * Sets the preferred locale for userinteraction. + * If the locale is not set the default locale will be used. + * @param locale must not be null. + */ + public void setLocale(Locale locale); +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java new file mode 100644 index 00000000..a4e5bd90 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java @@ -0,0 +1,102 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.util.Locale; +import java.util.Set; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.stal.STALFactory; + +/** + * Central player that handles the protocol binding. + * + * @author wbauer + * + */ +public interface BindingProcessorManager { + + /** + * FactoryMethod creating a new BindingProcessor object. + * The created binding processor must be passed to the process method to execute. + * + * @param protcol + * the transport binding protocol + * @param aSessionId + * optional an external sessionId (e.g. http session) could be + * provided. This parameter may be null. + * @param locale the locale used for user interaction, may be null + */ + public BindingProcessor createBindingProcessor(String protcol, + String aSessionId, Locale locale); + + /** + * FactoryMethod creating a new BindingProcessor object. + * The created binding processor must be passed to the process method to execute. + * + * @param protcol + * the transport binding protocol + * @param aSessionId + * optional an external sessionId (e.g. http session) could be + * provided. This parameter may be null. + */ + public BindingProcessor createBindingProcessor(String protcol, + String aSessionId); + + + /** + * Gets the binding processor with a certain id. The binding processor must be passed to the + * process method before it is managed and thus returned by this method. + * @param aId must not be null + * @return null if the binding processor was not "processed" before. + */ + public BindingProcessor getBindingProcessor(Id aId); + + /** + * Sets the STAL factory that is used for creating STAL objects that are used by BindingProcessor objects. + * For each new BindingProcessor a new STAL object is created. + * @param aStalFactory the factory to be used. Must not be null. + */ + public void setSTALFactory(STALFactory aStalFactory); + + /** + * Sets the invoker to be used. + * @param invoker + */ + public void setSLCommandInvoker(SLCommandInvoker invoker); + + /** + * Schedules the provided binding processor for processing and immediately returns. + * + * @param aBindingProcessor + */ + public void process(BindingProcessor aBindingProcessor); + + /** + * Removes a formerly added (by calling the process method) binding processor. + * @param bindingProcessor must not be null + */ + public void removeBindingProcessor(Id sessionId); + + /** + * A set of all managed binding processors. + * @return + */ + public Set getManagedIds(); + + public void shutdown(); +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java new file mode 100644 index 00000000..7a3b1bb9 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -0,0 +1,258 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Locale; +import java.util.Map; +import java.util.Set; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.Future; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.binding.Protocol; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; + +/** + * This class maintains all active BindingProcessor Objects. Currently, only + * HTTPBinding is supported. + */ +public class BindingProcessorManagerImpl implements BindingProcessorManager { + + public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, + Protocol.HTTPS }; + + private static Log log = LogFactory.getLog(BindingProcessorManagerImpl.class); + + private RemovalStrategy removalStrategy; + private STALFactory stalFactory; + private SLCommandInvoker commandInvokerClass; + private ExecutorService executorService; + private Map bindingProcessorMap = Collections + .synchronizedMap(new HashMap()); + + /** + * Container to hold a Future and Bindingprocessor object as map value. + * @author wbauer + * @see BindingProcessorManagerImpl#bindingProcessorMap + */ + static class MapEntityWrapper { + private Future future; + private BindingProcessor bindingProcessor; + + public MapEntityWrapper(Future future, BindingProcessor bindingProcessor) { + if ((bindingProcessor == null) || (future == null)) { + throw new NullPointerException("Argument must not be null"); + } + this.bindingProcessor = bindingProcessor; + this.future = future; + } + + public Future getFuture() { + return future; + } + + public BindingProcessor getBindingProcessor() { + return bindingProcessor; + } + + public int hashCode() { + return bindingProcessor.getId().hashCode(); + } + + public boolean equals(Object other) { + if (other instanceof MapEntityWrapper) { + MapEntityWrapper o = (MapEntityWrapper) other; + return (o.bindingProcessor.getId().equals(bindingProcessor.getId())); + } else { + return false; + } + } + } + + /** + * + * @param fab + * must not be null + * @param ci + * must not be null (prototype to generate new instances) + */ + public BindingProcessorManagerImpl(STALFactory fab, SLCommandInvoker ci) { + if (fab == null) { + throw new NullPointerException("STALFactory must not be null"); + } + stalFactory = fab; + if (ci == null) { + throw new NullPointerException("SLCommandInvoker must not be null"); + } + commandInvokerClass = ci; + executorService = Executors.newCachedThreadPool(); + } + + /** + * + * @return the STALFactory currently used. + */ + public STALFactory getStalFactory() { + return stalFactory; + } + + /** + * Sets the STALFactory to be used. + * @param stalFactory + */ + public void setStalFactory(STALFactory stalFactory) { + this.stalFactory = stalFactory; + } + + /** + * Could be used to setup a new executor service during application stratup. + * @param executorService + */ + public void setExecutorService(ExecutorService executorService) { + this.executorService = executorService; + } + + public void setRemovalStrategy(RemovalStrategy aStrategy) { + removalStrategy = aStrategy; + } + + public RemovalStrategy getRemovlaStrategy() { + return removalStrategy; + } + + public void shutdown() { + log.info("Shutting down the BindingProcessorManager"); + executorService.shutdown(); + } + + /** + * Uses the default locale + */ + public BindingProcessor createBindingProcessor(String protocol, + String aSessionId) { + return createBindingProcessor(protocol, aSessionId, null); + } + + /** + * FactoryMethod creating a new BindingProcessor object. + * + * @param protocol + * must not be null + */ + public BindingProcessor createBindingProcessor(String protocol, + String aSessionId, Locale locale) { + String low = protocol.toLowerCase(); + Protocol proto = null; + for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { + if (SUPPORTED_PROTOCOLS[i].toString().equals(low)) { + proto = SUPPORTED_PROTOCOLS[i]; + break; + } + } + if (proto == null) { + throw new UnsupportedOperationException(); + } + BindingProcessor bindingProcessor = new HTTPBindingProcessor(aSessionId, + commandInvokerClass.newInstance(), proto); + STAL stal = stalFactory.createSTAL(); + bindingProcessor.init(stal, commandInvokerClass.newInstance()); + if (locale != null) { + bindingProcessor.setLocale(locale); + stal.setLocale(locale); + } + return bindingProcessor; + } + + /** + * @return the bindingprocessor object for this id or null if no bindingprocessor was found. + */ + public BindingProcessor getBindingProcessor(Id aId) { + if (bindingProcessorMap.get(aId) != null) { + return bindingProcessorMap.get(aId).getBindingProcessor(); + } else { + return null; + } + } + + /** + * + */ + public void setSTALFactory(STALFactory aStalFactory) { + if (aStalFactory == null) { + throw new NullPointerException("Cannot set STALFactory to null"); + } + stalFactory = aStalFactory; + } + + /** + * Causes the BindingProcessorManager to manage the provided BindingProcessor + * @param aBindingProcessor must not be null + */ + public void process(BindingProcessor aBindingProcessor) { + if (bindingProcessorMap.containsKey(aBindingProcessor.getId())) { + log.fatal("Clashing ids, cannot process bindingprocessor with id:" + + aBindingProcessor.getId()); + throw new SLRuntimeException( + "Clashing ids, cannot process bindingprocessor with id:" + + aBindingProcessor.getId()); + } + Future f = executorService.submit(aBindingProcessor); + bindingProcessorMap.put(aBindingProcessor.getId(), new MapEntityWrapper(f, + aBindingProcessor)); + } + + @Override + public void setSLCommandInvoker(SLCommandInvoker invoker) { + commandInvokerClass = invoker; + } + + @Override + public void removeBindingProcessor(Id sessionId) { + MapEntityWrapper wrapper = bindingProcessorMap + .get(sessionId); + if (wrapper == null) { + return; + } + Future f = wrapper.getFuture(); + if (!f.isDone()) { + f.cancel(true); + } + bindingProcessorMap.remove(sessionId); + } + + @Override + public Set getManagedIds() { + Set result = new HashSet(); + synchronized (bindingProcessorMap) { + for (Iterator it = bindingProcessorMap.keySet().iterator(); it + .hasNext();) { + result.add(it.next()); + } + } + return result; + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java new file mode 100644 index 00000000..8eaeacbd --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -0,0 +1,62 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.net.MalformedURLException; +import java.net.URL; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * Used to handle DataUrl connections as specified in the CCE's HTTP protocol binding. + * + */ +public class DataUrl { + private static DataUrlConnectionSPI defaultDataUrlConnection = new DataUrlConnectionImpl(); + private static Log log = LogFactory.getLog(DataUrl.class); + + private URL url; + + /** + * Sets the default DataUrlConnection implementation + * @param aClass must not be null + */ + public static void setDataUrlConnectionClass(DataUrlConnectionSPI dataUrlConnection) { + if (dataUrlConnection == null) { + throw new NullPointerException("Default dataurlconnection must not be set to null"); + } + defaultDataUrlConnection = dataUrlConnection; + } + + public DataUrl(String aUrlString) throws MalformedURLException { + url = new URL(aUrlString); + } + + public DataUrlConnection openConnection() { + try { + DataUrlConnectionSPI retVal = defaultDataUrlConnection.newInstance(); + retVal.init(url); + return retVal; + } catch (Exception e) { + log.error(e); + throw new SLRuntimeException("Cannot instantiate a dataurlconnection:",e); + } + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java new file mode 100644 index 00000000..e6d5e075 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java @@ -0,0 +1,79 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.net.SocketTimeoutException; +import java.security.cert.X509Certificate; + +import at.gv.egiz.bku.slcommands.SLResult; + +/** + * Transmit a security layer result to DataURL via HTTP POST, encoded as multipart/form-data. + * The HTTP header user-agent is set to citizen-card-environment/1.2 BKU2 1.0. + * The form-parameter ResponseType is set to HTTP-Security-Layer-RESPONSE. + * All other headers/parameters are set by the caller. + * + * @author clemens + */ +public interface DataUrlConnection { + + public static final String DEFAULT_USERAGENT = "citizen-card-environment/1.2 BKU2 1.0"; + public static final String FORMPARAM_RESPONSETYPE = "ResponseType"; + public static final String DEFAULT_RESPONSETYPE = "HTTP-Security-Layer-RESPONSE"; + public static final String FORMPARAM_XMLRESPONSE = "XMLResponse"; + public static final String FORMPARAM_BINARYRESPONSE = "BinaryResponse"; + + public static final String XML_RESPONSE_ENCODING = "UTF-8"; + + public String getProtocol(); + + /** + * Set a HTTP Header. + * @param key + * @param value multiple values are assumed to have the correct formatting (comma-separated list) + */ + public void setHTTPHeader(String key, String value); + + /** + * Set a form-parameter. + * @param name + * @param data + * @param contentType may be null + * @param charSet may be null + * @param transferEncoding may be null + */ + public void setHTTPFormParameter(String name, InputStream data, String contentType, String charSet, String transferEncoding); + + /** + * @pre httpHeaders != null + * @throws java.net.SocketTimeoutException + * @throws java.io.IOException + */ + public void connect() throws SocketTimeoutException, IOException; + + public X509Certificate getServerCertificate(); + + /** + * @pre connection != null + * @throws java.io.IOException + */ + public void transmit(SLResult slResult) throws IOException; + + public DataUrlResponse getResponse() throws IOException; +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java new file mode 100644 index 00000000..134d765e --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -0,0 +1,216 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.HttpURLConnection; +import java.net.SocketTimeoutException; +import java.net.URL; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import javax.net.ssl.HttpsURLConnection; + +import org.apache.commons.httpclient.methods.multipart.FilePart; +import org.apache.commons.httpclient.methods.multipart.Part; +import org.apache.commons.httpclient.methods.multipart.StringPart; + +import at.gv.egiz.bku.binding.multipart.InputStreamPartSource; +import at.gv.egiz.bku.binding.multipart.SLResultPart; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLResult.SLResultType; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.bku.utils.binding.Protocol; + +/** + * not thread-safe thus newInsance always returns a new object + * + */ +public class DataUrlConnectionImpl implements DataUrlConnectionSPI { + + public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, + Protocol.HTTPS }; + protected X509Certificate serverCertificate; + protected Protocol protocol; + protected URL url; + private HttpURLConnection connection; + protected Map requestHttpHeaders; + protected ArrayList formParams; + protected String boundary; + + protected DataUrlResponse result; + + public String getProtocol() { + if (protocol == null) { + return null; + } + return protocol.toString(); + } + + /** + * opens a connection sets the headers gets the server certificate + * + * @throws java.net.SocketTimeoutException + * @throws java.io.IOException + * @pre url != null + * @pre httpHeaders != null + */ + public void connect() throws SocketTimeoutException, IOException { + connection = (HttpURLConnection) url.openConnection(); + + // FIXXME move this to config. + HttpURLConnection.setFollowRedirects(false); + + + connection.setDoOutput(true); + Set headers = requestHttpHeaders.keySet(); + Iterator headerIt = headers.iterator(); + while (headerIt.hasNext()) { + String name = headerIt.next(); + connection.setRequestProperty(name, requestHttpHeaders.get(name)); + } + connection.connect(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection ssl = (HttpsURLConnection) connection; + X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); + if ((certs != null) && (certs.length >= 1)) { + serverCertificate = certs[0]; + } + } + } + + public X509Certificate getServerCertificate() { + return serverCertificate; + } + + public void setHTTPHeader(String name, String value) { + if (name != null && value != null) { + requestHttpHeaders.put(name, value); + } + } + + public void setHTTPFormParameter(String name, InputStream data, + String contentType, String charSet, String transferEncoding) { + InputStreamPartSource source = new InputStreamPartSource(null, data); + FilePart formParam = new FilePart(name, source, contentType, charSet); + if (transferEncoding != null) { + formParam.setTransferEncoding(transferEncoding); + } else { + formParam.setTransferEncoding(null); + } + formParams.add(formParam); + } + + /** + * send all formParameters + * + * @throws java.io.IOException + */ + public void transmit(SLResult slResult) throws IOException { + SLResultPart slResultPart = new SLResultPart(slResult, + XML_RESPONSE_ENCODING); + if (slResult.getResultType() == SLResultType.XML) { + slResultPart.setTransferEncoding(null); + slResultPart.setContentType(slResult.getMimeType()); + slResultPart.setCharSet(XML_RESPONSE_ENCODING); + } else { + slResultPart.setTransferEncoding(null); + slResultPart.setContentType(slResult.getMimeType()); + } + formParams.add(slResultPart); + + OutputStream os = connection.getOutputStream(); + + Part[] parts = new Part[formParams.size()]; + Part.sendParts(os, formParams.toArray(parts), boundary.getBytes()); + os.close(); + // MultipartRequestEntity PostMethod + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), + connection.getInputStream()); + + Map responseHttpHeaders = new HashMap(); + Map> httpHeaders = connection.getHeaderFields(); + for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt + .hasNext();) { + String key = keyIt.next(); + StringBuffer value = new StringBuffer(); + for (String val : httpHeaders.get(key)) { + value.append(val); + value.append(HttpUtil.SEPERATOR[0]); + } + String valString = value.substring(0, value.length() - 1); + if ((key != null)&&(value.length() > 0)) { + responseHttpHeaders.put(key, valString); + } + } + result.setResponseHttpHeaders(responseHttpHeaders); + } + + @Override + public DataUrlResponse getResponse() throws IOException { + return result; + } + + /** + * inits protocol, url, httpHeaders, formParams + * + * @param url + * must not be null + */ + @Override + public void init(URL url) { + + for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { + if (SUPPORTED_PROTOCOLS[i].toString().equalsIgnoreCase(url.getProtocol())) { + protocol = SUPPORTED_PROTOCOLS[i]; + break; + } + } + if (protocol == null) { + throw new SLRuntimeException("Protocol " + url.getProtocol() + + " not supported for data url"); + } + this.url = url; + boundary = "--" + IdFactory.getInstance().createId().toString(); + requestHttpHeaders = new HashMap(); + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, DEFAULT_USERAGENT); + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + HttpUtil.MULTIPART_FOTMDATA + HttpUtil.SEPERATOR[0] + + HttpUtil.MULTIPART_FOTMDATA_BOUNDARY + "=" + boundary); + + formParams = new ArrayList(); + StringPart responseType = new StringPart(FORMPARAM_RESPONSETYPE, + DEFAULT_RESPONSETYPE); + responseType.setCharSet("UTF-8"); + responseType.setTransferEncoding(null); + formParams.add(responseType); + } + + @Override + public DataUrlConnectionSPI newInstance() { + return new DataUrlConnectionImpl(); + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java new file mode 100644 index 00000000..9e5a66f8 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java @@ -0,0 +1,42 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.net.URL; + +/** + * Prototype of a DataurlconnectionSPI + * @author wbauer + * + */ +public interface DataUrlConnectionSPI extends DataUrlConnection { + + /** + * Returns a new instance of this class to handle a dataurl. + * Called by the factory each time the openConnection method is called. + * @return + */ + public DataUrlConnectionSPI newInstance(); + + /** + * Initializes the DataUrlConnection + * @param url + */ + public void init(URL url); + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlResponse.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlResponse.java new file mode 100644 index 00000000..b75cb0f3 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlResponse.java @@ -0,0 +1,98 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.io.PushbackInputStream; +import java.util.Iterator; +import java.util.Map; + +import at.gv.egiz.bku.utils.urldereferencer.StreamData; + +/** + * The response of a dataurl server. + * Additionally holds return code and response headers. + */ +public class DataUrlResponse extends StreamData { + + public final static String OK = ""; + + protected Map responseHttpHeaders; + + protected int responseCode = -1; + + public DataUrlResponse(String url, int responseCode, InputStream stream) { + super(url, null, new PushbackInputStream(stream, 10)); + this.responseCode = responseCode; + } + + public String getContentType() { + if (contentType != null) { + return contentType; + } + if (responseHttpHeaders == null) { + return null; + } + for (Iterator keyIt = responseHttpHeaders.keySet().iterator(); keyIt + .hasNext();) { + String key = keyIt.next(); + if (HttpUtil.HTTP_HEADER_CONTENT_TYPE.equalsIgnoreCase(key)) { + contentType = responseHttpHeaders.get(key); + return contentType; + } + } + return contentType; + } + + public void setResponseHttpHeaders(Map responseHttpHeaders) { + this.responseHttpHeaders = responseHttpHeaders; + } + + public Map getResponseHeaders() { + return responseHttpHeaders; + } + + public int getResponseCode() { + return responseCode; + } + + /** + * Checks if the http response equals "" + * + * @throws IOException + */ + public boolean isHttpResponseXMLOK() throws IOException { + String charset = HttpUtil.getCharset(contentType, true); + byte[] buffer = new byte[10]; + int i = 0; + int read = 0; + while ((i < 10) && (read != -1)) { + read = inputStream.read(buffer, i, 10 - i); + if (read != -1) { + i += read; + } + } + PushbackInputStream pbis = (PushbackInputStream) inputStream; + pbis.unread(buffer, 0, i); + if (i < 5) { + return false; + } + String ok = new String(buffer, 0, i, charset); + return (OK.equals(ok)); + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/ExpiryRemover.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ExpiryRemover.java new file mode 100644 index 00000000..d17a27c2 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ExpiryRemover.java @@ -0,0 +1,67 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.util.Iterator; +import java.util.Set; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * This class can be used to check the BindingProcessorManager for expired entries and remove them. + * Should be run periodically. + * + */ +public class ExpiryRemover implements RemovalStrategy { + + private static Log log = LogFactory.getLog(ExpiryRemover.class); + + protected BindingProcessorManager bindingProcessorManager; + // keep max 5 min. + protected long maxAcceptedAge = 1000 * 60 * 5; + + @Override + public void execute() { + log.debug("Triggered Expiry Remover"); + if (bindingProcessorManager == null) { + log.warn("Bindingprocessor not set, skipping removal"); + return; + } + Set managedIds = bindingProcessorManager.getManagedIds(); + for (Iterator it = managedIds.iterator(); it.hasNext();) { + Id bindId = it.next(); + BindingProcessor bp = bindingProcessorManager.getBindingProcessor(bindId); + if (bp != null) { + if (bp.getLastAccessTime().getTime() < (System.currentTimeMillis() - maxAcceptedAge)) { + log.debug("Removing binding processor: " + bp.getId()); + bindingProcessorManager.removeBindingProcessor(bp.getId()); + } + } + } + } + + public void setMaxAcceptedAge(long maxAcceptedAge) { + this.maxAcceptedAge = maxAcceptedAge; + } + + @Override + public void setBindingProcessorManager(BindingProcessorManager bp) { + bindingProcessorManager = bp; + } + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/FixedFormParameters.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FixedFormParameters.java new file mode 100644 index 00000000..cce3d720 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FixedFormParameters.java @@ -0,0 +1,28 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +/** + * Form parameters with special meaning as defined in the CCE's http binding. + * + */ +public interface FixedFormParameters { + String XMLREQUEST = "XMLRequest"; + String REDIRECTURL = "RedirectURL"; + String DATAURL = "DataURL"; + String STYLESHEETURL = "StylesheetURL"; +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameter.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameter.java new file mode 100644 index 00000000..93339451 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameter.java @@ -0,0 +1,39 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.InputStream; +import java.util.Iterator; + +/** + * Interface to access form control contents from the http request. + * It's designed to be used for URL encoded and multipart-formdata requests. + * @author wbauer + * + */ +public interface FormParameter { + + String getFormParameterName(); + + InputStream getFormParameterValue(); + + String getFormParameterContentType(); + + Iterator getHeaderNames(); + + String getHeaderValue(String headerName); +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterImpl.java new file mode 100644 index 00000000..45aa9be6 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterImpl.java @@ -0,0 +1,93 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.InputStream; +import java.util.Collections; +import java.util.Iterator; + +import org.apache.commons.fileupload.FileItemHeaders; + +/** + * Simple wrapper to read data while consuming an stream within the http + * processor. + * + * + */ +public class FormParameterImpl implements FormParameter { + + protected InputStream dataStream; + protected String contentType; + protected String formName; + protected FileItemHeaders headers; + + public FormParameterImpl(String contentType, String formName, InputStream is, + FileItemHeaders header) { + this.contentType = contentType; + this.formName = formName; + this.dataStream = is; + this.headers = header; + } + + @Override + public String getFormParameterContentType() { + return contentType; + } + + @Override + public String getFormParameterName() { + return formName; + } + + @Override + public InputStream getFormParameterValue() { + return dataStream; + } + + @Override + public String getHeaderValue(String headerName) { + if (headers == null) { + return null; + } + return headers.getHeader(headerName); + } + + @SuppressWarnings("unchecked") + @Override + public Iterator getHeaderNames() { + if (headers == null) { + return Collections.EMPTY_LIST.iterator(); + } + return headers.getHeaderNames(); + } + + public FileItemHeaders getHeaders() { + return headers; + } + + public boolean equals(Object other) { + if (other instanceof FormParameter) { + FormParameter fp = (FormParameter) other; + return fp.getFormParameterName().equals(getFormParameterName()); + } + return false; + } + + public int hashCode() { + return getFormParameterName().hashCode(); + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterStore.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterStore.java new file mode 100644 index 00000000..8b6cd4b2 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/FormParameterStore.java @@ -0,0 +1,146 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Collections; +import java.util.Iterator; + +import org.apache.commons.fileupload.FileItemHeaders; +import org.apache.commons.fileupload.util.FileItemHeadersImpl; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.StreamUtil; + +/** + * Simple store for form parameters based on a byte[] + * + * @author wbauer + * + */ +public class FormParameterStore implements FormParameter { + + private byte[] dataBuffer; + private String contentType; + private String parameterName; + private boolean initialized = false; + protected FileItemHeaders headers; + + /** + * Make sure to call init after creating a new instance. + */ + public FormParameterStore() { + } + + public void init(InputStream dataSource, String paramName, + String contentType, FileItemHeaders header) throws IOException { + ByteArrayOutputStream os = new ByteArrayOutputStream(); + StreamUtil.copyStream(dataSource, os); + this.dataBuffer = os.toByteArray(); + this.parameterName = paramName; + this.contentType = contentType; + initialized = true; + this.headers = header; + } + + public void init(byte[] dataSource, String paramName, + String contentType, FileItemHeaders header) throws IOException { + this.dataBuffer = dataSource; + this.parameterName = paramName; + this.contentType = contentType; + initialized = true; + this.headers = header; + } + + public void init(FormParameter fp) throws IOException { + ByteArrayOutputStream os = new ByteArrayOutputStream(); + StreamUtil.copyStream(fp.getFormParameterValue(), os); + this.dataBuffer = os.toByteArray(); + this.parameterName = fp.getFormParameterName(); + this.contentType = fp.getFormParameterContentType(); + if (fp instanceof FormParameterImpl) { + headers = ((FormParameterImpl) fp).getHeaders(); + } else { + FileItemHeadersImpl headersImpl = new FileItemHeadersImpl(); + for (Iterator i = fp.getHeaderNames(); i.hasNext();) { + String headerName = i.next(); + headersImpl.addHeader(headerName, fp.getHeaderValue(headerName)); + } + } + initialized = true; + } + + protected void ensureInitialized() { + if (!initialized) { + throw new SLRuntimeException("FormParameterStore not initialized"); + } + } + + /** + * Reads all data from the stream and stores it internally. The stream will + * not be closed. + * + * @param datSource + * @param formName + * @param contentType + */ + @Override + public String getFormParameterContentType() { + ensureInitialized(); + return contentType; + } + + @Override + public String getFormParameterName() { + ensureInitialized(); + return parameterName; + } + + /** + * May be called more than once. + */ + @Override + public InputStream getFormParameterValue() { + return new ByteArrayInputStream(dataBuffer); + } + + @Override + public String getHeaderValue(String name) { + if (headers == null) { + return null; + } + return headers.getHeader(name); + } + + @SuppressWarnings("unchecked") + @Override + public Iterator getHeaderNames() { + if (headers == null) { + return Collections.EMPTY_LIST.iterator(); + } + return headers.getHeaderNames(); + } + + public boolean isEmpty() { + ensureInitialized(); + return dataBuffer.length == 0; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java new file mode 100644 index 00000000..b79f7d55 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -0,0 +1,820 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.io.Reader; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.net.ssl.SSLHandshakeException; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.URIResolver; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLSourceContext; +import at.gv.egiz.bku.slcommands.SLTargetContext; +import at.gv.egiz.bku.slcommands.impl.ErrorResultImpl; +import at.gv.egiz.bku.slexceptions.SLBindingException; +import at.gv.egiz.bku.slexceptions.SLCanceledException; +import at.gv.egiz.bku.slexceptions.SLException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.bku.utils.binding.Protocol; +import at.gv.egiz.bku.utils.urldereferencer.FormDataURLSupplier; +import at.gv.egiz.bku.utils.urldereferencer.SimpleFormDataContextImpl; +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URIResolverAdapter; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STALRequest; + +/** + * Class performing the HTTP binding as defined by the CCE specification. + * Currently a huge monolithic class. + * @TODO refactor + */ +@SuppressWarnings("unchecked") +public class HTTPBindingProcessor extends AbstractBindingProcessor implements + FormDataURLSupplier { + + private static Log log = LogFactory.getLog(HTTPBindingProcessor.class); + + private static enum State { + INIT, PROCESS, DATAURL, TRANSFORM, FINISHED + }; + + public final static Collection XML_REQ_TRANSFER_ENCODING = Arrays + .asList(new String[] { "binary" }); + + /** + * Defines the maximum number of dataurl connects that are allowed within a + * single SL Request processing. + */ + protected static int MAX_DATAURL_HOPS = 10; + + protected static String XML_MIME_TYPE = "text/xml"; + protected static String BINARY_MIME_TYPE = "application/octet-stream"; + + /** + * If null everything is ok and the result is taken from the command invoker. + */ + protected SLException bindingProcessorError; + protected SLCommandInvoker commandInvoker; + protected DataUrlResponse dataUrlResponse; + protected Map headerMap = Collections.EMPTY_MAP; + protected SLCommand slCommand; + protected Map formParameterMap = new HashMap(); + protected SLSourceContext srcContex = new SLSourceContext(); + protected SLTargetContext targetContext = new SLTargetContext(); + protected Protocol protocol; + protected State currentState = State.INIT; + protected Transformer transformer = null; + protected String resultContentType = null; + protected SLResult slResult = null; + protected int responseCode = 200; + protected Map responseHeaders = Collections.EMPTY_MAP; + protected Locale locale = Locale.getDefault(); + + /** + * + * @param id + * may be null. In this case a new session id will be created. + * @param cmdInvoker + * must not be null; + */ + public HTTPBindingProcessor(String id, SLCommandInvoker cmdInvoker, + Protocol protocol) { + super(id); + if ((protocol != Protocol.HTTP) && (protocol != Protocol.HTTPS)) { + throw new SLRuntimeException("Protocol not supported: " + protocol); + } + if (cmdInvoker == null) { + throw new NullPointerException("Commandinvoker cannot be set to null"); + } + commandInvoker = cmdInvoker; + this.protocol = protocol; + srcContex.setSourceProtocol(protocol); + srcContex.setSourceIsDataURL(false); + } + + //---------------------------------------------------------------------------- + // ----------- BEGIN CONVENIENCE METHODS ----------- + + protected void sendSTALQuit() { + log.info("Sending QUIT command to STAL"); + List quit = new ArrayList(1); + quit.add(new QuitRequest()); + getSTAL().handleRequest(quit); + } + + protected String getFormParameterAsString(String formParameterName) { + FormParameter fp = formParameterMap.get(formParameterName); + return getFormParameterAsString(fp); + } + + protected String getFormParameterAsString(FormParameter fp) { + if (fp == null) { + return null; + } + try { + return StreamUtil.asString(fp.getFormParameterValue(), HttpUtil + .getCharset(fp.getFormParameterContentType(), true)); + } catch (IOException e) { + return null; + } + } + + protected String getDataUrl() { + return getFormParameterAsString(FixedFormParameters.DATAURL); + } + + protected String getStyleSheetUrl() { + return getFormParameterAsString(FixedFormParameters.STYLESHEETURL); + } + + protected List getFormParameters(String parameterNamePostfix) { + List resultList = new ArrayList(); + for (Iterator fpi = formParameterMap.keySet().iterator(); fpi + .hasNext();) { + String paramName = fpi.next(); + if (paramName.endsWith(parameterNamePostfix)) { + resultList.add(formParameterMap.get(paramName)); + } + } + return resultList; + } + + protected List getTransferHeaders() { + return getFormParameters("__"); + } + + protected List getTransferForms() { + List resultList = new ArrayList(); + for (Iterator fpi = formParameterMap.keySet().iterator(); fpi + .hasNext();) { + String paramName = fpi.next(); + if ((paramName.endsWith("_")) && (!paramName.endsWith("__"))) { + resultList.add(formParameterMap.get(paramName)); + } + } + return resultList; + } + + protected void closeDataUrlConnection() { + log.debug("Closing data url input stream"); + if (dataUrlResponse == null) { + return; + } + InputStream is = dataUrlResponse.getStream(); + if (is != null) { + try { + is.close(); + } catch (IOException e) { + log.info("Error closing input stream to dataurl server:" + e); + } + } + } + + //---------------------------------------------------------------------------- + // ----------- END CONVENIENCE METHODS ----------- + + //---------------------------------------------------------------------------- + // -- BEGIN Methods that handle the http binding activities as defined in the + // activity diagram -- + + protected void init() { + log.info("Starting Bindingprocessor in Thread: " + + Thread.currentThread().getId()); + if (bindingProcessorError != null) { + log.debug("Detected binding processor error, sending quit command"); + // sendSTALQuit(); + currentState = State.FINISHED; + } else if (slCommand == null) { + log.error("SLCommand not set (consumeRequest not called ??)"); + bindingProcessorError = new SLException(2000); + // sendSTALQuit(); + currentState = State.FINISHED; + } else { + currentState = State.PROCESS; + } + } + + protected void processRequest() { + log.debug("Entered State: " + State.PROCESS); + log.debug("Processing command: " + slCommand); + commandInvoker.setCommand(slCommand); + responseCode = 200; + responseHeaders = Collections.EMPTY_MAP; + try { + commandInvoker.invoke(srcContex); + } catch (SLCanceledException e) { + log.info("Caught exception: " + e); + bindingProcessorError = e; + currentState = State.TRANSFORM; + } + dataUrlResponse = null; + if (getDataUrl() != null) { + log.debug("Data Url set to: " + getDataUrl()); + currentState = State.DATAURL; + } else { + log.debug("No data url set"); + currentState = State.TRANSFORM; + } + } + + protected void handleDataUrl() { + log.debug("Entered State: " + State.DATAURL); + try { + DataUrl dataUrl = new DataUrl(getDataUrl()); + DataUrlConnection conn = dataUrl.openConnection(); + + // set transfer headers + for (FormParameter fp : getTransferHeaders()) { + String paramString = getFormParameterAsString(fp); + if (paramString == null) { + log.error("Got empty transfer header, ignoring this"); + } else { + String[] keyVal = paramString.split(":", 2); + String key = keyVal[0]; + String val = null; + if (keyVal.length == 2) { + val = keyVal[1]; + } + val = val.trim(); + log.debug("Setting header " + key + " to value " + val); + conn.setHTTPHeader(key, val); + } + } + + // set transfer form parameters + for (FormParameter fp : getTransferForms()) { + String contentTransferEncoding = null; + String contentType = fp.getFormParameterContentType(); + String charSet = HttpUtil.getCharset(contentType, false); + if (charSet != null) { + contentType = contentType.substring(0, contentType + .lastIndexOf(HttpUtil.SEPERATOR[0])); + } + for (Iterator header = fp.getHeaderNames(); header.hasNext();) { + if (HttpUtil.CONTENT_TRANSFER_ENCODING + .equalsIgnoreCase(header.next())) { + contentTransferEncoding = getFormParameterAsString(fp); + } + } + log.debug("Setting form: " + fp.getFormParameterName() + + " contentType: " + contentType + " charset: " + charSet + + " contentTransferEncoding: " + contentTransferEncoding); + conn.setHTTPFormParameter(fp.getFormParameterName(), fp + .getFormParameterValue(), contentType, charSet, + contentTransferEncoding); + } + + // connect + conn.connect(); + // fetch and set SL result + targetContext.setTargetIsDataURL(true); + targetContext.setTargetCertificate(conn.getServerCertificate()); + targetContext.setTargetProtocol(conn.getProtocol()); + SLResult result = commandInvoker.getResult(targetContext); + + // transfer result + conn.transmit(result); + + // process Dataurl response + dataUrlResponse = conn.getResponse(); + log.debug("Received data url response code: " + + dataUrlResponse.getResponseCode()); + protocol = Protocol.fromString(conn.getProtocol()); + + switch (dataUrlResponse.getResponseCode()) { + case 200: + String contentType = dataUrlResponse.getContentType(); + log.debug("Got dataurl response content type: " + contentType); + if (contentType != null) { + if ((contentType.startsWith(HttpUtil.APPLICATION_URL_ENCODED)) + || (contentType.startsWith(HttpUtil.MULTIPART_FOTMDATA))) { + log.debug("Detected SL Request in dataurl response"); + // process headers and request + setHTTPHeaders(dataUrlResponse.getResponseHeaders()); + consumeRequestStream(dataUrlResponse.getStream()); + closeDataUrlConnection(); + srcContex.setSourceCertificate(conn.getServerCertificate()); + srcContex.setSourceIsDataURL(true); + srcContex + .setSourceProtocol(Protocol.fromString(conn.getProtocol())); + currentState = State.PROCESS; + } else if (((contentType.startsWith(HttpUtil.TXT_HTML)) + || (contentType.startsWith(HttpUtil.TXT_PLAIN)) || (contentType + .startsWith(HttpUtil.TXT_XML))) + && (dataUrlResponse.isHttpResponseXMLOK())) { + log.info("Dataurl response matches with content type: " + + contentType); + currentState = State.TRANSFORM; + + } else if ((contentType.startsWith(HttpUtil.TXT_XML)) + && (!dataUrlResponse.isHttpResponseXMLOK())) { + log + .debug("Detected text/xml dataurl response with content != "); + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + assignXMLRequest(dataUrlResponse.getStream(), HttpUtil.getCharset( + contentType, true)); + closeDataUrlConnection(); + srcContex.setSourceCertificate(conn.getServerCertificate()); + srcContex.setSourceIsDataURL(true); + srcContex + .setSourceProtocol(Protocol.fromString(conn.getProtocol())); + currentState = State.PROCESS; + // just to be complete, actually not used + srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() + .get(HttpUtil.HTTP_HEADER_REFERER)); + } else { + resultContentType = contentType; + responseHeaders = dataUrlResponse.getResponseHeaders(); + responseCode = dataUrlResponse.getResponseCode(); + currentState = State.FINISHED; + } + } else { + log.debug("Content type not set in dataurl response"); + closeDataUrlConnection(); + throw new SLBindingException(2007); + } + + break; + case 307: + contentType = dataUrlResponse.getContentType(); + if ((contentType != null) && (contentType.startsWith(HttpUtil.TXT_XML))) { + log.debug("Received dataurl response code 307 with XML content"); + String location = dataUrlResponse.getResponseHeaders().get( + HttpUtil.HTTP_HEADER_LOCATION); + if (location == null) { + log + .error("Did not get a location header for a 307 data url response"); + throw new SLBindingException(2003); + } + // consumeRequestStream(dataUrlResponse.getStream()); + FormParameterStore fp = new FormParameterStore(); + fp.init(location.getBytes(HttpUtil.DEFAULT_CHARSET), + FixedFormParameters.DATAURL, null, null); + formParameterMap.put(FixedFormParameters.DATAURL, fp); + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + assignXMLRequest(dataUrlResponse.getStream(), HttpUtil.getCharset( + dataUrlResponse.getContentType(), true)); + closeDataUrlConnection(); + srcContex.setSourceCertificate(conn.getServerCertificate()); + srcContex.setSourceIsDataURL(true); + srcContex.setSourceProtocol(Protocol.fromString(conn.getProtocol())); + currentState = State.PROCESS; + // just to be complete, actually not used + srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() + .get(HttpUtil.HTTP_HEADER_REFERER)); + + } else { + log.debug("Received dataurl response code 307 non XML content: " + + dataUrlResponse.getContentType()); + resultContentType = dataUrlResponse.getContentType(); + currentState = State.FINISHED; + } + responseHeaders = dataUrlResponse.getResponseHeaders(); + responseCode = dataUrlResponse.getResponseCode(); + break; + + case 301: + case 302: + case 303: + responseHeaders = dataUrlResponse.getResponseHeaders(); + responseCode = dataUrlResponse.getResponseCode(); + resultContentType = dataUrlResponse.getContentType(); + currentState = State.FINISHED; + break; + + default: + // issue error + log.info("Unexpected response code from dataurl server: " + + dataUrlResponse.getResponseCode()); + throw new SLBindingException(2007); + } + + } catch (SLException slx) { + bindingProcessorError = slx; + log.error("Error during dataurl communication"); + resultContentType = HttpUtil.TXT_XML; + currentState = State.TRANSFORM; + } catch (SSLHandshakeException hx) { + bindingProcessorError = new SLException(2010); + log.info("Error during dataurl communication", hx); + resultContentType = HttpUtil.TXT_XML; + currentState = State.TRANSFORM; + } catch (IOException e) { + bindingProcessorError = new SLBindingException(2001); + log.error("Error while data url handling", e); + resultContentType = HttpUtil.TXT_XML; + currentState = State.TRANSFORM; + return; + } + } + + protected void transformResult() { + log.debug("Entered State: " + State.TRANSFORM); + if (bindingProcessorError != null) { + resultContentType = HttpUtil.TXT_XML; + } else if (dataUrlResponse != null) { + resultContentType = dataUrlResponse.getContentType(); + } else { + targetContext.setTargetIsDataURL(false); + targetContext.setTargetProtocol(protocol.toString()); + try { + slResult = commandInvoker.getResult(targetContext); + resultContentType = slResult.getMimeType(); + log + .debug("Successfully got SLResult from commandinvoker, setting mimetype to: " + + resultContentType); + } catch (SLCanceledException e) { + log.info("Cannot get result from invoker:", e); + bindingProcessorError = new SLException(6002); + resultContentType = HttpUtil.TXT_XML; + } + } + transformer = getTransformer(getStyleSheetUrl()); + if (transformer != null) { + log.debug("Output transformation required"); + resultContentType = transformer.getOutputProperty("media-type"); + log.debug("Got media type from stylesheet: " + resultContentType); + if (resultContentType == null) { + log.debug("Setting to default text/xml result conent type"); + resultContentType = "text/xml"; + } + log.debug("Deferring sytylesheet processing"); + } + currentState = State.FINISHED; + } + + protected void finished() { + log.debug("Entered State: " + State.FINISHED); + if (bindingProcessorError != null) { + log.debug("Binding processor error, sending quit command"); + resultContentType = HttpUtil.TXT_XML; + } + sendSTALQuit(); + log.info("Terminating Bindingprocessor; Thread: " + + Thread.currentThread().getId()); + } + + // -- END Methods that handle the http binding activities as defined in the + // activity diagram -- + //---------------------------------------------------------------------------- + + /** + * Sets the headers of the SL Request. IMPORTANT: make sure to set all headers + * before invoking {@link #consumeRequestStream(InputStream)} + * + * @param aHeaderMap + * if null all header will be cleared. + */ + public void setHTTPHeaders(Map aHeaderMap) { + headerMap = new HashMap(); + // ensure lowercase keys + if (aHeaderMap != null) { + for (String s : aHeaderMap.keySet()) { + if (s != null) { + headerMap.put(s.toLowerCase(), aHeaderMap.get(s)); + if (s.equalsIgnoreCase(HttpUtil.HTTP_HEADER_REFERER)) { + String referer = aHeaderMap.get(s); + log.debug("Got referer header: " + referer); + srcContex.setSourceHTTPReferer(referer); + } + } + } + } + } + + public void setSourceCertificate(X509Certificate aCert) { + srcContex.setSourceCertificate(aCert); + } + + /** + * The HTTPBindingProcessor does not handle redirect URLs. It only provides + * the parameter. + * + * @return null if redirect url is not set. + */ + public String getRedirectURL() { + return getFormParameterAsString(FixedFormParameters.REDIRECTURL); + } + + public String getFormDataContentType(String aParameterName) { + FormParameter fp = formParameterMap.get(aParameterName); + if (fp != null) { + return fp.getFormParameterContentType(); + } + return null; + } + + public InputStream getFormData(String aParameterName) { + FormParameter fp = formParameterMap.get(aParameterName); + if (fp != null) { + return fp.getFormParameterValue(); + } + return null; + } + + protected void assignXMLRequest(InputStream is, String charset) + throws IOException, SLException { + Reader r = new InputStreamReader(is, charset); + StreamSource source = new StreamSource(r); + SLCommandContext commandCtx = new SLCommandContext(); + commandCtx.setSTAL(getSTAL()); + commandCtx.setURLDereferencerContext(new SimpleFormDataContextImpl(this)); + slCommand = SLCommandFactory.getInstance().createSLCommand(source, + commandCtx); + log.debug("Created new command: " + slCommand); + } + + @Override + public void run() { + boolean done = false; + int hopcounter = 0; + if (bindingProcessorError != null) { + currentState = State.FINISHED; + } + try { + while (!done) { + try { + switch (currentState) { + case INIT: + init(); + break; + case PROCESS: + processRequest(); + break; + case DATAURL: + handleDataUrl(); + if (++hopcounter > MAX_DATAURL_HOPS) { + log.error("Maximum number of dataurl hops reached"); + bindingProcessorError = new SLBindingException(2000); + currentState = State.FINISHED; + } + break; + case TRANSFORM: + transformResult(); + break; + case FINISHED: + done = true; + finished(); + break; + } + } catch (RuntimeException rte) { + throw rte; + } catch (Exception t) { + log.error("Caught unexpected exception", t); + responseCode = 200; + resultContentType = HttpUtil.TXT_XML; + responseHeaders = Collections.EMPTY_MAP; + bindingProcessorError = new SLException(2000); + currentState = State.FINISHED; + } + } + } catch (Throwable t) { + log.error("Caught unexpected exception", t); + responseCode = 200; + resultContentType = HttpUtil.TXT_XML; + responseHeaders = Collections.EMPTY_MAP; + bindingProcessorError = new SLException(2000); + currentState = State.FINISHED; + } + log.debug("Terminated http binding processor"); + } + + @Override + public void consumeRequestStream(InputStream is) { + try { + log.debug("Start consuming request stream"); + formParameterMap.clear(); + String cl = headerMap + .get(HttpUtil.HTTP_HEADER_CONTENT_TYPE.toLowerCase()); + if (cl == null) { + log.info("No content type set in http header"); + throw new SLBindingException(2006); + } + InputDecoder id = InputDecoderFactory.getDecoder(cl, is); + id.setContentType(cl); + if (id == null) { + log.error("Cannot get inputdecoder for is"); + throw new SLException(2006); + } + for (Iterator fpi = id.getFormParameterIterator(); fpi + .hasNext();) { + FormParameter fp = fpi.next(); + log.debug("Got request parameter with name: " + + fp.getFormParameterName()); + if (fp.getFormParameterName().equals(FixedFormParameters.XMLREQUEST)) { + log.debug("Creating XML Request"); + for (Iterator headerIterator = fp.getHeaderNames(); headerIterator + .hasNext();) { + String headerName = headerIterator.next(); + if (HttpUtil.CONTENT_TRANSFER_ENCODING.equalsIgnoreCase(headerName)) { + String transferEncoding = fp.getHeaderValue(headerName); + log.debug("Got transfer encoding for xmlrequest: " + + transferEncoding); + if (XML_REQ_TRANSFER_ENCODING.contains(transferEncoding)) { + log.debug("Supported transfer encoding: " + transferEncoding); + } else { + log + .error("Transferencoding not supported: " + + transferEncoding); + throw new SLBindingException(2005); + } + } + } + String charset = HttpUtil.getCharset(cl, true); + assignXMLRequest(fp.getFormParameterValue(), charset); + } else { + FormParameterStore fps = new FormParameterStore(); + fps.init(fp); + if (!fps.isEmpty()) { + log.debug("Setting from parameter: " + fps.getFormParameterName()); + formParameterMap.put(fps.getFormParameterName(), fps); + } + } + } + if (slCommand == null) { + throw new SLBindingException(2004); + } + if (is.read() != -1) { + log.error("Request input stream not completely read"); + // consume rest of stream, should never occur + throw new SLRuntimeException( + "request input stream not consumed till end"); + } + } catch (SLException slx) { + log.info("Error while consuming input stream " + slx); + bindingProcessorError = slx; + } catch (Throwable t) { + log.info("Error while consuming input stream " + t, t); + bindingProcessorError = new SLException(2000); + } finally { + try { + while (is.read() != -1) + ; + } catch (IOException e) { + log.error(e); + } + } + } + + @Override + public String getResultContentType() { + return resultContentType; + } + + protected Transformer getTransformer(String styleSheetURL) { + if (styleSheetURL == null) { + log.debug("Stylesheet URL not set"); + return null; + } + try { + URLDereferencerContext urlCtx = new SimpleFormDataContextImpl(this); + URIResolver resolver = new URIResolverAdapter(URLDereferencer + .getInstance(), urlCtx); + TransformerFactory factory = TransformerFactory.newInstance(); + StreamData sd = URLDereferencer.getInstance().dereference(styleSheetURL, + urlCtx); + Transformer t = factory.newTransformer(new StreamSource(sd.getStream())); + t.setURIResolver(resolver); + return t; + } catch (Exception ex) { + log.info("Cannot instantiate transformer", ex); + bindingProcessorError = new SLException(2002); + return null; + } + } + + protected void handleBindingProcessorError(OutputStream os, String encoding, + Transformer transformer) throws IOException { + log.debug("Writing error as result"); + ErrorResultImpl error = new ErrorResultImpl(bindingProcessorError); + try { + error.writeTo(new StreamResult(new OutputStreamWriter(os, encoding)), + transformer); + } catch (TransformerException e) { + log.fatal("Cannot write error result to stream", e); + } + } + + @Override + public void writeResultTo(OutputStream os, String encoding) + throws IOException { + if (encoding == null) { + encoding = HttpUtil.DEFAULT_CHARSET; + } + if (bindingProcessorError != null) { + log.debug("Detected error in binding processor, writing error as result"); + handleBindingProcessorError(os, encoding, transformer); + return; + } else if (dataUrlResponse != null) { + log.debug("Writing data url response as result"); + String charEnc = HttpUtil.getCharset(dataUrlResponse.getContentType(), + true); + InputStreamReader isr = new InputStreamReader( + dataUrlResponse.getStream(), charEnc); + OutputStreamWriter osw = new OutputStreamWriter(os, encoding); + if (transformer == null) { + StreamUtil.copyStream(isr, osw); + } else { + try { + transformer.transform(new StreamSource(isr), new StreamResult(osw)); + } catch (TransformerException e) { + log.fatal("Exception occured during result transformation", e); + // bindingProcessorError = new SLException(2008); + // handleBindingProcessorError(os, encoding, null); + return; + } + } + osw.flush(); + isr.close(); + } else if (slResult == null) { + // result not yet assigned -> must be a cancel + bindingProcessorError = new SLException(6001); + handleBindingProcessorError(os, encoding, transformer); + return; + } else { + log.debug("Getting result from invoker"); + OutputStreamWriter osw = new OutputStreamWriter(os, encoding); + try { + slResult.writeTo(new StreamResult(osw), transformer); + } catch (TransformerException e) { + log.fatal("Cannot write result to stream", e); + // bindingProcessorError = new SLException(2008); + // handleBindingProcessorError(os, encoding, transformer); + } + osw.flush(); + } + } + + /** + * The response code from the dataurl server or 200 if no dataurl server + * created the result + * + * @return + */ + public int getResponseCode() { + return responseCode; + } + + /** + * All headers from the data url server in case of a direct forward from the + * dataurl server. + * + * @return + */ + public Map getResponseHeaders() { + return responseHeaders; + } + + @Override + public void setLocale(Locale locale) { + if (locale == null) { + throw new NullPointerException("Locale must not be set to null"); + } + this.locale = locale; + } + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java new file mode 100644 index 00000000..b11a4d85 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java @@ -0,0 +1,78 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.util.Map; + +import org.apache.commons.fileupload.ParameterParser; + +/** + * Placeholder for some HTTP related constants and helper method to extract the charset for a request. + * + */ +public class HttpUtil { + + public final static String CHAR_SET = "charset"; + public final static String DEFAULT_CHARSET = "ISO-8859-1"; + public final static String HTTP_HEADER_CONTENT_TYPE = "Content-Type"; + public static final String HTTP_HEADER_USER_AGENT = "User-Agent"; + public final static String HTTP_HEADER_REFERER = "Referer"; + public final static String CONTENT_TRANSFER_ENCODING = "Content-Transfer-Encoding"; + public final static String MULTIPART_FOTMDATA = "multipart/form-data"; + public final static String MULTIPART_FOTMDATA_BOUNDARY = "boundary"; + public final static String TXT_XML = "text/xml"; + public final static String TXT_PLAIN = "text/plain"; + public final static String TXT_HTML = "text/html"; + public final static String APPLICATION_URL_ENCODED = "application/x-www-form-urlencoded"; + public final static String HTTP_HEADER_LOCATION = "Location"; + + public final static char[] SEPERATOR = { ';' }; + + /** + * Extracts charset from a content type header. + * + * @param contentType + * @param replaceNullWithDefault + * if true the method return the default charset if not set + * @return charset String or null if not present + */ + @SuppressWarnings("unchecked") + public static String getCharset(String contentType, + boolean replaceNullWithDefault) { + ParameterParser pf = new ParameterParser(); + pf.setLowerCaseNames(true); + Map map = pf.parse(contentType, SEPERATOR); + String retVal = (String) map.get(CHAR_SET); + if ((retVal == null) && (replaceNullWithDefault)) { + if (map.containsKey(APPLICATION_URL_ENCODED)) { + // default charset for url encoded data + return "UTF-8"; + } + retVal = getDefaultCharset(); + } + return retVal; + } + + /** + * + * Not to be used for url encoded requests. + */ + public static String getDefaultCharset() { + return DEFAULT_CHARSET; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java new file mode 100644 index 00000000..93ab2e8b --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java @@ -0,0 +1,27 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +/** + * The unique identifier for a BindingProcessor + * @author wbauer + * + */ +public interface Id { + + public String toString(); +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdFactory.java new file mode 100644 index 00000000..60bf69a4 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdFactory.java @@ -0,0 +1,106 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Creates or converts Ids for BindingProcessors. + * @author wbauer + * + */ +public class IdFactory { + + public static int DEFAULT_NUMBER_OF_BITS = 168; + + private static Log log = LogFactory.getLog(IdFactory.class); + + private static IdFactory instance = new IdFactory(); + + private SecureRandom random; + private int numberOfBits = DEFAULT_NUMBER_OF_BITS; + + private IdFactory() { + try { + random = SecureRandom.getInstance("SHA1PRNG"); + } catch (NoSuchAlgorithmException e) { + log.error("Cannot instantiate secure random" + e); + } + } + + public static IdFactory getInstance() { + return instance; + } + + + /** + * set the secure random number generator to create secure ids. + * + * @param random + * must not be null + */ + public void setSecureRandom(SecureRandom random) { + if (random == null) { + throw new NullPointerException("Cannot set secure random to null"); + } + this.random = random; + } + + /** + * Don't use this method unless you know exactly what you do ! + * Be sure to use a sufficient large entropy + * @param numberOfBits >=1 (although this small entropy does not make sense) + */ + public void setNumberOfBits(int numberOfBits) { + if (numberOfBits <1) { + throw new IllegalArgumentException("Cannot set number of bits < 1"); + } + this.numberOfBits = numberOfBits; + } + + public int getNumberOfBits() { + return numberOfBits; + } + + /** + * Creates a new Id object with the factory's secure RNG and the set number of + * bits. + * + * @return + */ + public Id createId() { + return new IdImpl(numberOfBits, random); + } + + /** + * Creates an Id object for the provided String + * + * @param idString + * may be null in this case the method call creates a new Id. + * @return + */ + public Id createId(String idString) { + if (idString == null) { + return createId(); + } + return new IdImpl(idString); + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java new file mode 100644 index 00000000..5523992a --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java @@ -0,0 +1,80 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import iaik.utils.Base64OutputStream; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.security.SecureRandom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Implementation that uses a Base64 representation for self generated Ids. + * @author wbauer + * + */ +public class IdImpl implements at.gv.egiz.bku.binding.Id { + private static Log log = LogFactory.getLog(IdImpl.class); + + private String idString; + + public IdImpl(int bitNumber, SecureRandom random) { + int byteSize = bitNumber/8; + if (bitNumber % 8 != 0) { + byteSize++; + } + byte[] randomBytes = new byte[byteSize]; + random.nextBytes(randomBytes); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + Base64OutputStream b64 = new Base64OutputStream(baos); + try { + b64.write(randomBytes); + b64.flush(); + b64.close(); + idString = new String(baos.toByteArray()); + } catch (IOException e) { + log.error("Cannot create secure id: "+e); + } + } + + public IdImpl(String idString) { + if (idString == null) { + throw new NullPointerException("Provided idstring must not be null"); + } + this.idString = idString; + } + + public String toString() { + return idString; + } + + public int hashCode() { + return idString.hashCode(); + } + + public boolean equals(Object other) { + if (other instanceof Id) { + Id otherId = (Id)other; + return otherId.toString().equals(idString); + } else { + return false; + } + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoder.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoder.java new file mode 100644 index 00000000..e22e54f2 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoder.java @@ -0,0 +1,41 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.InputStream; +import java.util.Iterator; + +/** + * Decodes http input stream (either url encoded or multipart formdata) + * @author wbauer + * + */ +public interface InputDecoder { + /** + * Called from Factory. + * @param contentType + */ + void setContentType(String contentType); + + /** + * Called from Factory. + * @param is the input must not be null + */ + void setInputStream(InputStream is); + + Iterator getFormParameterIterator(); +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoderFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoderFactory.java new file mode 100644 index 00000000..211deee7 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/InputDecoderFactory.java @@ -0,0 +1,89 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Factory to get a matching instance for a encoded input stream when reading a http request. + * + */ +public class InputDecoderFactory { + + public final static String MULTIPART_FORMDATA = "multipart/form-data"; + public final static String URL_ENCODED = "application/x-www-form-urlencoded"; + + private static InputDecoderFactory instance = new InputDecoderFactory(); + private static Log log = LogFactory.getLog(InputDecoderFactory.class); + + private String defaultEncoding = URL_ENCODED; + private Map> decoderMap = new HashMap>(); + + private InputDecoderFactory() { + decoderMap.put(MULTIPART_FORMDATA, MultiPartFormDataInputDecoder.class); + decoderMap.put(URL_ENCODED, XWWWFormUrlInputDecoder.class); + } + + public static InputDecoder getDefaultDecoder(InputStream is) { + return getDecoder(instance.defaultEncoding, is); + } + + /** + * + * @param contentType + * @param is + * @return null if the content type is not supported + */ + public static InputDecoder getDecoder(String contentType, InputStream is) { + String prefix = contentType.split(";")[0].trim().toLowerCase(); + Class dec = instance.decoderMap.get(prefix); + if (dec == null) { + log.info("Unknown encoding prefix " + contentType); + return null; + } + InputDecoder id; + try { + id = dec.newInstance(); + id.setContentType(contentType); + id.setInputStream(is); + return id; + } catch (InstantiationException e) { + log.error(e); + throw new IllegalArgumentException( + "Cannot get an input decoder for content type: " + contentType); + } catch (IllegalAccessException e) { + log.error(e); + throw new IllegalArgumentException( + "Cannot get an input decoder for content type: " + contentType); + } + } + + /** + * Allows to register decoders for special mime types. + * @param mimeType + * @param decoder + */ + public static void registerDecoder(String mimeType, + Class decoder) { + instance.decoderMap.put(mimeType.toLowerCase(), decoder); + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/MultiPartFormDataInputDecoder.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/MultiPartFormDataInputDecoder.java new file mode 100644 index 00000000..f8b13553 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/MultiPartFormDataInputDecoder.java @@ -0,0 +1,133 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Iterator; + +import org.apache.commons.fileupload.FileItemIterator; +import org.apache.commons.fileupload.FileItemStream; +import org.apache.commons.fileupload.FileUpload; +import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload.RequestContext; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * The code to detect the multipart boundary is based on + * org.apache.commons.fileupload.FileUploadBase of + * http://commons.apache.org/fileupload/ + * + * @author wbauer + * + */ +public class MultiPartFormDataInputDecoder implements InputDecoder, + RequestContext { + + private static Log log = LogFactory + .getLog(MultiPartFormDataInputDecoder.class); + + private String contentType; + private InputStream stream; + + @Override + public void setContentType(String contentType) { + this.contentType = contentType; + } + + @Override + public String getCharacterEncoding() { + return null; + } + + @Override + public int getContentLength() { + return 0; + } + + @Override + public String getContentType() { + return contentType; + } + + @Override + public InputStream getInputStream() throws IOException { + return stream; + } + + @Override + public Iterator getFormParameterIterator() { + try { + FileUpload fup = new FileUpload(); + FileItemIterator fit = fup.getItemIterator(this); + return new IteratorDelegator(fit); + } catch (Exception iox) { + log.error("Cannot decode multipart form data stream " + iox); + throw new SLRuntimeException(iox); + } + } + + @Override + public void setInputStream(InputStream is) { + stream = is; + } + + static class IteratorDelegator implements Iterator { + + private FileItemIterator fileItemIterator; + + public IteratorDelegator(FileItemIterator fit) { + fileItemIterator = fit; + } + + @Override + public boolean hasNext() { + try { + return fileItemIterator.hasNext(); + } catch (FileUploadException e) { + log.error(e); + throw new SLRuntimeException(e); + } catch (IOException e) { + log.error(e); + throw new SLRuntimeException(e); + } + } + + @Override + public FormParameter next() { + try { + FileItemStream item = fileItemIterator.next(); + return new FormParameterImpl(item.getContentType(), + item.getFieldName(), item.openStream(), item.getHeaders()); + } catch (FileUploadException e) { + log.error(e); + throw new SLRuntimeException(e); + } catch (IOException e) { + log.error(e); + throw new SLRuntimeException(e); + } + } + + @Override + public void remove() { + throw new UnsupportedOperationException("Remove not supported"); + } + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/RemovalStrategy.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/RemovalStrategy.java new file mode 100644 index 00000000..6c2dcb9f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/RemovalStrategy.java @@ -0,0 +1,26 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +/** + * Could be used to remove expired BindingProcessor objects from a BindingProcessorManager. + * + */ +public interface RemovalStrategy { + public void execute(); + public void setBindingProcessorManager(BindingProcessorManager bp); +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java new file mode 100644 index 00000000..ef2affd1 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java @@ -0,0 +1,66 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLSourceContext; +import at.gv.egiz.bku.slcommands.SLTargetContext; + +/** + * This class implements the entry point for the CCEs security management. + * + * TODO the secuirty management is currently not implemented. + */ +public class SLCommandInvokerImpl implements SLCommandInvoker { + + private static Log log = LogFactory.getLog(SLCommandInvokerImpl.class); + + protected SLCommand command; + protected SLResult result; + + /** + * Invokes a sl command. + */ + public void invoke(SLSourceContext aContext) { + // FIXXME add security policy here. + log.warn("Security policy not implemented yet, invoking command: "+command); + result = command.execute(); + } + + public SLResult getResult(SLTargetContext aContext) { + // FIXXME + log.warn("Security policy not implemented yet, getting result of command: "+command); + return result; + } + + public void setCommand(SLCommand aCmd) { + command = aCmd; + } + + @Override + public SLCommandInvoker newInstance() { + SLCommandInvokerImpl cmdInv = new SLCommandInvokerImpl(); + return cmdInv; + } + + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java new file mode 100644 index 00000000..f4ebe288 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java @@ -0,0 +1,101 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.binding; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.URLDecoder; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import org.apache.commons.fileupload.ParameterParser; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.StreamUtil; + +/** + * Implementation based on Java's URLDecoder class + * + */ +// FIXME replace this code by a streaming variant +public class XWWWFormUrlInputDecoder implements InputDecoder { + + public final static String CHAR_SET = "charset"; + public final static String NAME_VAL_SEP = "="; + public final static String SEP = "\\&"; + + private String contentType; + private InputStream dataStream; + private String charset = "UTF-8"; + + protected List decodeInput(InputStream is) throws IOException { + List result = new LinkedList(); + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + StreamUtil.copyStream(is, bos); + String inputString = new String(bos.toByteArray()); + String[] nameValuePairs = inputString.split(SEP); + //inputString = URLDecoder.decode(inputString, charset); + for (int i = 0; i < nameValuePairs.length; i++) { + String[] fields = nameValuePairs[i].split(NAME_VAL_SEP, 2); + if (fields.length != 2) { + throw new SLRuntimeException("Invalid form encoding, missing value"); + } + String name = URLDecoder.decode(fields[0], charset); + String value =URLDecoder.decode(fields[1], charset); + ByteArrayInputStream bais = new ByteArrayInputStream(value + .getBytes(charset)); + FormParameterImpl fpi = new FormParameterImpl(contentType, name, bais, null); + result.add(fpi); + } + return result; + } + + @SuppressWarnings("unchecked") + @Override + public void setContentType(String contentType) { + ParameterParser pp = new ParameterParser(); + pp.setLowerCaseNames(true); + Map params = pp.parse(contentType, new char[] { ':', ';' }); + if (!params.containsKey("application/x-www-form-urlencoded")) { + throw new IllegalArgumentException( + "not a url encoded content type specification: " + contentType); + } + String cs = params.get(CHAR_SET); + if (cs != null) { + charset = cs; + } + this.contentType = contentType; + } + + @Override + public Iterator getFormParameterIterator() { + try { + return decodeInput(dataStream).iterator(); + } catch (IOException e) { + throw new SLRuntimeException(e); + } + } + + @Override + public void setInputStream(InputStream is) { + dataStream = is; + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java new file mode 100644 index 00000000..253f8ff5 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java @@ -0,0 +1,66 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +package at.gv.egiz.bku.binding.multipart; + +import java.io.IOException; +import java.io.InputStream; +import org.apache.commons.httpclient.methods.multipart.PartSource; + +/** + * InputStream source for FilePart. + * DOES NOT RETURN A CORRECT LENGTH OF THE INPUT DATA. (but we don't care, since we use chunked encoding) + * + * @author clemens + */ +public class InputStreamPartSource implements PartSource { + + protected String name; + protected InputStream data; + + public InputStreamPartSource(String name, InputStream data) { + this.name = name; + this.data = data; + } + + /** + * Just a dummy value to make Part work + * @return 42 + */ + @Override + public long getLength() { + //System.out.println("***********GETLENGTH"); + return 42; + } + + @Override + public String getFileName() { + return name; + } + + @Override + public InputStream createInputStream() throws IOException { + if (data == null) + throw new IOException("Failed to get stream for part: no data was set."); + return data; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java new file mode 100644 index 00000000..566b77b3 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java @@ -0,0 +1,57 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +package at.gv.egiz.bku.binding.multipart; + +import at.gv.egiz.bku.slcommands.SLResult; +import java.io.IOException; +import java.io.OutputStream; +import java.io.OutputStreamWriter; + +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.httpclient.methods.multipart.ByteArrayPartSource; +import org.apache.commons.httpclient.methods.multipart.FilePart; + +/** + * + * @author clemens + */ +public class SLResultPart extends FilePart { + + protected SLResult slResult; + protected String encoding; + + public SLResultPart(SLResult slResult, String encoding) { + super("XMLResponse", + new ByteArrayPartSource(null, "dummySource".getBytes())); + this.slResult = slResult; + this.encoding = encoding; + } + + @Override + protected void sendData(OutputStream out) throws IOException { + slResult.writeTo(new StreamResult(new OutputStreamWriter(out, encoding))); + // slResult.writeTo(new StreamResult(new OutputStreamWriter(System.out, + // encoding))); + // super.sendData(out); + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/AccessControlInvocation.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/AccessControlInvocation.java new file mode 100644 index 00000000..014b7fd7 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/AccessControlInvocation.java @@ -0,0 +1,21 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public class AccessControlInvocation implements + at.gv.egiz.bku.slcommands.InvocationStrategy { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureCommand.java new file mode 100644 index 00000000..2d87c39f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureCommand.java @@ -0,0 +1,25 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRequestException; + +public interface CreateXMLSignatureCommand extends SLCommand { + + public void prepareXMLSignature() throws SLCommandException, SLRequestException; +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureResult.java new file mode 100644 index 00000000..4bc2820b --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/CreateXMLSignatureResult.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface CreateXMLSignatureResult extends SLResult { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/ErrorResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/ErrorResult.java new file mode 100644 index 00000000..5d52c0ea --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/ErrorResult.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface ErrorResult extends SLResult { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java new file mode 100644 index 00000000..77529a36 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InfoboxReadCommand extends SLCommand { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadResult.java new file mode 100644 index 00000000..c6a51362 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadResult.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InfoboxReadResult extends SLResult { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InvocationStrategy.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InvocationStrategy.java new file mode 100644 index 00000000..6b410fac --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InvocationStrategy.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InvocationStrategy { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationCommand.java new file mode 100644 index 00000000..0651f882 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationCommand.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface NullOperationCommand extends SLCommand { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationResult.java new file mode 100644 index 00000000..c36c879e --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/NullOperationResult.java @@ -0,0 +1,20 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface NullOperationResult extends SLResult { +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommand.java new file mode 100644 index 00000000..a8625946 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommand.java @@ -0,0 +1,31 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import at.gv.egiz.bku.slexceptions.SLCommandException; + +public interface SLCommand { + + public final String NAMESPACE_URI = "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; + + public String getName(); + + public void init(SLCommandContext aCtx, Object aUnmarshalledRequest) throws SLCommandException; + + public SLResult execute(); + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandContext.java new file mode 100644 index 00000000..c95736bd --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandContext.java @@ -0,0 +1,42 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; +import at.gv.egiz.stal.STAL; + +public class SLCommandContext { + + private STAL stal; + private URLDereferencerContext urlDerefCtx; + + public void setSTAL(STAL aStal) { + this.stal = aStal; + } + + public void setURLDereferencerContext(URLDereferencerContext aCtx) { + this.urlDerefCtx = aCtx; + } + + public STAL getSTAL() { + return stal; + } + + public URLDereferencerContext getURLDereferencerContext() { + return urlDerefCtx; + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java new file mode 100644 index 00000000..e13b29a1 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -0,0 +1,370 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import java.io.IOException; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.XMLConstants; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.UnmarshalException; +import javax.xml.bind.Unmarshaller; +import javax.xml.namespace.QName; +import javax.xml.stream.XMLEventReader; +import javax.xml.stream.XMLInputFactory; +import javax.xml.stream.XMLStreamException; +import javax.xml.transform.Source; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +import at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl; +import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl; +import at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.slbinding.RedirectEventFilter; +import at.gv.egiz.slbinding.RedirectUnmarshallerListener; + +public class SLCommandFactory { + + /** + * Schema files required for Security Layer command validation. + */ + public static final String[] SCHEMA_FILES = new String[]{ + "at/gv/egiz/bku/slcommands/schema/xml.xsd", + "at/gv/egiz/bku/slcommands/schema/xmldsig-core-schema.xsd", + "at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd" + }; + /** + * Logging facility. + */ + static Log log = LogFactory.getLog(SLCommandFactory.class); + /** + * The instance returned by {@link #getInstance()}. + */ + private static SLCommandFactory instance; + /** + * Schema for Security Layer command validation. + */ + private static Schema slSchema; + /** + * The JAXBContext. + */ + private static JAXBContext jaxbContext; + /** + * The map of : to implementation class of the + * corresponding {@link SLCommand}. + */ + private static Map> slRequestTypeMap = new HashMap>(); + + + static { + + // TODO: implement dynamic registration + + // register all known implementation classes + putImplClass(SLCommand.NAMESPACE_URI, "NullOperationRequest", + NullOperationCommandImpl.class); + putImplClass(SLCommand.NAMESPACE_URI, "InfoboxReadRequest", + InfoboxReadCommandImpl.class); + putImplClass(SLCommand.NAMESPACE_URI, "CreateXMLSignatureRequest", + CreateXMLSignatureCommandImpl.class); + } + + /** + * Register an {@link SLCommand} implementation class of a Security Layer + * command with the given namespaceUri and localname + * . + * + * @param namespaceUri + * the namespace URI of the Security Layer command + * @param localname + * the localname of the Security Layer command + * @param slCommandClass + * the implementation class, or null to deregister a + * currently registered class + */ + public static void putImplClass(String namespaceUri, String localname, + Class slCommandClass) { + if (slCommandClass != null) { + slRequestTypeMap.put(namespaceUri + ":" + localname, slCommandClass); + } else { + slRequestTypeMap.remove(namespaceUri + ":" + localname); + } + } + + /** + * Returns the implementation class of an {@link SLCommand} with the given + * name, or null if no such class is registered. + * + * @param name + * the QName of the Security Layer command + * @return the implementation class, or null if no class is + * registered for the given name + */ + public static Class getImplClass(QName name) { + String namespaceURI = name.getNamespaceURI(); + String localPart = name.getLocalPart(); + return slRequestTypeMap.get(namespaceURI + ":" + localPart); + } + + /** + * Sets the schema to validate Security Layer commands with. + * + * @param slSchema the schema to validate Security Layer commands with + */ + public static void setSLSchema(Schema slSchema) { + SLCommandFactory.slSchema = slSchema; + } + + /** + * @return the jaxbContext + */ + public static JAXBContext getJaxbContext() { + ensureJaxbContext(); + return jaxbContext; + } + + /** + * @param jaxbContext the jaxbContext to set + */ + public static void setJaxbContext(JAXBContext jaxbContext) { + SLCommandFactory.jaxbContext = jaxbContext; + } + + /** + * Initialize the JAXBContext. + */ + private synchronized static void ensureJaxbContext() { + if (jaxbContext == null) { + try { + String slPkg = at.buergerkarte.namespaces.securitylayer._1.ObjectFactory.class.getPackage().getName(); + String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); + setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg)); + } catch (JAXBException e) { + log.error("Failed to setup JAXBContext security layer request.", e); + throw new SLRuntimeException(e); + } + } + } + + /** + * Initialize the security layer schema. + */ + private synchronized static void ensureSchema() { + if (slSchema == null) { + try { + SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); + ClassLoader cl = SLCommandFactory.class.getClassLoader(); + Source[] sources = new Source[SCHEMA_FILES.length]; + for (int i = 0; i < SCHEMA_FILES.length; i++) { + String schemaFile = SCHEMA_FILES[i]; + URL schemaURL = cl.getResource(schemaFile); + if (schemaURL == null) { + throw new SLRuntimeException("Failed to load schema file " + schemaFile + "."); + } + log.debug("Schema location: " + schemaURL); + sources[i] = new StreamSource(schemaURL.openStream()); + } + Schema schema = schemaFactory.newSchema(sources); + log.debug("Schema successfully created."); + SLCommandFactory.setSLSchema(schema); + } catch (SAXException e) { + log.error("Failed to load security layer schema.", e); + throw new SLRuntimeException("Failed to load security layer schema.", e); + } catch (IOException e) { + log.error("Failed to load security layer schema.", e); + throw new SLRuntimeException("Failed to load security layer schema.", e); + } + + } + } + + /** + * Get an instance of the SLCommandFactory. + */ + public synchronized static SLCommandFactory getInstance() { + if (instance == null) { + ensureJaxbContext(); + ensureSchema(); + instance = new SLCommandFactory(); + } + return instance; + } + + /** + * Private constructor used by {@link #getInstance()}. + */ + private SLCommandFactory() { + } + + /** + * Unmarshalls from the given source. + * + * @see Unmarshaller#unmarshal(Source) + * + * Note:Could replace JAXB's unmarshal-time validation engine (see commented code), however, + * we need a redirect filter. + * + * @param source + * the source to unmarshal from + * @return the object returned by {@link Unmarshaller#unmarshal(Source)} + * @throws SLRequestException + * if unmarshalling fails + * @throws SLRuntimeException + * if an unexpected error occurs configuring the unmarshaller or if + * unmarshalling fails with an unexpected error + */ + protected Object unmarshal(Source source) throws SLRuntimeException, + SLRequestException { + + Object object; + try { + +// ValidatorHandler validator = slSchema.newValidatorHandler(); +// validator.getContentHandler(); +// +// SAXParserFactory spf = SAXParserFactory.newInstance(); +// spf.setNamespaceAware(true); +// XMLReader saxReader = spf.newSAXParser().getXMLReader(); +// //TODO extend validator to implement redirectContentHandler (validate+redirect) +// saxReader.setContentHandler(validator); +// //TODO get a InputSource +// SAXSource saxSource = new SAXSource(saxReader, source); +// +// Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); +// //turn off duplicate jaxb validation +// unmarshaller.setSchema(null); +// unmarshaller.setListener(listener); +// unmarshaller.unmarshal(saxSource); + + + XMLInputFactory inputFactory = XMLInputFactory.newInstance(); + XMLEventReader eventReader = inputFactory.createXMLEventReader(source); + RedirectEventFilter redirectEventFilter = new RedirectEventFilter(); + XMLEventReader filteredReader = inputFactory.createFilteredReader(eventReader, redirectEventFilter); + + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + unmarshaller.setListener(new RedirectUnmarshallerListener(redirectEventFilter)); + if (slSchema != null) { + unmarshaller.setSchema(slSchema); + } + log.trace("Before unmarshal()."); + object = unmarshaller.unmarshal(filteredReader); + log.trace("After unmarshal()."); + } catch (UnmarshalException e) { + if (log.isDebugEnabled()) { + log.debug("Failed to unmarshall security layer request.", e); + } else { + log.info("Failed to unmarshall security layer request." + e.getMessage()); + } + Throwable cause = e.getCause(); + if (cause instanceof SAXParseException) { + throw new SLRequestException(3000, + SLExceptionMessages.EC3000_UNCLASSIFIED, new Object[]{cause.getMessage()}); + } else { + throw new SLRequestException(3000, + SLExceptionMessages.EC3000_UNCLASSIFIED, new Object[]{e}); + } + } catch (JAXBException e) { + // unexpected error + log.error("Failed to unmarshall security layer request.", e); + throw new SLRuntimeException(e); + } catch (XMLStreamException e) { + // unexpected error + log.error("Failed to unmarshall security layer request.", e); + throw new SLRuntimeException(e); + } + + return object; + + } + + /** + * Creates a new SLCommand from the given source and + * context. + * + * @param source + * the Source to unmarshall from + * @param context + * the context for the created SLCommand + * @return the SLCommand unmarshalled from the given + * source + * @throws SLRequestException + * if unmarshalling fails + * @throws SLCommandException + * if command ist not supported + * @throws SLRuntimeException + * if an unexpected error occurs configuring the unmarshaller, if + * unmarshalling fails with an unexpected error or if the + * corresponding SLCommand could not be instantiated + */ + @SuppressWarnings("unchecked") + public SLCommand createSLCommand(Source source, SLCommandContext context) + throws SLCommandException, SLRuntimeException, SLRequestException { + + Object object = unmarshal(source); + if (!(object instanceof JAXBElement)) { + // invalid request + log.info("Invalid security layer request. " + object.toString()); + throw new SLRequestException(3002, SLExceptionMessages.EC3002_INVALID, + new Object[]{object.toString()}); + } + + QName qName = ((JAXBElement) object).getName(); + Class implClass = getImplClass(qName); + if (implClass == null) { + // command not supported + log.info("Unsupported command received: " + qName.toString()); + throw new SLCommandException(4011, + SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()}); + } + + // try to instantiate + SLCommand slCommand; + try { + slCommand = implClass.newInstance(); + log.debug("SLCommand " + slCommand.getName() + " created."); + } catch (InstantiationException e) { + // unexpected error + log.error("Failed to instantiate security layer command implementation.", + e); + throw new SLRuntimeException(e); + } catch (IllegalAccessException e) { + // unexpected error + log.error("Failed to instantiate security layer command implementation.", + e); + throw new SLRuntimeException(e); + } + slCommand.init(context, (JAXBElement) object); + + return slCommand; + + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java new file mode 100644 index 00000000..30c6b68f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java @@ -0,0 +1,45 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import at.gv.egiz.bku.slexceptions.SLCanceledException; + +public interface SLCommandInvoker { + + /** + * + * @param aContext + * @throws SLCanceledException if the security management prevents execution of this command + */ + public void invoke(SLSourceContext aContext) throws SLCanceledException; + + /** + * + * @param aContext + * @return + * @throws SLCanceledException if the security management prevents execution of this command + */ + public SLResult getResult(SLTargetContext aContext) throws SLCanceledException; + + public void setCommand(at.gv.egiz.bku.slcommands.SLCommand aCmd); + + /** + * Prototype creation + * @return + */ + public SLCommandInvoker newInstance(); +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java new file mode 100644 index 00000000..7cf43fda --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java @@ -0,0 +1,44 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; + +public interface SLResult { + + public static enum SLResultType {BINARY, XML}; + + public SLResultType getResultType(); + + /** + * The MIME Type of the Result. + * + * @return may result null if unknown. + */ + public String getMimeType(); + + public void writeTo(Result aResult); + + /** + * + * @param result + * @param transformer may be null. + */ + public void writeTo(Result result, Transformer transformer) throws TransformerException; +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java new file mode 100644 index 00000000..ded55b2a --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java @@ -0,0 +1,63 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import java.security.cert.X509Certificate; + +import at.gv.egiz.bku.utils.binding.Protocol; + + +public class SLSourceContext { + + private Protocol sourceProtocol; + private boolean sourceIsDataURL; + private X509Certificate sourceCertificate; + private String sourceHTTPReferer; + + public Protocol getSourceProtocol() { + return sourceProtocol; + } + + public void setSourceProtocol(Protocol sourceProtocol) { + this.sourceProtocol = sourceProtocol; + } + + public boolean isSourceIsDataURL() { + return sourceIsDataURL; + } + + public void setSourceIsDataURL(boolean sourceIsDataURL) { + this.sourceIsDataURL = sourceIsDataURL; + } + + public X509Certificate getSourceCertificate() { + return sourceCertificate; + } + + public void setSourceCertificate(X509Certificate sourceCertificate) { + this.sourceCertificate = sourceCertificate; + } + + public String getSourceHTTPReferer() { + return sourceHTTPReferer; + } + + public void setSourceHTTPReferer(String sourceHTTPReferer) { + this.sourceHTTPReferer = sourceHTTPReferer; + } + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java new file mode 100644 index 00000000..cf800406 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java @@ -0,0 +1,50 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import java.security.cert.X509Certificate; + +public class SLTargetContext { + private String targetProtocol; + private boolean targetIsDataURL; + private X509Certificate targetCertificate; + + public String getTargetProtocol() { + return targetProtocol; + } + + public void setTargetProtocol(String targetProtocol) { + this.targetProtocol = targetProtocol; + } + + public boolean isTargetIsDataURL() { + return targetIsDataURL; + } + + public void setTargetIsDataURL(boolean targetIsDataURL) { + this.targetIsDataURL = targetIsDataURL; + } + + public X509Certificate getTargetCertificate() { + return targetCertificate; + } + + public void setTargetCertificate(X509Certificate targetCertificate) { + this.targetCertificate = targetCertificate; + } + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java new file mode 100644 index 00000000..136fa6f3 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java @@ -0,0 +1,229 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayInputStream; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Collections; +import java.util.Date; + +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.dsig.XMLSignatureException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.ls.DOMImplementationLS; +import org.w3c.dom.ls.LSSerializer; + +import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureRequestType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; +import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory; +import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl; +import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory; +import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl; +import at.gv.egiz.bku.slcommands.impl.xsect.Signature; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.dom.DOMUtils; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +/** + * This class implements the security layer command CreateXMLSignatureRequest. + * + * @author mcentner + */ +public class CreateXMLSignatureCommandImpl extends SLCommandImpl implements + CreateXMLSignatureCommand { + + /** + * Logging facility. + */ + protected static Log log = LogFactory.getLog(CreateXMLSignatureCommandImpl.class); + + /** + * The signing certificate. + */ + protected X509Certificate signingCertificate; + + /** + * The keybox identifier of the key used for signing. + */ + protected String keyboxIdentifier; + + /** + * The to-be signed signature. + */ + protected Signature signature; + + @Override + public void init(SLCommandContext ctx, Object unmarshalledRequest) + throws SLCommandException { + super.init(ctx, unmarshalledRequest); + } + + @Override + public void prepareXMLSignature() throws SLCommandException, SLRequestException { + + CreateXMLSignatureRequestType request = getRequestValue(); + + // TODO: make configurable? + IdValueFactory idValueFactory = new IdValueFactoryImpl(); + + // TODO: make configurable? + AlgorithmMethodFactory algorithmMethodFactory; + try { + algorithmMethodFactory = new AlgorithmMethodFactoryImpl(signingCertificate); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } + + signature = new Signature(getCmdCtx().getURLDereferencerContext(), idValueFactory, algorithmMethodFactory); + + // SigningTime + signature.setSigningTime(new Date()); + + // SigningCertificate + signature.setSignerCeritifcate(signingCertificate); + + // SignatureInfo + if (request.getSignatureInfo() != null) { + signature.setSignatureInfo(request.getSignatureInfo()); + } + + // DataObjects + for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) { + signature.addDataObject(dataObjectInfo); + } + + signature.buildXMLSignature(); + + } + + /** + * Gets the signing certificate from STAL. + * + * @throws SLCommandException + * if getting the singing certificate fails + */ + private void getSigningCertificate() throws SLCommandException { + + CreateXMLSignatureRequestType request = getRequestValue(); + keyboxIdentifier = request.getKeyboxIdentifier(); + + InfoboxReadRequest stalRequest = new InfoboxReadRequest(); + stalRequest.setInfoboxIdentifier(keyboxIdentifier); + + requestSTAL(Collections.singletonList((STALRequest) stalRequest)); + + STALResponse stalResponse = stalResponses.next(); + + if (stalResponse instanceof InfoboxReadResponse) { + byte[] infobox = ((InfoboxReadResponse) stalResponse).getInfoboxValue(); + + try { + CertificateFactory certFactory = CertificateFactory.getInstance("X509"); + signingCertificate = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(infobox)); + } catch (CertificateException e) { + log.info("Failed to decode signing certificate.", e); + // TODO: issue appropriate error + throw new SLCommandException(4000); + } + + } else { + log.info("Failed to get signing certificate."); + // TODO: issue appropriate error + throw new SLCommandException(4000); + } + + } + + /** + * Signs the signature. + * + * @throws SLCommandException + * if signing the signature fails + */ + private void signXMLSignature() throws SLCommandException { + + try { + signature.sign(getCmdCtx().getSTAL(), keyboxIdentifier); + } catch (MarshalException e) { + log.error("Failed to marshall XMLSignature.", e); + throw new SLCommandException(4000); + } catch (XMLSignatureException e) { + if (e.getCause() instanceof URIReferenceException) { + URIReferenceException uriReferenceException = (URIReferenceException) e.getCause(); + if (uriReferenceException.getCause() instanceof SLCommandException) { + throw (SLCommandException) uriReferenceException.getCause(); + } + } + log.error("Failed to sign XMLSignature.", e); + throw new SLCommandException(4000); + } + + } + + @Override + public SLResult execute() { + try { + + // get certificate in order to select appropriate algorithms for hashing and signing + getSigningCertificate(); + + // prepare the XMLSignature for signing + prepareXMLSignature(); + + // sign the XMLSignature + signXMLSignature(); + + if (log.isTraceEnabled()) { + + DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS(); + LSSerializer serializer = domImplLS.createLSSerializer(); + String debugString = serializer.writeToString(signature.getDocument()); + + log.trace(debugString); + + } + + return new CreateXMLSignatureResultImpl(signature.getDocument()); + + } catch (SLCommandException e) { + return new ErrorResultImpl(e); + } catch (SLRequestException e) { + return new ErrorResultImpl(e); + } + } + + @Override + public String getName() { + return "CreateXMLSignatureRequest"; + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java new file mode 100644 index 00000000..d2d2e678 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java @@ -0,0 +1,138 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * This calls implements the result of the security layer command CreateXMLSignature. + * + * @author mcentner + */ +public class CreateXMLSignatureResultImpl extends SLResultImpl { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(CreateXMLSignatureResultImpl.class); + + /** + * The document containing the XMLSignature. + */ + protected Document doc; + + /** + * Creates a new instance of this CreateXMLSignatureResultImpl with the given + * signature document. + * + * @param document the signature document + * + * @throws NullPointerException if document is null + */ + public CreateXMLSignatureResultImpl(Document document) { + super(); + + if (document == null) { + throw new NullPointerException("Argument 'document' must not be null."); + } + + this.doc = document; + + marshallCreateXMLSignatureResponse(); + } + + /** + * Marshalls the CreateXMLSignatureResponse. + */ + private void marshallCreateXMLSignatureResponse() { + + ObjectFactory factory = new ObjectFactory(); + + CreateXMLSignatureResponseType createCreateXMLSignatureResponseType = factory.createCreateXMLSignatureResponseType(); + JAXBElement createCreateXMLSignatureResponse = factory.createCreateXMLSignatureResponse(createCreateXMLSignatureResponseType); + + DocumentFragment fragment = doc.createDocumentFragment(); + + JAXBContext jaxbContext = SLCommandFactory.getJaxbContext(); + try { + Marshaller marshaller = jaxbContext.createMarshaller(); + marshaller.marshal(createCreateXMLSignatureResponse, fragment); + } catch (JAXBException e) { + log.error("Failed to marshall 'CreateXMLSignatureResponse'", e); + throw new SLRuntimeException(e); + } + + Node child = fragment.getFirstChild(); + if (child instanceof Element) { + Node node = doc.replaceChild(child, doc.getDocumentElement()); + child.appendChild(node); + } + + } + + @Override + public void writeTo(Result result) { + + try { + writeTo(result, null); + } catch (TransformerException e) { + log.error(e); + } + + } + + /* (non-Javadoc) + * @see at.gv.egiz.bku.slcommands.impl.SLResultImpl#writeTo(javax.xml.transform.Result, javax.xml.transform.Transformer) + */ + @Override + public void writeTo(Result result, Transformer transformer) throws TransformerException { + + if (transformer == null) { + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + try { + transformer = transformerFactory.newTransformer(); + } catch (TransformerConfigurationException e) { + log.error("Failed to create Transformer.", e); + throw new SLRuntimeException(e); + } + } + transformer.transform(new DOMSource(doc), result); + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java new file mode 100644 index 00000000..555f83bd --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java @@ -0,0 +1,60 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.ErrorResult; +import at.gv.egiz.bku.slexceptions.SLException; + +import javax.xml.transform.Result; + +/** + * This class implements the security layer result ErrorResponse. + * + * @author mcentner + */ +public class ErrorResultImpl extends SLResultImpl implements ErrorResult { + + /** + * The exception containing information provided in the ErrorResponse. + */ + protected SLException slException; + + /** + * Creates a new instance of this ErrorResultImpl with the given + * slException containing information provided in the + * ErrorResponse. + * + * @param slException the exception + */ + public ErrorResultImpl(SLException slException) { + this.slException = slException; + } + + @Override + public void writeTo(Result result) { + + ObjectFactory factory = new ObjectFactory(); + ErrorResponseType responseType = factory.createErrorResponseType(); + responseType.setErrorCode(slException.getErrorCode()); + responseType.setInfo(slException.getDetailedMsg()); + + writeTo(factory.createErrorResponse(responseType), result); + + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java new file mode 100644 index 00000000..93131cf4 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -0,0 +1,409 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; + +import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; +import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadCommand; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.idlink.CompressedIdentityLinkFactory; +import at.gv.egiz.idlink.IdentityLinkTransformer; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STALRequest; + +/** + * This class implements the security layer command + * InfoboxReadRequest. + *

+ * NOTE: Currently the only supported infobox identifier is ' + * IdentityLink'. + *

+ * + * @author mcentner + */ +public class InfoboxReadCommandImpl extends SLCommandImpl implements + InfoboxReadCommand { + + /** + * Logging facility. + */ + protected static Log log = LogFactory.getLog(InfoboxReadCommandImpl.class); + + public static final String INFOBOX_IDENTIFIER_CERTIFICATES = "Certificates"; + + public static final String BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER = "IdentityLinkDomainIdentifier"; + + public static final String INFOBOX_IDENTIFIER_IDENTITY_LINK = "IdentityLink"; + + /** + * The InfoboxIdentifier + */ + protected String infoboxIdentifier; + + /** + * The IdentityLinkDomainIdentifier value of an IdentyLink infobox. + */ + protected String identityLinkDomainIdentifier; + + /** + * Is content XML entity? + */ + protected boolean isXMLEntity; + + @Override + public String getName() { + return "InfoboxReadRequest"; + } + + /** + * @return the infoboxIdentifier + */ + public String getInfoboxIdentifier() { + return infoboxIdentifier; + } + + @Override + public void init(SLCommandContext ctx, Object request) throws SLCommandException { + super.init(ctx, request); + + InfoboxReadRequestType req = getRequestValue(); + + infoboxIdentifier = req.getInfoboxIdentifier(); + + InfoboxReadParamsBinaryFileType binaryFileParameters = req.getBinaryFileParameters(); + if (binaryFileParameters != null) { + isXMLEntity = binaryFileParameters.isContentIsXMLEntity(); + log.debug("Got ContentIsXMLEntity=" + isXMLEntity + "."); + } + + if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) { + + if (req.getAssocArrayParameters() != null) { + log.info("Got AssocArrayParameters but Infobox type is BinaryFile."); + throw new SLCommandException(4010); + } + + + AnyChildrenType boxSpecificParameters = req.getBoxSpecificParameters(); + + if (boxSpecificParameters != null) { + // check BoxSpecificParameters + List parameter = boxSpecificParameters.getAny(); + JAXBElement element; + if (parameter != null + && parameter.size() == 1 + && parameter.get(0) instanceof JAXBElement + && SLCommand.NAMESPACE_URI.equals((element = (JAXBElement) parameter.get(0)).getName().getNamespaceURI()) + && BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER.equals(element.getName().getLocalPart()) + && element.getValue() instanceof String) { + identityLinkDomainIdentifier = (String) element.getValue(); + log.debug("Got sl:IdentityLinkDomainIdentifier: " + identityLinkDomainIdentifier); + } else { + log.info("Got invalid BoxSpecificParameters."); + throw new SLCommandException(4010); + } + } + + } else { + throw new SLCommandException(4002, + SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, + new Object[] { infoboxIdentifier }); + } + + } + + @Override + public SLResult execute() { + try { + return readIdentityLink(); + } catch (SLCommandException e) { + return new ErrorResultImpl(e); + } + } + + /** + * Gets the IdentitiyLink form the next STAL response. + * + * @return the IdentityLink + * + * @throws SLCommandException if getting the IdentitiyLink fails + */ + private IdentityLink getIdentityLinkFromResponses() throws SLCommandException { + + // IdentityLink + InfoboxReadResponse response; + if (hasNextResponse()) { + response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); + byte[] idLink = response.getInfoboxValue(); + try { + return new IdentityLink(DerCoder.decode(idLink)); + } catch (CodingException e) { + log.info("Failed to decode infobox '" + INFOBOX_IDENTIFIER_IDENTITY_LINK + "'.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK }); + } + } else { + log.info("No infobox '" + INFOBOX_IDENTIFIER_IDENTITY_LINK + "' returned from STAL."); + throw new SLCommandException(4000); + } + + } + + /** + * Gets the list of certificates from the next STAL responses. + * + * @return the list of certificates + * + * @throws SLCommandException if getting the list of certificates fails + */ + private List getCertificatesFromResponses() throws SLCommandException { + + List certificates = new ArrayList(); + + CertificateFactory certFactory; + try { + certFactory = CertificateFactory.getInstance("X509"); + } catch (CertificateException e) { + // we should always be able to get an X509 certificate factory + log.error("CertificateFactory.getInstance(\"X509\") failed.", e); + throw new SLRuntimeException(e); + } + + InfoboxReadResponse response; + while(hasNextResponse()) { + response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); + byte[] cert = response.getInfoboxValue(); + try { + certificates.add((X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(cert))); + } catch (CertificateException e) { + log.info("Failed to decode certificate.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { INFOBOX_IDENTIFIER_CERTIFICATES }); + } + } + + return certificates; + + } + + /** + * Uses STAL to read the IdentityLink. + * + * @return the corresponding security layer result + * + * @throws SLCommandException if reading the IdentityLink fails + */ + private SLResult readIdentityLink() throws SLCommandException { + + List stalRequests = new ArrayList(); + + InfoboxReadRequest infoboxReadRequest; + // get raw identity link + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(INFOBOX_IDENTIFIER_IDENTITY_LINK); + infoboxReadRequest.setDomainIdentifier(identityLinkDomainIdentifier); + stalRequests.add(infoboxReadRequest); + + // get certificates + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier("SecureSignatureKeypair"); + stalRequests.add(infoboxReadRequest); + + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier("CertifiedKeypair"); + stalRequests.add(infoboxReadRequest); + + requestSTAL(stalRequests); + + IdentityLink identityLink = getIdentityLinkFromResponses(); + List certificates = getCertificatesFromResponses(); + + + CompressedIdentityLinkFactory idLinkFactory = CompressedIdentityLinkFactory.getInstance(); + JAXBElement compressedIdentityLink = idLinkFactory + .createCompressedIdentityLink(identityLink, certificates, identityLinkDomainIdentifier); + + IdentityLinkTransformer identityLinkTransformer = IdentityLinkTransformer.getInstance(); + String issuerTemplate = identityLink.getIssuerTemplate(); + + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + DocumentBuilder db; + try { + db = dbf.newDocumentBuilder(); + } catch (ParserConfigurationException e) { + log.error("Failed to create XML document.", e); + throw new SLRuntimeException(e); + } + + Document document = db.newDocument(); + try { + idLinkFactory.marshallCompressedIdentityLink(compressedIdentityLink, document, null, true); + } catch (JAXBException e) { + log.info("Failed to marshall CompressedIdentityLink.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK }); + } + + InfoboxReadResultImpl result = new InfoboxReadResultImpl(); + ByteArrayOutputStream resultBytes = null; + Result xmlResult = (isXMLEntity || identityLinkDomainIdentifier != null) + ? result.getXmlResult(true) + : new StreamResult((resultBytes = new ByteArrayOutputStream())); + try { + identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult); + } catch (IOException e) { + // we should not get an IOException as we are writing into a DOMResult + throw new SLRuntimeException(e); + } catch (TransformerException e) { + log.info("Faild to transform CompressedIdentityLink.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + + // TODO: Report BUG in IssuerTemplates + // Some IssuerTemplate stylesheets do not consider the pr:Type-Element of the CompressedIdentityLink ... + if (identityLinkDomainIdentifier != null) { + if (xmlResult instanceof DOMResult) { + Node node = ((DOMResult) xmlResult).getNode(); + Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); + Node idLinkNode; + if (nextSibling != null) { + idLinkNode = nextSibling.getPreviousSibling(); + } else if (node != null) { + idLinkNode = node.getFirstChild(); + } else { + log + .error("An IdentityLinkDomainIdentifier of '" + + identityLinkDomainIdentifier + + "' has been given. However, it cannot be set, as the transformation result does not contain a node."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + IdentityLinkTransformer.setDomainIdentifier(idLinkNode, identityLinkDomainIdentifier); + } else { + log + .error("An IdentityLinkDomainIdentifier of '" + + identityLinkDomainIdentifier + + "' has been given. However, it cannot be set, as the transformation result is not of type DOM."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } + + if (!isXMLEntity) { + if (resultBytes == null) { + resultBytes = new ByteArrayOutputStream(); + + if (xmlResult instanceof DOMResult) { + Node node = ((DOMResult) xmlResult).getNode(); + Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); + + DOMSource xmlSource; + if (nextSibling != null) { + xmlSource = new DOMSource(nextSibling.getPreviousSibling()); + } else if (node != null) { + xmlSource = new DOMSource(node.getFirstChild()); + } else { + log + .error("IssuerTemplate transformation returned no node."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + try { + Transformer transformer = transformerFactory.newTransformer(); + transformer.transform(xmlSource, new StreamResult(resultBytes)); + } catch (TransformerConfigurationException e) { + log.error(e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerException e) { + log.error(e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } else if (xmlResult instanceof StreamResult) { + OutputStream outputStream = ((StreamResult) xmlResult).getOutputStream(); + if (outputStream instanceof ByteArrayOutputStream) { + result.setResultBytes(((ByteArrayOutputStream) outputStream).toByteArray()); + } else { + log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } + } else { + result.setResultBytes(resultBytes.toByteArray()); + } + } + + + return result; + + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java new file mode 100644 index 00000000..6f07338f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java @@ -0,0 +1,171 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.dom.DOMSource; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; + +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * This class implements the result of the security layer command InfoboxReadRequest. + * + * @author mcentner + */ +public class InfoboxReadResultImpl extends SLResultImpl implements + InfoboxReadResult { + + /** + * Logging facility. + */ + protected static Log log = LogFactory.getLog(InfoboxReadResultImpl.class); + + /** + * The XML document containing the infobox content. + */ + Document xmlDocument; + + /** + * Creates the response document from the given binaryContent. + * + * @param binaryContent the infobox content + * @param preserveSpace the value of the preserveSpace parameter + * + * @return the created response document + */ + private Document createResponseDocument(byte[] binaryContent, boolean preserveSpace) { + + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + Document doc; + try { + doc = dbf.newDocumentBuilder().newDocument(); + } catch (ParserConfigurationException e) { + // it should always be possible to create a new Document + log.error("Failed to create XML document.", e); + throw new SLRuntimeException(e); + } + + ObjectFactory factory = new ObjectFactory(); + + Base64XMLContentType base64XMLContentType = factory.createBase64XMLContentType(); + if (binaryContent == null) { + XMLContentType xmlContentType = factory.createXMLContentType(); + if (preserveSpace) { + xmlContentType.setSpace("preserve"); + } + base64XMLContentType.setXMLContent(xmlContentType); + } else { + base64XMLContentType.setBase64Content(binaryContent); + } + InfoboxReadResponseType infoboxReadResponseType = factory.createInfoboxReadResponseType(); + infoboxReadResponseType.setBinaryFileData(base64XMLContentType); + + JAXBElement infoboxReadResponse = factory.createInfoboxReadResponse(infoboxReadResponseType); + + JAXBContext context = SLCommandFactory.getJaxbContext(); + try { + Marshaller marshaller = context.createMarshaller(); + marshaller.marshal(infoboxReadResponse, doc); + } catch (JAXBException e) { + log.error("Failed to marshal 'InfoboxReadResponse' document.", e); + throw new SLRuntimeException(e); + } + + return doc; + + } + + + /** + * @return an XMLResult for marshalling the infobox to + */ + Result getXmlResult(boolean preserveSpace) { + + xmlDocument = createResponseDocument(null, preserveSpace); + + NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); + return new DOMResult(nodeList.item(0)); + + } + + /** + * Creates a new result document for this InfoboxReadResult + * and sets the given resultBytes as content. + * + * @param resultBytes + */ + void setResultBytes(byte[] resultBytes) { + + xmlDocument = createResponseDocument(resultBytes, false); + + } + + @Override + public void writeTo(Result result) { + + try { + writeTo(result, null); + } catch (TransformerException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } + + /* (non-Javadoc) + * @see at.gv.egiz.bku.slcommands.impl.SLResultImpl#writeTo(javax.xml.transform.Result, javax.xml.transform.Transformer) + */ + @Override + public void writeTo(Result result, Transformer transformer) throws TransformerException { + + if (transformer == null) { + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + try { + transformer = transformerFactory.newTransformer(); + } catch (TransformerConfigurationException e) { + log.error("Failed to create Transformer.", e); + throw new SLRuntimeException(e); + } + } + transformer.transform(new DOMSource(xmlDocument), result); + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationCommandImpl.java new file mode 100644 index 00000000..1b6fb237 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationCommandImpl.java @@ -0,0 +1,43 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import at.buergerkarte.namespaces.securitylayer._1.NullOperationRequestType; +import at.gv.egiz.bku.slcommands.NullOperationCommand; +import at.gv.egiz.bku.slcommands.NullOperationResult; +import at.gv.egiz.bku.slcommands.SLResult; + +/** + * This class implements the security layer command NullOperation. + * + * @author mcentner + */ +public class NullOperationCommandImpl extends SLCommandImpl implements NullOperationCommand { + + protected static NullOperationResult RESULT = new NullOperationResultImpl(); + + @Override + public SLResult execute() { + return RESULT; + } + + @Override + public String getName() { + return "NullOperationRequest"; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java new file mode 100644 index 00000000..ae1f91ce --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java @@ -0,0 +1,47 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBElement; +import javax.xml.transform.Result; + +import at.buergerkarte.namespaces.securitylayer._1.NullOperationResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.NullOperationResult; + +/** + * This class represents the result of the security layer command + * NullOperation. + * + * @author mcentner + */ +public class NullOperationResultImpl extends SLResultImpl implements NullOperationResult { + + protected static JAXBElement RESPONSE; + + static { + ObjectFactory factory = new ObjectFactory(); + NullOperationResponseType type = factory.createNullOperationResponseType(); + RESPONSE = factory.createNullOperationResponse(type); + } + + @Override + public void writeTo(Result result) { + writeTo(RESPONSE, result); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java new file mode 100644 index 00000000..9a3a2984 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java @@ -0,0 +1,162 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.util.Iterator; +import java.util.List; +import java.util.NoSuchElementException; + +import javax.xml.bind.JAXBElement; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +/** + * This class serves as abstract base class for the implementation of a security + * layer command. + * + * @author mcentner + * + * @param + * the type of the corresponding request value + */ +public abstract class SLCommandImpl implements SLCommand { + + /** + * The SLCommandContext for this SLCommand. + */ + protected SLCommandContext cmdCtx; + + /** + * The request element of this command. + */ + protected JAXBElement request; + + /** + * An iterator over the STALResponses received in + * {@link SLCommandImpl#requestSTAL(List)}. + */ + protected Iterator stalResponses; + + @SuppressWarnings("unchecked") + @Override + public void init(SLCommandContext ctx, Object request) + throws SLCommandException { + + this.request = (JAXBElement) request; + + this.cmdCtx = ctx; + assert this.cmdCtx != null; + + } + + /** + * Returns the request value. + * + * It is a convenience method for request.getValue(). + * + * @see JAXBElement#getValue() + * @return the request value + */ + protected T getRequestValue() { + return request.getValue(); + } + + /** + * @return the corresponding SLCommandContext + */ + protected SLCommandContext getCmdCtx() { + return cmdCtx; + } + + /** + * Calls {@link STAL#handleRequest(List)} with the given + * stalRequests. + * + * @param stalRequests + * @throws SLCommandException + */ + protected void requestSTAL(List stalRequests) throws SLCommandException { + List responses = cmdCtx.getSTAL().handleRequest(stalRequests); + if (responses == null) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received no responses from STAL."); + throw new SLCommandException(4000); + } else if (responses.size() != stalRequests.size()) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received invalid count of responses from STAL. Expected " + + stalRequests.size() + ", but got " + responses.size() + "."); + // throw new SLCommandException(4000); + } + stalResponses = responses.iterator(); + } + + /** + * @return true if there are more {@link STALResponse}s to be + * fetched with {@link #nextResponse(Class)}, or false + * otherwise. + */ + protected boolean hasNextResponse() { + return (stalResponses != null) ? stalResponses.hasNext() : false; + } + + /** + * Returns the next response of type responseClass that has been + * received by {@link #requestSTAL(List)}. + * + * @param responseClass + * the response must be an instance of + * @return the next response of type responseClass + * + * @throws NoSuchElementException + * if there is no more response + * @throws SLCommandException + * if the next response is of type {@link ErrorResponse} or not of + * type responseClass + */ + protected STALResponse nextResponse( + Class responseClass) throws SLCommandException { + + if (stalResponses == null) { + throw new NoSuchElementException(); + } + + STALResponse response = stalResponses.next(); + + if (response instanceof ErrorResponse) { + throw new SLCommandException(((ErrorResponse) response).getErrorCode()); + } + + if (!(responseClass.isAssignableFrom(response.getClass()))) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received " + response.getClass() + " from STAL but expected " + + responseClass); + throw new SLCommandException(4000); + } + + return response; + + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java new file mode 100644 index 00000000..a79382b6 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java @@ -0,0 +1,117 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLResult; + +/** + * This class serves as an abstract base class for the implementation of a + * security layer result. + * + * @author mcentner + */ +public abstract class SLResultImpl implements SLResult { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(SLResult.class); + + /** + * The security layer result type (default = XML). + */ + protected SLResultType resultType = SLResultType.XML; + + /** + * The security layer result MIME-type (default = text/xml). + */ + protected String resultingMimeType = "text/xml"; + + /* (non-Javadoc) + * @see at.gv.egiz.bku.slcommands.SLResult#getResultType() + */ + public SLResultType getResultType() { + return resultType; + } + + /* (non-Javadoc) + * @see at.gv.egiz.bku.slcommands.SLResult#getMimeType() + */ + public String getMimeType() { + return resultingMimeType; + } + + /** + * Writes the given response to the result. + * + * @param response the security layer response element + * @param result the result to marshal the response to + */ + @SuppressWarnings("unchecked") + public void writeTo(JAXBElement response, Result result) { + + try { + JAXBContext context = SLCommandFactory.getJaxbContext(); + Marshaller marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + marshaller.marshal(response, result); + } catch (JAXBException e) { + // TODO Add throws clause to interface + log.fatal("Failed to marshall JAXBElement.", e); + throw new RuntimeException("Failed to marshall JAXBElement.", e); + } + + } + + /* (non-Javadoc) + * @see at.gv.egiz.bku.slcommands.SLResult#writeTo(javax.xml.transform.Result, javax.xml.transform.Transformer) + */ + @Override + public void writeTo(Result result, Transformer transformer) throws TransformerException { + // TODO Auto-generated method stub + // fixxme: wb added for testing purposes to be completed + // begin hack + if (transformer == null) { + writeTo(result); + return; + } + // just a quick hack to proceed with testing + ByteArrayOutputStream os = new ByteArrayOutputStream(); + writeTo(new StreamResult(os)); + ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray()); + transformer.transform(new StreamSource(is), result); + //end hack + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactory.java new file mode 100644 index 00000000..d6cbaefa --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactory.java @@ -0,0 +1,79 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; + +import javax.xml.crypto.AlgorithmMethod; +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.SignatureMethod; + +/** + * A factory for creating {@link AlgorithmMethod}s. + * + * @author mcentner + */ +public interface AlgorithmMethodFactory { + + /** + * Creates a new DigestMethod for the given signatureContext. + * + * @param signatureContext + * the signature context + * + * @return a DigestMethod for the given signatureContext + * + * @throws NoSuchAlgorithmException + * @throws InvalidAlgorithmParameterException + */ + public DigestMethod createDigestMethod(SignatureContext signatureContext) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException; + + /** + * Creates a new SignatureMethod for the given signatureContext. + * + * @param signatureContext + * the signature context + * + * @return a SignatureMethod for the given signatureContext + * + * @throws NoSuchAlgorithmException + * @throws InvalidAlgorithmParameterException + */ + public SignatureMethod createSignatureMethod(SignatureContext signatureContext) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException; + + /** + * Creates a new CanonicalizationMethod for the given + * signatureContext. + * + * @param signatureContext + * the signature context + * + * @return a CanonicalizationMethod for the given + * signatureContext + * + * @throws NoSuchAlgorithmException + * @throws InvalidAlgorithmParameterException + */ + public CanonicalizationMethod createCanonicalizationMethod( + SignatureContext signatureContext) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException; + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java new file mode 100644 index 00000000..6b963465 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java @@ -0,0 +1,125 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import iaik.xml.crypto.XmldsigMore; + +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; + +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; +import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec; +import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec; + +/** + * An implementation of the AlgorithmMethod factory that uses the signing + * certificate to choose appropriate algorithms. + * + * @author mcentner + */ +public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory { + + /** + * The signature algorithm URI. + */ + private String signatureAlgorithmURI; + + /** + * The algorithm parameters for the signature algorithm. + */ + private SignatureMethodParameterSpec signatureMethodParameterSpec; + + /** + * Creates a new AlgrithmMethodFactory with the given + * signingCertificate. + * + * @param siginingCertificate + * + * @throws NoSuchAlgorithmException + * if the public key algorithm of the given + * signingCertificate is not supported + */ + public AlgorithmMethodFactoryImpl(X509Certificate siginingCertificate) + throws NoSuchAlgorithmException { + + String algorithm = siginingCertificate.getPublicKey().getAlgorithm(); + + if ("DSA".equals(algorithm)) { + signatureAlgorithmURI = SignatureMethod.DSA_SHA1; + } else if ("RSA".equals(algorithm)) { + signatureAlgorithmURI = SignatureMethod.RSA_SHA1; + } else if (("EC".equals(algorithm)) || ("ECDSA".equals(algorithm))) { + signatureAlgorithmURI = XmldsigMore.SIGNATURE_ECDSA_SHA1; + } else { + throw new NoSuchAlgorithmException("Public key algorithm '" + algorithm + + "' not supported."); + } + + } + + /* + * (non-Javadoc) + * + * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory# + * createCanonicalizationMethod + * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) + */ + @Override + public CanonicalizationMethod createCanonicalizationMethod( + SignatureContext signatureContext) throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException { + + return signatureContext.getSignatureFactory().newCanonicalizationMethod( + CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null); + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory#createDigestMethod + * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) + */ + @Override + public DigestMethod createDigestMethod(SignatureContext signatureContext) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { + + return signatureContext.getSignatureFactory().newDigestMethod( + DigestMethod.SHA1, (DigestMethodParameterSpec) null); + } + + /* + * (non-Javadoc) + * + * @seeat.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory# + * createSignatureMethod + * (at.gv.egiz.bku.slcommands.impl.xsect.SignatureContext) + */ + @Override + public SignatureMethod createSignatureMethod(SignatureContext signatureContext) + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { + + return signatureContext.getSignatureFactory().newSignatureMethod( + signatureAlgorithmURI, signatureMethodParameterSpec); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/ByteArrayDereferencer.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/ByteArrayDereferencer.java new file mode 100644 index 00000000..a6473a05 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/ByteArrayDereferencer.java @@ -0,0 +1,65 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.io.ByteArrayInputStream; + +import javax.xml.crypto.Data; +import javax.xml.crypto.OctetStreamData; +import javax.xml.crypto.URIDereferencer; +import javax.xml.crypto.URIReference; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.XMLCryptoContext; + +/** + * An URIDereferencer implementation that dereferences the given + * byte array. + * + * @author mcentner + */ +public class ByteArrayDereferencer implements URIDereferencer { + + /** + * The dereferenced data. + */ + protected byte[] dereferencedData; + + /** + * Creates a new instance of this ByteArrayDereferencer with + * the given dereferencedData. + * + * @param dereferencedData the octets to be returned by {@link #dereference(URIReference, XMLCryptoContext)} + * + * @throws NullPointerException if dereferencedData is null + */ + public ByteArrayDereferencer(byte[] dereferencedData) { + if (dereferencedData == null) { + throw new NullPointerException("Parameter 'dereferencedData' must not be null."); + } + this.dereferencedData = dereferencedData; + } + + /* (non-Javadoc) + * @see javax.xml.crypto.URIDereferencer#dereference(javax.xml.crypto.URIReference, javax.xml.crypto.XMLCryptoContext) + */ + @Override + public Data dereference(URIReference uriReference, XMLCryptoContext context) + throws URIReferenceException { + return new OctetStreamData(new ByteArrayInputStream(dereferencedData)); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java new file mode 100644 index 00000000..d25f2526 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java @@ -0,0 +1,1006 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import iaik.xml.crypto.dom.DOMCryptoContext; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.SequenceInputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.net.URISyntaxException; +import java.nio.charset.Charset; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dom.DOMStructure; +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.Reference; +import javax.xml.crypto.dsig.Transform; +import javax.xml.crypto.dsig.XMLObject; +import javax.xml.crypto.dsig.spec.TransformParameterSpec; +import javax.xml.crypto.dsig.spec.XPathFilter2ParameterSpec; +import javax.xml.crypto.dsig.spec.XPathType; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.DOMConfiguration; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.Text; +import org.w3c.dom.bootstrap.DOMImplementationRegistry; +import org.w3c.dom.ls.DOMImplementationLS; +import org.w3c.dom.ls.LSException; +import org.w3c.dom.ls.LSInput; +import org.w3c.dom.ls.LSOutput; +import org.w3c.dom.ls.LSParser; +import org.w3c.dom.ls.LSSerializer; + +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLLocRefOptRefContentType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; +import at.buergerkarte.namespaces.securitylayer._1.MetaInfoType; +import at.buergerkarte.namespaces.securitylayer._1.TransformsInfoType; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.dom.DOMUtils; +import at.gv.egiz.slbinding.impl.XMLContentType; + +/** + * This class represents a DataObject of an XML-Signature + * created by the security layer command CreateXMLSignature. + * + * @author mcentner + */ +public class DataObject { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(DataObject.class); + + /** + * DOM Implementation. + */ + private static final String DOM_LS_3_0 = "LS 3.0"; + + /** + * The array of the default preferred MIME type order. + */ + private static final String[] DEFAULT_PREFFERED_MIME_TYPES = + new String[] { + "application/xhtml+xml", + "text/plain" + }; + + /** + * The DOM implementation used. + */ + private DOMImplementationLS domImplLS; + + /** + * The signature context. + */ + private SignatureContext ctx; + + /** + * The Reference for this DataObject. + */ + private XSECTReference reference; + + /** + * The XMLObject for this DataObject. + */ + private XMLObject xmlObject; + + /** + * The MIME-Type of the digest input. + */ + private String mimeType; + + /** + * An optional description of the digest input. + */ + private String description; + + /** + * Creates a new instance. + * + * @param document the document of the target signature + */ + public DataObject(SignatureContext signatureContext) { + this.ctx = signatureContext; + + DOMImplementationRegistry registry; + try { + registry = DOMImplementationRegistry.newInstance(); + } catch (Exception e) { + log.error("Failed to get DOMImplementationRegistry.", e); + throw new SLRuntimeException("Failed to get DOMImplementationRegistry."); + } + + domImplLS = (DOMImplementationLS) registry.getDOMImplementation(DOM_LS_3_0); + if (domImplLS == null) { + log.error("Failed to get DOMImplementation " + DOM_LS_3_0); + throw new SLRuntimeException("Failed to get DOMImplementation " + DOM_LS_3_0); + } + + } + + /** + * @return the reference + */ + public Reference getReference() { + return reference; + } + + /** + * @return the xmlObject + */ + public XMLObject getXmlObject() { + return xmlObject; + } + + /** + * @return the mimeType + */ + public String getMimeType() { + return mimeType; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * Configures this DataObject with the information provided within the given + * sl:DataObjectInfo. + * + * @param dataObjectInfo + * the sl:DataObjectInfo + * + * @throws SLCommandException + * if configuring this DataObject with the information provided in + * the sl:DataObjectInfo fails. + * @throws SLRequestException + * if the information provided in the sl:DataObjectInfo + * does not conform to the security layer specification. + * @throws NullPointerException + * if dataObjectInfo is null + */ + public void setDataObjectInfo(DataObjectInfoType dataObjectInfo) throws SLCommandException, SLRequestException { + + Base64XMLLocRefOptRefContentType dataObject = dataObjectInfo.getDataObject(); + String structure = dataObjectInfo.getStructure(); + + // select and unmarshal an appropriate transformation path if provided + // and set the final data meta information + XSECTTransforms transforms = createTransformsAndSetFinalDataMetaInfo(dataObjectInfo.getTransformsInfo()); + + if ("enveloping".equals(structure)) { + + // configure this DataObject as an enveloped DataObject + setEnvelopedDataObject(dataObject, transforms); + + } else if ("detached".equals(structure)) { + + // configure this DataObject as an detached DataObject + setDetachedDataObject(dataObject, transforms); + + } + // other values are not allowed by the schema and are therefore ignored + + } + + /** + * Configures this DataObject as an enveloped DataObject with the information + * provided within the given sl:DataObject. + * + * @param dataObject + * the sl:DataObject + * @param transforms + * an optional Transforms element (may be + * null) + * + * @throws SLCommandException + * if configuring this DataObject with the information provided in + * the sl:DataObject fails. + * @throws SLRequestException + * if the information provided in the sl:DataObject + * does not conform to the security layer specification. + * @throws NullPointerException + * if dataObject is null + */ + private void setEnvelopedDataObject( + Base64XMLLocRefOptRefContentType dataObject, XSECTTransforms transforms) + throws SLCommandException, SLRequestException { + + String reference = dataObject.getReference(); + if (reference == null) { + // + // case A + // + // The Reference attribute is not used; the content of sl:DataObject represents the data object. + // If the data object is XML-coded (the sl:XMLContent element is used in sl:DataObject), then it + // must be incorporated in the signature structure as parsed XML. + // + + if (dataObject.getBase64Content() != null) { + + log.debug("Adding DataObject (Base64Content) without a reference URI."); + + // create XMLObject + XMLObject xmlObject = createXMLObject(new ByteArrayInputStream(dataObject.getBase64Content())); + + setXMLObjectAndReferenceBase64(xmlObject, transforms); + + } else if (dataObject.getXMLContent() != null) { + + log.debug("Adding DataObject (XMLContent) without a reference URI."); + + // create XMLObject + DocumentFragment content = parseDataObject((XMLContentType) dataObject.getXMLContent()); + XMLObject xmlObject = createXMLObject(content); + + setXMLObjectAndReferenceXML(xmlObject, transforms); + + } else if (dataObject.getLocRefContent() != null) { + + log.debug("Adding DataObject (LocRefContent) without a reference URI."); + + setEnvelopedDataObject(dataObject.getLocRefContent(), transforms); + + } else { + + // not allowed + log.info("XML structure of the command request contains an " + + "invalid combination of optional elements or attributes. " + + "DataObject of structure='enveloped' without a reference must contain content."); + throw new SLRequestException(3003); + + } + + } else { + + if (dataObject.getBase64Content() == null && + dataObject.getXMLContent() == null && + dataObject.getLocRefContent() == null) { + + // + // case B + // + // The Reference attribute contains a URI that must be resolved by the + // Citizen Card Environment to obtain the data object. + // The content of sl:DataObject remains empty + // + + log.debug("Adding DataObject from reference URI '" + reference + "'."); + + setEnvelopedDataObject(reference, transforms); + + } else { + + // not allowed + log.info("XML structure of the command request contains an " + + "invalid combination of optional elements or attributes. " + + "DataObject of structure='enveloped' with reference must not contain content."); + throw new SLRequestException(3003); + + } + + + } + + } + + /** + * Configures this DataObject as an enveloped DataObject with the content to + * be dereferenced from the given reference. + * + * @param reference + * the reference URI + * @param transforms + * an optional Transforms element (may be + * null) + * + * @throws SLCommandException + * if dereferencing the given reference fails, or if + * configuring this DataObject with the data dereferenced from the + * given reference fails. + * @throws NullPointerException + * if reference is null + */ + private void setEnvelopedDataObject(String reference, XSECTTransforms transforms) throws SLCommandException { + + if (reference == null) { + throw new NullPointerException("Argument 'reference' must not be null."); + } + + // dereference URL + URLDereferencer dereferencer = URLDereferencer.getInstance(); + + StreamData streamData; + try { + streamData = dereferencer.dereference(reference, ctx.getDereferencerContext()); + } catch (IOException e) { + log.info("Failed to dereference XMLObject from '" + reference + "'.", e); + throw new SLCommandException(4110); + } + + Node childNode; + + String contentType = streamData.getContentType(); + if (contentType.startsWith("text/xml")) { + + // If content type is text/xml parse content. + String charset = HttpUtil.getCharset(contentType, true); + + Document doc = parseDataObject(streamData.getStream(), charset); + + childNode = doc.getDocumentElement(); + + if (childNode == null) { + log.info("Failed to parse XMLObject from '" + reference + "'."); + throw new SLCommandException(4111); + } + + XMLObject xmlObject = createXMLObject(childNode); + + setXMLObjectAndReferenceXML(xmlObject, transforms); + + } else { + + // Include content Base64 encoded. + XMLObject xmlObject = createXMLObject(streamData.getStream()); + + setXMLObjectAndReferenceBase64(xmlObject, transforms); + + } + + } + + /** + * Configures this DataObject as an detached DataObject with the information + * provided in the given sl:DataObject and optionally + * transforms. + * + * @param dataObject + * the sl:DataObject + * @param transforms + * an optional Transforms object, may be null + * + * @throws SLCommandException + * if configuring this DataObject with the information provided in + * the sl:DataObject fails. + * @throws SLRequestException + * if the information provided in the sl:DataObject + * does not conform to the security layer specification. + * @throws NullPointerException + * if dataObject is null + */ + private void setDetachedDataObject( + Base64XMLLocRefOptRefContentType dataObject, XSECTTransforms transforms) + throws SLCommandException, SLRequestException { + + String referenceURI = dataObject.getReference(); + + if (referenceURI == null) { + + // not allowed + log.info("XML structure of the command request contains an " + + "invalid combination of optional elements or attributes. " + + "DataObject of structure='detached' must contain a reference."); + throw new SLRequestException(3003); + + } else { + + DigestMethod dm; + try { + dm = ctx.getAlgorithmMethodFactory().createDigestMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } + + String idValue = ctx.getIdValueFactory().createIdValue("Reference"); + + reference = new XSECTReference(referenceURI, dm, transforms, null, idValue); + + // case D: + // + // The Reference attribute contains a URI that is used by the Citizen Card + // Environment to code the reference to the data object as part of the XML + // signature (attribute URI in the dsig:Reference) element. The content of + // sl:DataObject represents the data object. + + if (dataObject.getLocRefContent() != null) { + String locRef = dataObject.getLocRefContent(); + try { + this.reference.setDereferencer(new LocRefDereferencer(ctx.getDereferencerContext(), locRef)); + } catch (URISyntaxException e) { + log.info("Invalid URI '" + locRef + "' in DataObject.", e); + throw new SLCommandException(4003); + } catch (IllegalArgumentException e) { + log.info("LocRef URI of '" + locRef + "' not supported in DataObject. ", e); + throw new SLCommandException(4003); + } + } else if (dataObject.getBase64Content() != null) { + byte[] base64Content = dataObject.getBase64Content(); + this.reference.setDereferencer(new ByteArrayDereferencer(base64Content)); + } else if (dataObject.getXMLContent() != null) { + XMLContentType xmlContent = (XMLContentType) dataObject.getXMLContent(); + byte[] bytes = xmlContent.getRedirectedStream().toByteArray(); + this.reference.setDereferencer(new ByteArrayDereferencer(bytes)); + } else { + + // case C: + // + // The Reference attribute contains a URI that must be resolved by the + // Citizen Card Environment to obtain the data object. The Reference + // attribute contains a URI that is used by the Citizen Card Environment + // to code the reference to the data object as part of the XML signature + // (attribute URI in the dsig:Reference) element. The content of + // sl:DataObject remains empty. + + } + + } + } + + /** + * Returns the preferred sl:TransformInfo from the given list of + * transformInfos, or null if none of the given + * transformInfos is preferred over the others. + * + * @param transformsInfos + * a list of sl:TransformInfos + * + * @return the selected sl:TransformInfo or null, if + * none is preferred over the others + */ + private TransformsInfoType selectPreferredTransformsInfo(List transformsInfos) { + + Map mimeTypes = new HashMap(); + + StringBuilder debugString = null; + if (log.isDebugEnabled()) { + debugString = new StringBuilder(); + debugString.append("Got " + transformsInfos.size() + " TransformsInfo(s):"); + } + + for (TransformsInfoType transformsInfoType : transformsInfos) { + MetaInfoType finalDataMetaInfo = transformsInfoType.getFinalDataMetaInfo(); + String mimeType = finalDataMetaInfo.getMimeType(); + String description = finalDataMetaInfo.getDescription(); + mimeTypes.put(mimeType, transformsInfoType); + if (debugString != null) { + debugString.append("\n FinalDataMetaInfo: MIME-Type="); + debugString.append(mimeType); + if (description != null) { + debugString.append(" "); + debugString.append(description); + } + } + } + + if (debugString != null) { + log.debug(debugString); + } + + // look for preferred transform + for (String mimeType : DEFAULT_PREFFERED_MIME_TYPES) { + if (mimeTypes.containsKey(mimeType)) { + return mimeTypes.get(mimeType); + } + } + + // no preferred transform + return null; + + } + + /** + * Create an instance of ds:Transforms from the given + * sl:TransformsInfo. + * + * @param transformsInfo + * the sl:TransformsInfo + * + * @return a corresponding unmarshalled ds:Transforms, or + * null if the given sl:TransformsInfo does + * not contain a dsig:Transforms element + * + * @throws SLRequestException + * if the ds:Transforms in the given + * transformsInfo are not valid or cannot be parsed. + * + * @throws MarshalException + * if the ds:Transforms in the given + * transformsInfo cannot be unmarshalled. + */ + private XSECTTransforms createTransforms(TransformsInfoType transformsInfo) throws SLRequestException, MarshalException { + + ByteArrayOutputStream redirectedStream = ((at.gv.egiz.slbinding.impl.TransformsInfoType) transformsInfo).getRedirectedStream(); + byte[] transformBytes = (redirectedStream != null) ? redirectedStream.toByteArray() : null; + + if (transformBytes != null && transformBytes.length > 0) { + + // debug + if (log.isTraceEnabled()) { + StringBuilder sb = new StringBuilder(); + sb.append("Trying to parse transforms:\n"); + sb.append(new String(transformBytes, Charset.forName("UTF-8"))); + log.trace(sb); + } + + DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS(); + LSInput input = domImplLS.createLSInput(); + input.setByteStream(new ByteArrayInputStream(transformBytes)); + + LSParser parser = domImplLS.createLSParser( + DOMImplementationLS.MODE_SYNCHRONOUS, null); + DOMConfiguration domConfig = parser.getDomConfig(); + SimpleDOMErrorHandler errorHandler = new SimpleDOMErrorHandler(); + domConfig.setParameter("error-handler", errorHandler); + domConfig.setParameter("validate", Boolean.FALSE); + + Document document; + try { + document = parser.parse(input); + } catch (DOMException e) { + log.info("Failed to parse dsig:Transforms.", e); + throw new SLRequestException(3002); + } catch (LSException e) { + log.info("Failed to parse dsig:Transforms.", e); + throw new SLRequestException(3002); + } + + // adopt ds:Transforms + Element documentElement = document.getDocumentElement(); + Node adoptedTransforms = ctx.getDocument().adoptNode(documentElement); + + DOMCryptoContext context = new DOMCryptoContext(); + + // unmarshall ds:Transforms + return new XSECTTransforms(context, adoptedTransforms); + + } else { + return null; + } + + } + + /** + * Sets the mimeType and the description value + * for this DataObject. + * + * @param metaInfoType the sl:FinalMetaDataInfo + * + * @throws NullPointerException if metaInfoType is null + */ + private void setFinalDataMetaInfo(MetaInfoType metaInfoType) { + + this.mimeType = metaInfoType.getMimeType(); + this.description = metaInfoType.getDescription(); + + } + + /** + * Selects an appropriate transformation path (if present) from the given list + * of sl:TransformInfos, sets the corresponding final data meta info and + * returns the corresponding unmarshalled ds:Transforms. + * + * @param transformsInfos the sl:TransformInfos + * + * @return the unmarshalled ds:Transforms, or null if + * no transformation path has been selected. + * + * @throws SLRequestException if the given list ds:TransformsInfo contains + * an invalid ds:Transforms element, or no suitable transformation path + * can be found. + */ + private XSECTTransforms createTransformsAndSetFinalDataMetaInfo( + List transformsInfos) throws SLRequestException { + + TransformsInfoType preferredTransformsInfo = selectPreferredTransformsInfo(transformsInfos); + // try preferred transform + if (preferredTransformsInfo != null) { + + try { + XSECTTransforms transforms = createTransforms(preferredTransformsInfo); + setFinalDataMetaInfo(preferredTransformsInfo.getFinalDataMetaInfo()); + return transforms; + } catch (MarshalException e) { + + String mimeType = preferredTransformsInfo.getFinalDataMetaInfo().getMimeType(); + log.info("Failed to unmarshal preferred transformation path (MIME-Type=" + + mimeType + ").", e); + + } + + } + + // look for another suitable transformation path + for (TransformsInfoType transformsInfoType : transformsInfos) { + + try { + XSECTTransforms transforms = createTransforms(transformsInfoType); + setFinalDataMetaInfo(transformsInfoType.getFinalDataMetaInfo()); + return transforms; + } catch (MarshalException e) { + + String mimeType = transformsInfoType.getFinalDataMetaInfo().getMimeType(); + log.info("Failed to unmarshal transformation path (MIME-Type=" + + mimeType + ").", e); + } + + } + + // no suitable transformation path found + throw new SLRequestException(3003); + + } + + /** + * Create an XMLObject with the Base64 encoding of the given + * content. + * + * @param content + * the to-be Base64 encoded content + * @return an XMLObject with the Base64 encoded content + */ + private XMLObject createXMLObject(InputStream content) { + + Text textNode; + try { + textNode = at.gv.egiz.dom.DOMUtils.createBase64Text(content, ctx.getDocument()); + } catch (IOException e) { + log.error(e); + throw new SLRuntimeException(e); + } + + DOMStructure structure = new DOMStructure(textNode); + + String idValue = ctx.getIdValueFactory().createIdValue("Object"); + + return ctx.getSignatureFactory().newXMLObject(Collections.singletonList(structure), idValue, null, null); + + } + + /** + * Create an XMLObject with the given content node. + * + * @param content the content node + * + * @return an XMLObject with the given content + */ + private XMLObject createXMLObject(Node content) { + + String idValue = ctx.getIdValueFactory().createIdValue("Object"); + + List structures = Collections.singletonList(new DOMStructure(content)); + + return ctx.getSignatureFactory().newXMLObject(structures, idValue, null, null); + + } + + /** + * Sets the given xmlObject and creates and sets a corresponding + * Reference. + *

+ * A transform to Base64-decode the xmlObject's content is inserted at the top + * of to the optional transforms if given, or to a newly created + * Transforms element if transforms is + * null. + * + * @param xmlObject + * the XMLObject + * @param transforms + * an optional Transforms element (may be + * null) + * + * @throws SLCommandException + * if creating the Reference fails + * @throws NullPointerException + * if xmlObject is null + */ + private void setXMLObjectAndReferenceBase64(XMLObject xmlObject, XSECTTransforms transforms) throws SLCommandException { + + // create reference URI + // + // NOTE: the ds:Object can be referenced directly, as the Base64 transform + // operates on the text() of the input nodelist. + // + String referenceURI = "#" + xmlObject.getId(); + + // create Base64 Transform + Transform transform; + try { + transform = ctx.getSignatureFactory().newTransform(Transform.BASE64, (TransformParameterSpec) null); + } catch (NoSuchAlgorithmException e) { + // algorithm must be present + throw new SLRuntimeException(e); + } catch (InvalidAlgorithmParameterException e) { + // algorithm does not take parameters + throw new SLRuntimeException(e); + } + + if (transforms == null) { + transforms = new XSECTTransforms(Collections.singletonList(transform)); + } else { + transforms.insertTransform(transform); + } + + DigestMethod dm; + try { + dm = ctx.getAlgorithmMethodFactory().createDigestMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } + String id = ctx.getIdValueFactory().createIdValue("Reference"); + + this.xmlObject = xmlObject; + this.reference = new XSECTReference(referenceURI, dm, transforms, null, id); + + } + + /** + * Sets the given xmlObject and creates and sets a corresponding + * Reference. + *

+ * A transform to select the xmlObject's content is inserted at the top of to + * the optional transforms if given, or to a newly created + * Transforms element if transforms is + * null. + *

+ * + * @param xmlObject + * the XMLObject + * @param transforms + * an optional Transforms element (may be + * null) + * + * @throws SLCommandException + * if creating the Reference fails + * @throws NullPointerException + * if xmlObject is null + */ + private void setXMLObjectAndReferenceXML(XMLObject xmlObject, XSECTTransforms transforms) throws SLCommandException { + + // create reference URI + String referenceURI = "#" + xmlObject.getId(); + + // create Transform to select ds:Object's children + Transform xpathTransform; + Transform c14nTransform; + try { + + XPathType xpath = new XPathType("id(\"" + xmlObject.getId() + "\")/node()", XPathType.Filter.INTERSECT); + List xpaths = Collections.singletonList(xpath); + XPathFilter2ParameterSpec params = new XPathFilter2ParameterSpec(xpaths); + + xpathTransform = ctx.getSignatureFactory().newTransform(Transform.XPATH2, params); + + // add exclusive canonicalization to avoid signing the namespace context of the ds:Object + c14nTransform = ctx.getSignatureFactory().newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null); + + } catch (NoSuchAlgorithmException e) { + // algorithm must be present + throw new SLRuntimeException(e); + } catch (InvalidAlgorithmParameterException e) { + // params must be appropriate + throw new SLRuntimeException(e); + } + + if (transforms == null) { + List newTransfroms = new ArrayList(); + newTransfroms.add(xpathTransform); + newTransfroms.add(c14nTransform); + transforms = new XSECTTransforms(newTransfroms); + } else { + transforms.insertTransform(xpathTransform); + } + + DigestMethod dm; + try { + dm = ctx.getAlgorithmMethodFactory().createDigestMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } + String id = ctx.getIdValueFactory().createIdValue("Reference"); + + this.xmlObject = xmlObject; + this.reference = new XSECTReference(referenceURI, dm, transforms, null, id); + + } + + /** + * Parses the given xmlContent and returns a corresponding + * document fragment. + * + *

+ * The to-be parsed content is surrounded by ... elements to + * allow for mixed (e.g. Text and Element) content in XMLContent. + *

+ * + * @param xmlContent + * the XMLContent to-be parsed + * + * @return a document fragment containing the parsed nodes + * + * @throws SLCommandException + * if parsing the given xmlContent fails + * + * @throws NullPointerException + * if xmlContent is null + */ + private DocumentFragment parseDataObject(XMLContentType xmlContent) throws SLCommandException { + + ByteArrayOutputStream redirectedStream = xmlContent.getRedirectedStream(); + + // Note: We can assume a fixed character encoding of UTF-8 for the + // content of the redirect stream as the content has already been parsed + // and serialized again to the redirect stream. + + List inputStreams = new ArrayList(); + try { + // dummy start element + inputStreams.add(new ByteArrayInputStream("".getBytes("UTF-8"))); + + // content + inputStreams.add(new ByteArrayInputStream(redirectedStream.toByteArray())); + + // dummy end element + inputStreams.add(new ByteArrayInputStream("".getBytes("UTF-8"))); + } catch (UnsupportedEncodingException e) { + throw new SLRuntimeException(e); + } + + SequenceInputStream inputStream = new SequenceInputStream(Collections.enumeration(inputStreams)); + + // parse DataObject + Document doc = parseDataObject(inputStream, "UTF-8"); + + Element documentElement = doc.getDocumentElement(); + + if (documentElement == null || + !"dummy".equals(documentElement.getLocalName())) { + log.info("Failed to parse DataObject XMLContent."); + throw new SLCommandException(4111); + } + + DocumentFragment fragment = doc.createDocumentFragment(); + while (documentElement.getFirstChild() != null) { + fragment.appendChild(documentElement.getFirstChild()); + } + + // log parsed document + if (log.isTraceEnabled()) { + + StringWriter writer = new StringWriter(); + + writer.write("DataObject:\n"); + + LSOutput output = domImplLS.createLSOutput(); + output.setCharacterStream(writer); + output.setEncoding("UTF-8"); + LSSerializer serializer = domImplLS.createLSSerializer(); + serializer.getDomConfig().setParameter("xml-declaration", Boolean.FALSE); + serializer.write(fragment, output); + + log.trace(writer.toString()); + } + + return fragment; + + } + + /** + * Parses the given inputStream using the given + * encoding and returns the parsed document. + * + * @param inputStream + * the to-be parsed input + * + * @param encoding + * the encoding to be used for parsing the given + * inputStream + * + * @return the parsed document + * + * @throws SLCommandException + * if parsing the inputStream fails. + * + * @throws NullPointerException + * if inputStram is null + */ + private Document parseDataObject(InputStream inputStream, String encoding) throws SLCommandException { + + LSInput input = domImplLS.createLSInput(); + input.setByteStream(inputStream); + + if (encoding != null) { + input.setEncoding(encoding); + } + + LSParser parser = domImplLS.createLSParser(DOMImplementationLS.MODE_SYNCHRONOUS, null); + DOMConfiguration domConfig = parser.getDomConfig(); + SimpleDOMErrorHandler errorHandler = new SimpleDOMErrorHandler(); + domConfig.setParameter("error-handler", errorHandler); + domConfig.setParameter("validate", Boolean.FALSE); + + Document doc; + try { + doc = parser.parse(input); + } catch (DOMException e) { + log.info("Existing XML document cannot be parsed.", e); + throw new SLCommandException(4111); + } catch (LSException e) { + log.info("Existing XML document cannot be parsed. ", e); + throw new SLCommandException(4111); + } + + if (errorHandler.hasErrors()) { + // log errors + if (log.isInfoEnabled()) { + List errorMessages = errorHandler.getErrorMessages(); + StringBuffer sb = new StringBuffer(); + for (String errorMessage : errorMessages) { + sb.append(" "); + sb.append(errorMessage); + } + log.info("Existing XML document cannot be parsed. " + sb.toString()); + } + throw new SLCommandException(4111); + } + + return doc; + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactory.java new file mode 100644 index 00000000..df42bd11 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactory.java @@ -0,0 +1,37 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +/** + * A factory for creating xsd:Id-attribute values. + * + * @author mcentner + */ +public interface IdValueFactory { + + /** + * Creates a new xsd:Id-attribute value for an Element of the + * given elementName. + * + * @param elementName + * the local name of the element to create the value for + * + * @return a xsd:Id-attribute value + */ + public String createIdValue(String elementName); + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java new file mode 100644 index 00000000..b9824655 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/IdValueFactoryImpl.java @@ -0,0 +1,127 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.util.HashMap; +import java.util.Map; +import java.util.Random; + +/** + * An implementation of the IdValueFactory. + *

+ * This IdValueFactory creates xsd:Id-attribute values of the form + * '<elementName>-<random>-<sequenceNumber>', + * where + *

    + *
  • <elementName> is the name provided at + * {@link #createIdValue(String)},
    • + *
  • <random> is a random generated fixed value for an + * instance of this IdValueFactory and
    • + *
  • <sequenceNumber> is the sequence number of the value + * generated for a given elementName by an instance of this + * IdValueFactory.
    • + *
+ *

+ * + * @author mcentner + */ +public class IdValueFactoryImpl implements IdValueFactory { + + /** + * A generator for xsd:Id-attribute values. + * + * @author mcentner + */ + private class IdGenerator { + + /** + * The salt. + */ + private String salt; + + /** + * The element name. + */ + private String elementName; + + /** + * The sequence number. + */ + private int i = 0; + + /** + * Creates a new instance of this IdGenerator with the given + * elementName and salt value. + * + * @param elementName the element name + * @param salt the salt valeu + */ + private IdGenerator(String elementName, String salt) { + super(); + this.elementName = elementName; + this.salt = salt; + } + + /** + * @return returns the next xsd:Id-attribute value. + */ + public String getNextId() { + return elementName + "-" + salt + "-" + Integer.toString(++i); + } + + } + + /** + * A map of element names to xsd:Id-value generators. + */ + private Map generators = new HashMap(); + + /** + * The seed value. + */ + private String seed; + + /** + * Creates a new instance of this IdValueFactory. + */ + public IdValueFactoryImpl() { + + Random random = new Random(); + int rand = random.nextInt(); + seed = Integer.toHexString(rand); + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.slcommands.impl.IdValueFactory#createIdValue(java.lang.String + * ) + */ + public String createIdValue(String elementName) { + + IdGenerator generator = generators.get(elementName); + if (generator == null) { + generator = new IdGenerator(elementName, seed); + generators.put(elementName, generator); + } + return generator.getNextId(); + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java new file mode 100644 index 00000000..a6399c9b --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java @@ -0,0 +1,113 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; + +import javax.xml.crypto.Data; +import javax.xml.crypto.OctetStreamData; +import javax.xml.crypto.URIDereferencer; +import javax.xml.crypto.URIReference; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.XMLCryptoContext; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; + +/** + * An URIDereferencer implementation that dereferences LocRef + * references. + * + * @author mcentner + */ +public class LocRefDereferencer implements URIDereferencer { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(LocRefDereferencer.class); + + /** + * The LocRef-reference to be dereferenced by + * {@link #dereference(URIReference, XMLCryptoContext)}. + */ + protected String locRef; + + /** + * The context to be used for dereferencing. + */ + protected URLDereferencerContext dereferencerContext; + + /** + * Creates a new instance of this LocRefDereferencer with the given + * dereferencerContext and locRef reference. + * + * @param dereferencerContext + * the context to be used for dereferencing + * @param locRef + * the LocRef-reference (must be an absolute URI) + * + * @throws URISyntaxException + * if LocRef is not an absolute URI + */ + public LocRefDereferencer(URLDereferencerContext dereferencerContext, + String locRef) throws URISyntaxException { + + this.dereferencerContext = dereferencerContext; + + URI locRefUri = new URI(locRef); + if (locRefUri.isAbsolute()) { + this.locRef = locRef; + } else { + throw new IllegalArgumentException( + "Parameter 'locRef' must be an absolut URI."); + } + } + + /* + * (non-Javadoc) + * + * @see + * javax.xml.crypto.URIDereferencer#dereference(javax.xml.crypto.URIReference, + * javax.xml.crypto.XMLCryptoContext) + */ + @Override + public Data dereference(URIReference uriReference, XMLCryptoContext context) + throws URIReferenceException { + + URLDereferencer dereferencer = URLDereferencer.getInstance(); + StreamData streamData; + try { + streamData = dereferencer.dereference(locRef, dereferencerContext); + } catch (IOException e) { + log.info("Failed to dereference URI'" + locRef + "'. " + e.getMessage(), + e); + throw new URIReferenceException("Failed to dereference URI '" + locRef + + "'. " + e.getMessage(), e); + } + + return new OctetStreamData(streamData.getStream(), locRef, streamData + .getContentType()); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java new file mode 100644 index 00000000..64c758c9 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java @@ -0,0 +1,122 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.security.PrivateKey; + +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.HashDataInputCallback; + +/** + * This class implements a private key used by the {@link STALSignature} class. + * + * @author mcentner + */ +public class STALPrivateKey implements PrivateKey { + + private static final long serialVersionUID = 1L; + + /** + * The STAL implementation. + */ + private STAL stal; + + /** + * The callback interface for obtaining the hash input data. + */ + private HashDataInputCallback hashDataInputCallback; + + /** + * The keybox identifier. + */ + private String keyboxIdentifier; + + /** + * The signature algorithm. + */ + private String algorithm; + + /** + * Creates a new instance of this STALPrivateKey with the given + * stal implementation, signature algorithm, + * keyboxIdentifier and hashDataInputCallback + * interface. + * + * @param stal + * the STAL implementation + * @param algorithm + * the signature algorithm + * @param keyboxIdentifier + * the keybox identifier + * @param hashDataInputCallback + * the interface for obtaining the has input data + */ + public STALPrivateKey(STAL stal, + String algorithm, String keyboxIdentifier, HashDataInputCallback hashDataInputCallback) { + super(); + this.keyboxIdentifier = keyboxIdentifier; + this.hashDataInputCallback = hashDataInputCallback; + this.stal = stal; + this.algorithm = algorithm; + } + + /* (non-Javadoc) + * @see java.security.Key#getAlgorithm() + */ + @Override + public String getAlgorithm() { + return algorithm; + } + + /* (non-Javadoc) + * @see java.security.Key#getEncoded() + */ + @Override + public byte[] getEncoded() { + throw new UnsupportedOperationException("STALPrivateKey does not support the getEncoded() method."); + } + + /* (non-Javadoc) + * @see java.security.Key#getFormat() + */ + @Override + public String getFormat() { + return null; + } + + /** + * @return the STAL implementation + */ + public STAL getStal() { + return stal; + } + + /** + * @return the interface for obtaining the hash data input + */ + public HashDataInputCallback getHashDataInputCallback() { + return hashDataInputCallback; + } + + /** + * @return the keybox identifier + */ + public String getKeyboxIdentifier() { + return keyboxIdentifier; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java new file mode 100644 index 00000000..0ab30530 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALProvider.java @@ -0,0 +1,64 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import iaik.xml.crypto.XmldsigMore; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Provider; +import java.security.Signature; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.crypto.dsig.SignatureMethod; + +/** + * A security provider implementation that provides {@link Signature} implementations + * based on STAL. + * + * @author mcentner + */ +public class STALProvider extends Provider { + + private static final long serialVersionUID = 1L; + + private static String IMPL_PACKAGE_NAME = "at.gv.egiz.bku.slcommands.impl.xsect"; + + public STALProvider() { + + super("STAL", 1.0, "Security Token Abstraction Layer Provider"); + + final Map map = new HashMap(); + + // TODO: register further algorithms + map.put("Signature." + SignatureMethod.RSA_SHA1, + IMPL_PACKAGE_NAME + ".STALSignature"); + map.put("Signature." + XmldsigMore.SIGNATURE_ECDSA_SHA1, + IMPL_PACKAGE_NAME + ".STALSignature"); + + AccessController.doPrivileged(new PrivilegedAction() { + @Override + public Void run() { + putAll(map); + return null; + } + }); + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java new file mode 100644 index 00000000..f0fcb891 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java @@ -0,0 +1,165 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.io.ByteArrayOutputStream; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.util.Collections; +import java.util.List; + +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignResponse; +import at.gv.egiz.stal.HashDataInputCallback; + +/** + * A signature service provider implementation that uses STAL to sign. + * + * @author mcentner + */ +public class STALSignature extends SignatureSpi { + + /** + * The private key. + */ + protected STALPrivateKey privateKey; + + /** + * The to-be signed data. + */ + protected ByteArrayOutputStream data = new ByteArrayOutputStream(); + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineGetParameter(java.lang.String) + */ + @Override + protected Object engineGetParameter(String param) + throws InvalidParameterException { + throw new InvalidParameterException(); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineInitSign(java.security.PrivateKey) + */ + @Override + protected void engineInitSign(PrivateKey privateKey) + throws InvalidKeyException { + + if (!(privateKey instanceof STALPrivateKey)) { + throw new InvalidKeyException("STALSignature supports STALKeys only."); + } + + this.privateKey = (STALPrivateKey) privateKey; + + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineInitVerify(java.security.PublicKey) + */ + @Override + protected void engineInitVerify(PublicKey publicKey) + throws InvalidKeyException { + + throw new UnsupportedOperationException("STALSignature does not support signature verification."); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineSetParameter(java.lang.String, java.lang.Object) + */ + @Override + protected void engineSetParameter(String param, Object value) + throws InvalidParameterException { + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineSign() + */ + @Override + protected byte[] engineSign() throws SignatureException { + + STAL stal = privateKey.getStal(); + + if (stal == null) { + throw new SignatureException("STALSignature requires the STALPrivateKey " + + "to provide a STAL implementation reference."); + } + + HashDataInputCallback signRefDataSupplier = privateKey.getHashDataInputCallback(); + + String keyboxIdentifier = privateKey.getKeyboxIdentifier(); + + if (keyboxIdentifier == null) { + throw new SignatureException("STALSignature requires the STALPrivateKey " + + "to provide a KeyboxIdentifier."); + } + + SignRequest signRequest = new SignRequest(); + signRequest.setKeyIdentifier(keyboxIdentifier); + signRequest.setSignedInfo(data.toByteArray()); + signRequest.setHashDataInput(signRefDataSupplier); + + List responses = stal.handleRequest(Collections.singletonList((STALRequest) signRequest)); + + if (responses == null || responses.size() != 1) { + throw new SignatureException("Failed to access STAL."); + } + + STALResponse response = responses.get(0); + if (response instanceof SignResponse) { + return ((SignResponse) response).getSignatureValue(); + } else if (response instanceof ErrorResponse) { + throw new STALSignatureException(((ErrorResponse) response).getErrorCode()); + } else { + throw new SignatureException("Failed to access STAL."); + } + + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineUpdate(byte) + */ + @Override + protected void engineUpdate(byte b) throws SignatureException { + data.write(b); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineUpdate(byte[], int, int) + */ + @Override + protected void engineUpdate(byte[] b, int off, int len) + throws SignatureException { + data.write(b, off, len); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineVerify(byte[]) + */ + @Override + protected boolean engineVerify(byte[] sigBytes) throws SignatureException { + throw new UnsupportedOperationException("STALSignature des not support signature verification."); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureException.java new file mode 100644 index 00000000..4e86b07c --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignatureException.java @@ -0,0 +1,92 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.security.SignatureException; + +/** + * A SignatureException thrown by the {@link STALSignature}. + * + * @author mcentner + */ +public class STALSignatureException extends SignatureException { + + private static final long serialVersionUID = 1L; + + /** + * The STAL error code. + */ + private int errorCode; + + /** + * Creates a new instance of this STALSignatureException. + */ + public STALSignatureException() { + } + + /** + * Creates a new instance of this STALSigantureException with + * the given errorCode. + * + * @param errorCode the error code + */ + public STALSignatureException(int errorCode) { + this.errorCode = errorCode; + } + + /** + * Creates a new instance of this STALSignatureException with + * the given error msg. + * + * @param msg the error message + * @see SignatureException#SignatureException(String) + */ + public STALSignatureException(String msg) { + super(msg); + } + + /** + * Creates a new instance of this STALSignatureException with + * the given root cause. + * + * @param cause the cause + * @see SignatureException#SignatureException(Throwable) + */ + public STALSignatureException(Throwable cause) { + super(cause); + } + + /** + * Creates a new instance of this STALSignautureException with + * the given error message and root cause. + * + * @param message the error message + * @param cause the cause + * @see SignatureException#SignatureException(String, Throwable) + */ + public STALSignatureException(String message, Throwable cause) { + super(message, cause); + } + + /** + * @return the error code + */ + public int getErrorCode() { + return errorCode; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java new file mode 100644 index 00000000..94a4a066 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java @@ -0,0 +1,935 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dom.DOMStructure; +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.Reference; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.SignedInfo; +import javax.xml.crypto.dsig.XMLObject; +import javax.xml.crypto.dsig.XMLSignature; +import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.crypto.dsig.XMLSignatureFactory; +import javax.xml.crypto.dsig.dom.DOMSignContext; +import javax.xml.crypto.dsig.keyinfo.KeyInfo; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; +import javax.xml.crypto.dsig.keyinfo.X509Data; +import javax.xml.stream.XMLStreamException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.etsi.uri._01903.v1_1.DataObjectFormatType; +import org.etsi.uri._01903.v1_1.QualifyingPropertiesType; +import org.w3c.dom.DOMConfiguration; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.ls.DOMImplementationLS; +import org.w3c.dom.ls.LSException; +import org.w3c.dom.ls.LSInput; +import org.w3c.dom.ls.LSOutput; +import org.w3c.dom.ls.LSParser; +import org.w3c.dom.ls.LSResourceResolver; +import org.w3c.dom.ls.LSSerializer; + +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLLocRefReqRefContentType; +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLOptRefContentType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectAssociationType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; +import at.buergerkarte.namespaces.securitylayer._1.SignatureInfoCreationType; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.utils.HexDump; +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; +import at.gv.egiz.dom.DOMUtils; +import at.gv.egiz.slbinding.impl.XMLContentType; +import at.gv.egiz.stal.HashDataInputCallback; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.xades.QualifyingPropertiesException; +import at.gv.egiz.xades.QualifyingPropertiesFactory; + +/** + * This class represents an XML-Signature as to be created by the + * security layer command CreateXMLSignatureRequest. + * + * @author mcentner + */ +public class Signature implements HashDataInputCallback { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(Signature.class); + + /** + * The DOM implementation used. + */ + private DOMImplementationLS domImplLS; + + /** + * The SignatureContext for the XMLSignature. + */ + private SignatureContext ctx; + + /** + * The list of {@link DataObject}s for this signature. + */ + private List dataObjects = new ArrayList(); + + /** + * A mapping from the Id-attribute values of this signature's + * ds:References to the corresponding {@link DataObject}s. + */ + private Map dataObjectReferencIds = new HashMap(); + + /** + * The SignatureEnvironment for this signature. + */ + private SignatureLocation signatureLocation; + + /** + * The XML signature. + */ + private XMLSignature xmlSignature; + + /** + * A list of attributes of type xsd:ID to be registered in the {@link DOMSignContext}. + */ + private List idAttributes = new ArrayList(); + + /** + * The signer's X509 certificate. + */ + private X509Certificate signerCertificate; + + /** + * The signing time. + */ + private Date signingTime; + + /** + * Creates a new SLXMLSignature instance. + */ + public Signature(URLDereferencerContext dereferencerContext, + IdValueFactory idValueFactory, + AlgorithmMethodFactory algorithmMethodFactory) { + + domImplLS = DOMUtils.getDOMImplementationLS(); + + ctx = new SignatureContext(); + + ctx.setSignatureFactory(XMLSignatureFactory.getInstance()); + + ctx.setDereferencerContext(dereferencerContext); + ctx.setIdValueFactory(idValueFactory); + ctx.setAlgorithmMethodFactory(algorithmMethodFactory); + + } + + /** + * @return the Document containing this Signature + */ + public Document getDocument() { + return ctx.getDocument(); + } + + /** + * @return the parent Node for this Signature + */ + public Node getParent() { + return (signatureLocation != null) ? signatureLocation.getParent() : null; + } + + /** + * @return the next sibling Node for this Signature + */ + public Node getNextSibling() { + return (signatureLocation != null) ? signatureLocation.getNextSibling() : null; + } + + /** + * @return the XMLSignature + */ + public XMLSignature getXMLSignature() { + return xmlSignature; + } + + /** + * @return the list of {@link Reference}s of this Signature + */ + @SuppressWarnings("unchecked") + public List getReferences() { + return (xmlSignature != null) ? xmlSignature.getSignedInfo().getReferences() : null; + } + + /** + * @return the list of {@link XMLObject}s of this Signature + */ + @SuppressWarnings("unchecked") + public List getXMLObjects() { + return (xmlSignature != null) ? xmlSignature.getObjects() : null; + } + + /** + * Prepares the signature document with the information given by the + * signatureInfo provided. + * + * @param signatureInfo + * the SignatureInfo + * + * @throws SLCommandException + * if processing fails for any reason + * @throws IllegalStateException + * if the parent node has already been set + * @throws NullPointerException + * if signatureInfo is null + */ + public void setSignatureInfo(SignatureInfoCreationType signatureInfo) throws SLCommandException { + + if (signatureLocation != null) { + throw new IllegalStateException("SignatureEnvironment already set."); + } + + Base64XMLOptRefContentType signatureEnvironment = signatureInfo.getSignatureEnvironment(); + + if (signatureEnvironment == null) { + + // no SignatureEnvironment, so we use an empty document and the document as parent + ensureSignatureLocation(); + + } else { + + // parse SignatureEnvrionment and use as document + Document document = parseSignatureEnvironment(signatureEnvironment, signatureInfo.getSupplement()); + ctx.setDocument(document); + + signatureLocation = new SignatureLocation(ctx); + signatureLocation.setSignatureInfo(signatureInfo); + + } + + } + + /** + * Ensures a SignatureLocation for this Signature. + */ + private void ensureSignatureLocation() { + + if (signatureLocation == null) { + Document document = DOMUtils.createDocument(); + ctx.setDocument(document); + + signatureLocation = new SignatureLocation(ctx); + signatureLocation.setParent(document); + } + + } + + /** + * Adds a DataObject with the information given by the + * dataObjectInfo provided to this Signature. + * + * @param dataObjectInfo + * the DataObjectInfo element + * + * @throws SLCommandException + * if adding the DataObject fails + * @throws SLRequestException + * if the information provided by the given + * dataObjectInfo does not conform to the security + * layer specification + * @throws NullPointerException + * if dataObjectInfo is null + */ + public void addDataObject(DataObjectInfoType dataObjectInfo) throws SLCommandException, SLRequestException { + + ensureSignatureLocation(); + + DataObject dataObject = new DataObject(ctx); + dataObject.setDataObjectInfo(dataObjectInfo); + + dataObjects.add(dataObject); + + dataObjectReferencIds.put(dataObject.getReference().getId(), dataObject); + + } + + /** + * Sets the SigningTime qualifying property of this Signature. + * + * @param signingTime the signing time to set + */ + public void setSigningTime(Date signingTime) { + this.signingTime = signingTime; + } + + /** + * Sets the SignerCertificate qualifying property of this Signature. + * + * @param certificate the signer's certificate + */ + public void setSignerCeritifcate(X509Certificate certificate) { + this.signerCertificate = certificate; + } + + /** + * Builds the XMLSignature data structure of this Signature as configured by + * the various setter methods. + * + * @throws SLCommandException if building this signature fails + */ + public void buildXMLSignature() throws SLCommandException { + + List objects = new ArrayList(); + List references = new ArrayList(); + + // add all data objects + for (DataObject dataObject : dataObjects) { + if (dataObject.getXmlObject() != null) { + objects.add(dataObject.getXmlObject()); + } + if (dataObject.getReference() != null) { + references.add(dataObject.getReference()); + } + } + + addXAdESObjectAndReference(objects, references); + + XMLSignatureFactory signatureFactory = ctx.getSignatureFactory(); + AlgorithmMethodFactory algorithmMethodFactory = ctx.getAlgorithmMethodFactory(); + + CanonicalizationMethod cm; + SignatureMethod sm; + try { + cm = algorithmMethodFactory.createCanonicalizationMethod(ctx); + sm = algorithmMethodFactory.createSignatureMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get Canonicalization or Signature algorithm.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get Canonicalization or Signature algorithm.", e); + throw new SLCommandException(4006); + } + + String siId = ctx.getIdValueFactory().createIdValue("SignedInfo"); + + SignedInfo si = signatureFactory.newSignedInfo(cm, sm, references, siId); + + KeyInfo ki = null; + if (signerCertificate != null) { + KeyInfoFactory kif = KeyInfoFactory.getInstance(); + X509Data x509Data = kif.newX509Data(Collections.singletonList(signerCertificate)); + ki = kif.newKeyInfo(Collections.singletonList(x509Data)); + } + + String signatureId = ctx.getIdValueFactory().createIdValue("Signature"); + String signatureValueId = ctx.getIdValueFactory().createIdValue("SignatureValue"); + + xmlSignature = signatureFactory.newXMLSignature(si, ki, objects, signatureId, signatureValueId); + + } + + /** + * Sign this Signature using the given signContext. + *

+ * Call's {@link #buildXMLSignature()} if it has not been called yet. + *

+ * + * @param signContext + * the signing context + * + * @throws MarshalException + * if marshalling the XMLSignature fails + * @throws XMLSignatureException + * if signing the XMLSignature fails + * @throws SLCommandException + * if building the XMLSignature fails + * @throws NullPointerException + * if signContext is null + */ + public void sign(DOMSignContext signContext) throws MarshalException, XMLSignatureException, SLCommandException { + + if (xmlSignature == null) { + buildXMLSignature(); + } + + for (IdAttribute idAttribute : idAttributes) { + signContext.setIdAttributeNS(idAttribute.element, idAttribute.namespaceURI, idAttribute.localName); + } + + // DO NOT USE: + // signContext.setProperty("iaik.xml.crypto.dsig.sign-over", Boolean.TRUE); + + signContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE); + + signContext.putNamespacePrefix(XMLSignature.XMLNS, "dsig"); + + signContext.setURIDereferencer(new URIDereferncerAdapter(ctx.getDereferencerContext())); + + try { + xmlSignature.sign(signContext); + } catch (XMLSignatureException e) { + Throwable cause = e.getCause(); + while (cause != null) { + if (cause instanceof STALSignatureException) { + int errorCode = ((STALSignatureException) cause).getErrorCode(); + SLCommandException commandException = new SLCommandException(errorCode); + log.info("Failed to sign signature.", commandException); + throw commandException; + } else { + cause = cause.getCause(); + } + } + throw e; + } + + // debug + if (log.isTraceEnabled()) { + for (DataObject dataObject : dataObjects) { + Reference reference = dataObject.getReference(); + InputStream digestInputStream = reference.getDigestInputStream(); + if (digestInputStream != null) { + String mimeType = dataObject.getMimeType(); + StringBuilder sb = new StringBuilder(); + sb.append("DigestInput for Reference with id='"); + sb.append(reference.getId()); + sb.append("' (MIME-Type="); + sb.append(dataObject.getMimeType()); + sb.append("):\n"); + try { + if (mimeType != null && ( + mimeType.startsWith("text") || + "application/xhtml+xml".equals(mimeType))) { + byte[] b = new byte[512]; + for (int l; (l = digestInputStream.read(b)) != -1;) { + sb.append(new String(b, 0, l)); + } + } else { + sb.append(HexDump.hexDump(digestInputStream)); + } + } catch (IOException e) { + log.error(e); + } + log.trace(sb.toString()); + } else { + log.trace("Reference caching is not enabled."); + } + } + } + + } + + /** + * Sign this Signature using the given stal implementation and + * keyboxIdentifier. + *

+ * This method configures an appropriate {@link DOMSignContext} and calls + * {@link #sign(DOMSignContext)}. If {@link #buildXMLSignature()} has not been + * called yet, it is called by this method. + *

+ * + * @param stal + * the STAL implementation to use + * @param keyboxIdentifier + * the KeyboxIdentifier to use + * + * @throws MarshalException + * if marshalling this Signature fails + * @throws XMLSignatureException + * if signing this Signature fails + * @throws SLCommandException + * if building this Signature fails + * @throws NullPointerException + * if stal or keyboxIdentifier is + * null + */ + public void sign(STAL stal, String keyboxIdentifier) throws MarshalException, XMLSignatureException, SLCommandException { + + if (stal == null) { + throw new NullPointerException("Argument 'stal' must not be null."); + } + + if (keyboxIdentifier == null) { + throw new NullPointerException("Argument 'keyboxIdentifier' must not be null."); + } + + if (xmlSignature == null) { + buildXMLSignature(); + } + + SignatureMethod signatureMethod = xmlSignature.getSignedInfo().getSignatureMethod(); + String algorithm = signatureMethod.getAlgorithm(); + + PrivateKey privateKey = new STALPrivateKey(stal, algorithm, keyboxIdentifier, this); + + DOMSignContext signContext; + if (getNextSibling() == null) { + signContext = new DOMSignContext(privateKey, getParent()); + } else { + signContext = new DOMSignContext(privateKey, getParent(), getNextSibling()); + } + + sign(signContext); + } + + @Override + public InputStream getHashDataInput(String referenceId) { + + DataObject dataObject = dataObjectReferencIds.get(referenceId); + if (dataObject != null) { + return dataObject.getReference().getDigestInputStream(); + } else { + return null; + } + } + + /** + * Adds the XAdES QualifyingProperties as an + * ds:Object and a corresponding ds:Reference to + * it's SignedProperties element to this Signature. + * + * @param objects + * the list of ds:Objects to add the created + * ds:Object to + * @param references + * the list of ds:References to add the created + * ds:Reference to + * + * @throws SLCommandException + * if creating and adding the XAdES + * QualifyingProperties fails + * @throws NullPointerException + * if objects or references is + * null + */ + private void addXAdESObjectAndReference(List objects, List references) throws SLCommandException { + + QualifyingPropertiesFactory factory = QualifyingPropertiesFactory.getInstance(); + + String idValue = ctx.getIdValueFactory().createIdValue("SignedProperties"); + + Date date = (signingTime != null) ? signingTime : new Date(); + + List signingCertificates; + if (signerCertificate != null) { + signingCertificates = Collections.singletonList(signerCertificate); + } else { + signingCertificates = Collections.emptyList(); + } + + // TODO: report MOA-SP bug + // + // The security layer specification mandates the use of version 1.2.2. of the + // XAdES QualifyingProperties. However MOA-SP supports only version 1.1.1. Therefore, + // the version 1.1.1 is used in order to be compatible with current MOA-SP versions. + + List dataObjectFormats = new ArrayList(); + for (DataObject dataObject : dataObjects) { + if (dataObject.getMimeType() != null && dataObject.getReference() != null) { + Reference reference = dataObject.getReference(); + if (reference.getId() != null) { + String objectReference = "#" + reference.getId(); + dataObjectFormats.add(factory.createDataObjectFormatType( + objectReference, dataObject.getMimeType(), dataObject + .getDescription())); + } + } + } + + JAXBElement qualifyingProperties; + try { + qualifyingProperties = factory.createQualifyingProperties111(date, signingCertificates, idValue, dataObjectFormats); + } catch (QualifyingPropertiesException e) { + log.error("Failed to create QualifyingProperties.", e); + throw new SLCommandException(4000); + } + + DocumentFragment fragment = ctx.getDocument().createDocumentFragment(); + + try { + factory.marshallQualifyingProperties(qualifyingProperties, fragment); + } catch (JAXBException e) { + log.error("Failed to marshal QualifyingProperties.", e); + throw new SLCommandException(4000); + } + + List content = Collections.singletonList(new DOMStructure(fragment.getFirstChild())); + + String objectIdValue = ctx.getIdValueFactory().createIdValue("Object"); + + XMLObject object = ctx.getSignatureFactory().newXMLObject(content, objectIdValue, null, null); + + objects.add(object); + + // TODO: Report MOA-SP Bug + // + // Direct referencing of the SignedPorperties Id-attribute is not supported by MOA-SP + // because the QualifyingProperties are parsed without the XAdES schema. Therefore, + // the shorthand XPointer could not be resolved. + // + // The following workaround uses an XPointer to select the SignedProperties in order + // to allow the signature to be verified with MOA-SP. + + String referenceURI = "#xmlns(xades=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('" + + objectIdValue + + "')/child::xades:QualifyingProperties/child::xades:SignedProperties)"; + DigestMethod dm; + try { + dm = ctx.getAlgorithmMethodFactory().createDigestMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod algorithm.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get DigestMethod algorithm.", e); + throw new SLCommandException(4006); + } + + String referenceIdValue = ctx.getIdValueFactory().createIdValue("Reference"); + String referenceType = QualifyingPropertiesFactory.SIGNED_PROPERTIES_REFERENCE_TYPE_V1_1_1; + + Reference reference = ctx.getSignatureFactory().newReference(referenceURI, dm, null, referenceType, referenceIdValue); + + references.add(reference); + + Node child = fragment.getFirstChild(); + if (child instanceof Element) { + NodeList nodes = ((Element) child).getElementsByTagNameNS(QualifyingPropertiesFactory.NS_URI_V1_1_1, "SignedProperties"); + if (nodes.getLength() > 0) { + IdAttribute idAttribute = new IdAttribute(); + idAttribute.element = (Element) nodes.item(0); + idAttribute.namespaceURI = null; + idAttribute.localName = "Id"; + idAttributes.add(idAttribute); + } + } + + } + + /** + * Parse the SignatureEnvironment. + * + * @param signatureEnvironment + * the SignatureEnvironment element + * @param supplements + * an optional list of Supplements (may be + * null) + * + * @return the parsed SignatureEnvironment document + * + * @throws SLCommandException + * if parsing the SignatureEnvironment fails + * @throws NullPointerException + * if signatureEnvironment is null + */ + private Document parseSignatureEnvironment( + Base64XMLOptRefContentType signatureEnvironment, + List supplements) throws SLCommandException { + + if (signatureEnvironment == null) { + throw new NullPointerException("Argument 'signatureEnvironment' must not be null."); + } + + LSInput input; + try { + if (signatureEnvironment.getReference() != null) { + log.debug("SignatureEnvironment contains Reference " + signatureEnvironment.getReference() + "."); + input = createLSInput(signatureEnvironment.getReference()); + } else if (signatureEnvironment.getBase64Content() != null) { + log.debug("SignatureEnvironment contains Base64Content."); + input = createLSInput(signatureEnvironment.getBase64Content()); + } else if (signatureEnvironment.getXMLContent() != null) { + log.debug("SignatureEnvironment contains XMLContent."); + input = createLSInput((XMLContentType) signatureEnvironment.getXMLContent()); + } else { + // the schema does not allow us to reach this point + throw new SLCommandException(4000); + } + } catch (IOException e) { + log.info("XML document in which the signature is to be integrated cannot be resolved.", e); + throw new SLCommandException(4100); + } catch (XMLStreamException e) { + log.info("XML document in which the signature is to be integrated cannot be resolved.", e); + throw new SLCommandException(4100); + } + + LSParser parser = domImplLS.createLSParser(DOMImplementationLS.MODE_SYNCHRONOUS, null); + DOMConfiguration domConfig = parser.getDomConfig(); + SimpleDOMErrorHandler errorHandler = new SimpleDOMErrorHandler(); + domConfig.setParameter("error-handler", errorHandler); + LSResourceResolverAdapter resourceResolver = new LSResourceResolverAdapter(supplements); + domConfig.setParameter("resource-resolver", resourceResolver); + domConfig.setParameter("validate", Boolean.TRUE); + + Document doc; + try { + doc = parser.parse(input); + } catch (DOMException e) { + log.info("XML document in which the signature is to be integrated cannot be parsed.", e); + throw new SLCommandException(4101); + } catch (LSException e) { + log.info("XML document in which the signature is to be integrated cannot be parsed.", e); + throw new SLCommandException(4101); + } + + if (resourceResolver.getError() != null) { + log.info("Failed to resolve resource while parsing SignatureEnvironment document.", resourceResolver.getError()); + // we don't stop here, as we only _try_ to parse validating + } + + if (errorHandler.hasFatalErrors()) { + // log fatal errors + if (log.isInfoEnabled()) { + List errorMessages = errorHandler.getErrorMessages(); + StringBuffer sb = new StringBuffer(); + for (String errorMessage : errorMessages) { + sb.append(" "); + sb.append(errorMessage); + } + log.info("XML document in which the signature is to be integrated cannot be parsed." + sb.toString()); + } + throw new SLCommandException(4101); + } + + // log parsed document + if (log.isTraceEnabled()) { + + StringWriter writer = new StringWriter(); + + writer.write("SignatureEnvironment:\n"); + + LSOutput output = domImplLS.createLSOutput(); + output.setCharacterStream(writer); + output.setEncoding("UTF-8"); + LSSerializer serializer = domImplLS.createLSSerializer(); + serializer.write(doc, output); + + log.trace(writer.toString()); + } + + return doc; + + } + + /** + * Creates an LSInput from the given reference URI. + * + * @param reference + * the reference URL + * + * @return an LSInput from the given reference URI + * + * @throws IOException + * if dereferencing the given reference fails + */ + private LSInput createLSInput(String reference) throws IOException { + + URLDereferencer urlDereferencer = URLDereferencer.getInstance(); + StreamData streamData = urlDereferencer.dereference(reference, ctx.getDereferencerContext()); + + String contentType = streamData.getContentType(); + String charset = HttpUtil.getCharset(contentType, true); + InputStreamReader streamReader; + try { + streamReader = new InputStreamReader(streamData.getStream(), charset); + } catch (UnsupportedEncodingException e) { + log.info("Charset " + charset + " not supported. Using default."); + streamReader = new InputStreamReader(streamData.getStream()); + } + + LSInput input = domImplLS.createLSInput(); + input = domImplLS.createLSInput(); + input.setCharacterStream(streamReader); + + return input; + + } + + /** + * Creates an LSInput from the given content bytes. + * + * @param content + * the content bytes + * + * @return an LSInput from the givne content bytes + */ + private LSInput createLSInput(byte[] content) { + + ByteArrayInputStream inputStream = new ByteArrayInputStream(content); + LSInput input = domImplLS.createLSInput(); + input.setByteStream(inputStream); + + return input; + + } + + /** + * Creates an LSInput from the given XML content. + * + * @param content + * the XML content + * @return an LSInput from the given XML content + * + * @throws XMLStreamException + * if reading the XMLStream from the given XML content fails + */ + private LSInput createLSInput(XMLContentType content) throws XMLStreamException { + + ByteArrayOutputStream redirectedStream = content.getRedirectedStream(); + if (redirectedStream != null) { + LSInput input = domImplLS.createLSInput(); + input.setByteStream(new ByteArrayInputStream(redirectedStream.toByteArray())); + return input; + } else { + return null; + } + + } + + /** + * Represents an xsd:Id-attribute value. + * + * @author mcentner + */ + private class IdAttribute { + + private Element element; + + private String namespaceURI; + + private String localName; + + } + + /** + * An implementation of the LSResourceResolver that uses a list of supplements + * to resolve resources. + * + * @author mcentner + */ + private class LSResourceResolverAdapter implements LSResourceResolver { + + List supplements; + + private LSResourceResolverAdapter( + List supplements) { + this.supplements = supplements; + } + + private Exception error; + + /** + * @return the error + */ + public Exception getError() { + return error; + } + + @Override + public LSInput resolveResource(String type, String namespaceURI, + String publicId, String systemId, String baseURI) { + + if (log.isTraceEnabled()) { + log.trace("Resolve resource :" + + "\n type=" + type + + "\n namespaceURI=" + namespaceURI + + "\n publicId=" + publicId + + "\n systemId=" + systemId + + "\n baseURI=" + baseURI); + } + + if (systemId != null) { + + log.debug("Resolve resource '" + systemId + "'."); + + for (DataObjectAssociationType supplement : supplements) { + + Base64XMLLocRefReqRefContentType content = supplement.getContent(); + if (content != null) { + + String reference = content.getReference(); + if (systemId.equals(reference)) { + + try { + if (content.getLocRefContent() != null) { + log.trace("Resolved resource '" + reference + "' to supplement with LocRefContent."); + return createLSInput(content.getLocRefContent()); + } else if (content.getBase64Content() != null) { + log.trace("Resolved resource '" + reference + "' to supplement with Base64Content."); + return createLSInput(content.getBase64Content()); + } else if (content.getXMLContent() != null) { + log.trace("Resolved resource '" + reference + "' to supplement with XMLContent."); + return createLSInput((XMLContentType) content.getXMLContent()); + } else { + return null; + } + } catch (IOException e) { + log.info("Failed to resolve resource '" + systemId + "' to supplement.", e); + error = e; + return null; + } catch (XMLStreamException e) { + log.info("Failed to resolve resource '" + systemId + "' to supplement.", e); + error = e; + return null; + } + + } + + } + + } + + log.info("Failed to resolve resource '" + systemId + "' to supplement. No such supplement."); + + } + + return null; + + } + + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureContext.java new file mode 100644 index 00000000..0925f2fd --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureContext.java @@ -0,0 +1,129 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.XMLSignatureFactory; + +import org.w3c.dom.Document; + +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; + +/** + * An instance of this class carries context information for a XML-Signature + * created by the security layer command CreateXMLSignature. + * + * @author mcentner + */ +public class SignatureContext { + + /** + * The document going to contain the XML signature. + */ + private Document document; + + /** + * The IdValueFactory used to create xsd:ID-attribute values. + */ + private IdValueFactory idValueFactory; + + /** + * The XMLSignatureFactory to create XML signature objects. + */ + private XMLSignatureFactory signatureFactory; + + /** + * The URLDereferencerContext for dereferencing URLs. + */ + private URLDereferencerContext dereferencerContext; + + /** + * The DigestMethodFactory to create {@link DigestMethod} objects. + */ + private AlgorithmMethodFactory digestMethodFactory; + + /** + * @return the document + */ + public Document getDocument() { + return document; + } + + /** + * @param document the document to set + */ + public void setDocument(Document document) { + this.document = document; + } + + /** + * @return the idValueFactory + */ + public IdValueFactory getIdValueFactory() { + return idValueFactory; + } + + /** + * @param idValueFactory the idValueFactory to set + */ + public void setIdValueFactory(IdValueFactory idValueFactory) { + this.idValueFactory = idValueFactory; + } + + /** + * @return the signatureFactory + */ + public XMLSignatureFactory getSignatureFactory() { + return signatureFactory; + } + + /** + * @param signatureFactory the signatureFactory to set + */ + public void setSignatureFactory(XMLSignatureFactory signatureFactory) { + this.signatureFactory = signatureFactory; + } + + /** + * @return the dereferencerContext + */ + public URLDereferencerContext getDereferencerContext() { + return dereferencerContext; + } + + /** + * @param dereferencerContext the dereferencerContext to set + */ + public void setDereferencerContext(URLDereferencerContext dereferencerContext) { + this.dereferencerContext = dereferencerContext; + } + + /** + * @return the digestMethodFactory + */ + public AlgorithmMethodFactory getAlgorithmMethodFactory() { + return digestMethodFactory; + } + + /** + * @param digestMethodFactory the digestMethodFactory to set + */ + public void setAlgorithmMethodFactory(AlgorithmMethodFactory digestMethodFactory) { + this.digestMethodFactory = digestMethodFactory; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureLocation.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureLocation.java new file mode 100644 index 00000000..5ec02893 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureLocation.java @@ -0,0 +1,235 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.util.Iterator; + +import javax.xml.XMLConstants; +import javax.xml.namespace.NamespaceContext; +import javax.xml.xpath.XPath; +import javax.xml.xpath.XPathConstants; +import javax.xml.xpath.XPathExpression; +import javax.xml.xpath.XPathExpressionException; +import javax.xml.xpath.XPathFactory; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import at.buergerkarte.namespaces.securitylayer._1.SignatureInfoCreationType; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.slbinding.impl.SignatureLocationType; + +/** + * This class implements the SignatureLocation of an XML-Signature + * to be created by the security layer command CreateXMLSignature. + * + * @author mcentner + */ +public class SignatureLocation { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(SignatureLocation.class); + + /** + * The SignatureContext for the XML signature + */ + private SignatureContext ctx; + + /** + * The parent node for the XML signature. + */ + private Node parent; + + /** + * The next sibling node for the XML signature. + */ + private Node nextSibling; + + /** + * Creates a new SignatureLocation with the given signatureContext + * + * @param signatureContext the context for the XML signature creation + */ + public SignatureLocation(SignatureContext signatureContext) { + this.ctx = signatureContext; + } + + /** + * @return the parent node for the XML signature + */ + public Node getParent() { + return parent; + } + + /** + * @param parent the parent for the XML signature + */ + public void setParent(Node parent) { + this.parent = parent; + } + + /** + * @return the next sibling node for the XML signature + */ + public Node getNextSibling() { + return nextSibling; + } + + /** + * @param nextSibling the next sibling node for the XML signature + */ + public void setNextSibling(Node nextSibling) { + this.nextSibling = nextSibling; + } + + /** + * Configures this SignatureLocation with the information provided by the + * given SignatureInfo element. + * + * @param signatureInfo + * the SignatureInfo element + * + * @throws SLCommandException + * if configuring this SignatureLocation with given + * signatureInfofails + */ + public void setSignatureInfo(SignatureInfoCreationType signatureInfo) + throws SLCommandException { + + // evaluate signature location XPath ... + SignatureLocationType signatureLocation = (SignatureLocationType) signatureInfo + .getSignatureLocation(); + + NamespaceContext namespaceContext = new MOAIDWorkaroundNamespaceContext( + signatureLocation.getNamespaceContext()); + + parent = evaluateSignatureLocation(signatureInfo.getSignatureLocation() + .getValue(), namespaceContext, ctx.getDocument().getDocumentElement()); + + // ... and index + nextSibling = findNextSibling(parent, signatureInfo.getSignatureLocation() + .getIndex().intValue()); + + } + + /** + * Evaluates the given xpath with the document element as context node + * and returns the resulting node. + * + * @param xpath the XPath expression + * @param nsContext the namespace context of the XPath expression + * @param contextNode the context node for the XPath evaluation + * + * @return the result of evaluating the XPath expression + * + * @throws SLCommandException + */ + private Node evaluateSignatureLocation(String xpath, NamespaceContext nsContext, Node contextNode) throws SLCommandException { + + Node node = null; + try { + XPathFactory xpathFactory = XPathFactory.newInstance(); + XPath xPath = xpathFactory.newXPath(); + xPath.setNamespaceContext(nsContext); + XPathExpression xpathExpr = xPath.compile(xpath); + node = (Node) xpathExpr.evaluate(contextNode, XPathConstants.NODE); + } catch (XPathExpressionException e) { + log.info("Failed to evaluate SignatureLocation XPath expression '" + xpath + "' on context node.", e); + throw new SLCommandException(4102); + } + + if (node == null) { + log.info("Failed to evaluate SignatureLocation XPath expression '" + xpath + "'. Result is empty."); + throw new SLCommandException(4102); + } + + return node; + + } + + /** + * Finds the next sibling node of the parent's n-th child node + * or null if there is no next sibling. + * + * @param parent the parent node + * @param n the index of the child node + * + * @return the next sibling node of the node specified by parent and index n, + * or null if there is no next sibling node. + * + * @throws SLCommandException if the n-th child of parent does not exist + */ + private Node findNextSibling(Node parent, int n) throws SLCommandException { + + NodeList childNodes = parent.getChildNodes(); + Node childNode = childNodes.item(n); + if (childNode == null) { + log.info("SingatureLocation Index '" + n + "' not found in document."); + throw new SLCommandException(4102); + } else { + return childNode.getNextSibling(); + } + + } + + /** + * Workaround for a missing namespace prefix declaration in MOA-ID. + * + * @author mcentner + */ + private class MOAIDWorkaroundNamespaceContext implements NamespaceContext { + + private NamespaceContext namespaceContext; + + public MOAIDWorkaroundNamespaceContext(NamespaceContext namespaceContext) { + super(); + this.namespaceContext = namespaceContext; + } + + @Override + public String getNamespaceURI(String prefix) { + + String namespaceURI = namespaceContext.getNamespaceURI(prefix); + + if ((namespaceURI == null || XMLConstants.NULL_NS_URI.equals(namespaceURI)) && "saml".equals(prefix)) { + namespaceURI = "urn:oasis:names:tc:SAML:1.0:assertion"; + log.debug("Namespace prefix '" + prefix + "' resolved to '" + namespaceURI + "' (MOA-ID Workaround)."); + } else { + log.trace("Namespace prefix '" + prefix + "' resolved to '" + namespaceURI + "'."); + } + + return namespaceURI; + } + + @Override + public String getPrefix(String namespaceURI) { + return namespaceContext.getPrefix(namespaceURI); + } + + @SuppressWarnings("unchecked") + @Override + public Iterator getPrefixes(String namespaceURI) { + return namespaceContext.getPrefixes(namespaceURI); + } + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SimpleDOMErrorHandler.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SimpleDOMErrorHandler.java new file mode 100644 index 00000000..0d54adce --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/SimpleDOMErrorHandler.java @@ -0,0 +1,98 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import java.util.ArrayList; +import java.util.List; + +import org.w3c.dom.DOMError; +import org.w3c.dom.DOMErrorHandler; + +/** + * A simple DOMErrorHandler implementation. + * + * @author mcentner + */ +public class SimpleDOMErrorHandler implements DOMErrorHandler { + + /** + * Have there been errors reported? + */ + private boolean errors = false; + + /** + * Have there been fatal error reported? + */ + private boolean fatalErrors = false; + + /** + * The list of error messages of reported errors. + */ + private List errorMessages = new ArrayList(); + + /** + * @return true if errors have been reported, or false otherwise + */ + public boolean hasErrors() { + return errors; + } + + /** + * @return true if fatal errors have been reported, or false otherwise + */ + public boolean hasFatalErrors() { + return fatalErrors; + } + + /** + * @return a list of error messages that have been reported + */ + public List getErrorMessages() { + return errorMessages; + } + + /* (non-Javadoc) + * @see org.w3c.dom.DOMErrorHandler#handleError(org.w3c.dom.DOMError) + */ + @Override + public boolean handleError(DOMError error) { + + switch (error.getSeverity()) { + + case DOMError.SEVERITY_WARNING : +// log.debug("[warning] " + error.getMessage()); + return true; + + case DOMError.SEVERITY_ERROR : +// log.debug("[error] " + error.getMessage()); + errorMessages.add(error.getMessage()); + errors = true; + return false; + + case DOMError.SEVERITY_FATAL_ERROR : +// log.debug("[fatal error] " + error.getMessage()); + errorMessages.add(error.getMessage()); + fatalErrors = true; + return false; + + default: + return false; + } + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/URIDereferncerAdapter.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/URIDereferncerAdapter.java new file mode 100644 index 00000000..c94937be --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/URIDereferncerAdapter.java @@ -0,0 +1,103 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import iaik.xml.crypto.utils.URIDereferencerImpl; + +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; + +import javax.xml.crypto.Data; +import javax.xml.crypto.OctetStreamData; +import javax.xml.crypto.URIDereferencer; +import javax.xml.crypto.URIReference; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.XMLCryptoContext; + +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; + +/** + * An URIDereferencer implementation that uses an {@link URLDereferencer} to + * dereference. + * + * @author mcentner + */ +public class URIDereferncerAdapter implements URIDereferencer { + + /** + * The context for dereferencing. + */ + protected URLDereferencerContext urlDereferencerContext; + + /** + * Creates a new URIDereferencerAdapter instance with the given + * urlDereferencerContext. + * + * @param urlDereferencerContext the context to be used for dereferencing + */ + public URIDereferncerAdapter(URLDereferencerContext urlDereferencerContext) { + super(); + this.urlDereferencerContext = urlDereferencerContext; + } + + /* (non-Javadoc) + * @see javax.xml.crypto.URIDereferencer#dereference(javax.xml.crypto.URIReference, javax.xml.crypto.XMLCryptoContext) + */ + @Override + public Data dereference(URIReference uriReference, XMLCryptoContext context) + throws URIReferenceException { + + String uriString = uriReference.getURI(); + if (uriString == null) { + return null; + } + + URI uri; + try { + uri = new URI(uriString); + } catch (URISyntaxException e) { + throw new URIReferenceException(e.getMessage(), e); + } + + if (uri.isAbsolute()) { + + URLDereferencer dereferencer = URLDereferencer.getInstance(); + StreamData streamData; + try { + streamData = dereferencer.dereference(uriString, urlDereferencerContext); + } catch (IOException e) { + throw new URIReferenceException(e.getMessage(), e); + } + return new OctetStreamData(streamData.getStream(), uriString, streamData.getContentType()); + + } else { + + URIDereferencer uriDereferencer = context.getURIDereferencer(); + if (uriDereferencer == null || uriDereferencer == this) { + uriDereferencer = new URIDereferencerImpl(); + } + + return uriDereferencer.dereference(uriReference, context); + + } + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTReference.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTReference.java new file mode 100644 index 00000000..6b388f2a --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTReference.java @@ -0,0 +1,112 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import iaik.xml.crypto.dsig.DigestMethodImpl; +import iaik.xml.crypto.dsig.DigestValueImpl; +import iaik.xml.crypto.dsig.ReferenceImpl; +import iaik.xml.crypto.dsig.TransformImpl; +import iaik.xml.crypto.dsig.TransformsImpl; + +import javax.xml.crypto.Data; +import javax.xml.crypto.URIDereferencer; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.XMLCryptoContext; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.TransformException; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; + +/** + * This class extends the XSECT ReferenceImpl to allow for the use + * of already marshalled ds:Transforms elements for initialization. + * + * @author mcentner + */ +public class XSECTReference extends ReferenceImpl { + + /** + * The URIDereferencer to be used for dereferencing. + */ + protected URIDereferencer dereferencer; + + /** + * Creates a new instance of this XSECTReference with the given + * uri, digest method, transforms, type + * and id value. + * + * @param uri + * the URI-attribute value (may be null) + * @param dm + * the digest method + * @param transforms + * a TransformsImpl element (may be null) + * @param type + * the Type-attribute value (may be null) + * @param id + * the Id-attribute value (may be null) + * + * @throws NullPointerException + * if digestMethod is null + * @throws IllegalArgumentException + * if uri is not RFC 2396 compliant + * @throws ClassCastException + * if any of the transforms is not of type + * {@link TransformImpl} + */ + public XSECTReference(String uri, DigestMethod dm, TransformsImpl transforms, String type, + String id) { + super(uri, transforms, type, id); + digestMethod_ = (DigestMethodImpl) dm; + digestValue_ = new DigestValueImpl(); + } + + /* (non-Javadoc) + * @see iaik.xml.crypto.dsig.ReferenceType#dereference(javax.xml.crypto.XMLCryptoContext) + */ + @Override + public Data dereference(XMLCryptoContext context) throws TransformException, + URIReferenceException { + if (dereferencer != null) { + return dereferencer.dereference(this, context); + } else { + try { + return super.dereference(context); + } catch (URIReferenceException e) { + SLCommandException commandException = new SLCommandException(4003, + SLExceptionMessages.EC4003_NOT_RESOLVED, new Object[] { getURI() }); + throw new URIReferenceException("Failed to dereference data to-be signed.", commandException); + } + } + } + + /** + * @return the dereferencer to be used for dereferencing this reference + */ + public URIDereferencer getDereferencer() { + return dereferencer; + } + + /** + * @param dereferencer the dereferencer to be used for dereferencing this reference + */ + public void setDereferencer(URIDereferencer dereferencer) { + this.dereferencer = dereferencer; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTTransforms.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTTransforms.java new file mode 100644 index 00000000..a98e4236 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/XSECTTransforms.java @@ -0,0 +1,124 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl.xsect; + +import iaik.xml.crypto.dsig.TransformImpl; +import iaik.xml.crypto.dsig.TransformsImpl; + +import java.util.List; + +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dom.DOMCryptoContext; +import javax.xml.crypto.dsig.Transform; + +import org.w3c.dom.Node; + +/** + * This class extends the XSECT TransformsImpl to allow for the use of an + * unmarshalled ds:Transforms element for initalization. + * + * @author mcentner + */ +public class XSECTTransforms extends TransformsImpl { + + /** + * Creates a new XSECTTransforms with the given list of transforms. + * + * @param transforms a list of {@link TransformImpl}s + * @see TransformsImpl#TransformsImpl(List) + */ + @SuppressWarnings("unchecked") + public XSECTTransforms(List transforms) { + super(transforms); + } + + /** + * Creates a new XSECTTransforms and initializes it from the given + * ds:Transforms node. + * + * @param context the context used for unmarshalling + * @param node the ds:Transforms node + * + * @throws MarshalException if unmarshalling the ds:Transforms fails + */ + public XSECTTransforms(DOMCryptoContext context, Node node) + throws MarshalException { + super(context, node); + } + + /** + * Inserts the given transform at the top of the + * transform list. + * + * @param transform the ds:Transform to instert + */ + @SuppressWarnings("unchecked") + public void insertTransform(Transform transform) { + if (transform == null) { + throw new NullPointerException("Parameter 'transform' must not be null."); + } + if (!(transform instanceof TransformImpl)) { + throw new ClassCastException("Transform 'transform' must be of type '" + TransformImpl.class.getName() + "'."); + } + transforms_.add(0, transform); + } + + /** + * @return + */ + @SuppressWarnings("unchecked") + private List getTransformImpls() { + return transforms_; + } + + /* (non-Javadoc) + * @see iaik.xml.crypto.dsig.TransformsType#marshal(javax.xml.crypto.dom.DOMCryptoContext, org.w3c.dom.Node, org.w3c.dom.Node) + */ + @Override + public Node marshal(DOMCryptoContext context, Node parent, Node nextSibling) + throws MarshalException { + + if (getNode() != null) { + // If this TransformsImpl has been unmarshalled from exiting nodes, + // we don't want to re-marshal ... + state_ = STATE_MARSHALED; + + // ... but append the existing node to the parent ... + Node transformsNode = parent.insertBefore(getNode(), nextSibling); + + // ... and marshal any Transforms not yet marshalled (e.g. that + // have been added via insertTransform(). + Node transformNextSibling = transformsNode.getFirstChild(); + List transforms = getTransformImpls(); + for (int i = 0; i < transforms.size(); i++) { + TransformImpl transform = transforms.get(i); + Node transformNode = transform.getNode(); + if (transformNode == null) { + // marshall TransformImpl + transformNode = transform.marshal(context, transformsNode, transformNextSibling); + } + transformNextSibling = transformNode.getNextSibling(); + } + + return transformsNode; + } else { + return super.marshal(context, parent, nextSibling); + } + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLBindingException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLBindingException.java new file mode 100644 index 00000000..3f1732ba --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLBindingException.java @@ -0,0 +1,31 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +/** + * Error in the binding to the transport protocol (2xxx) + */ +public class SLBindingException extends SLException { + + public SLBindingException(int errorCode) { + super(errorCode); + } + + public SLBindingException(int errorCode, String msg, Object[] args) { + super(errorCode, msg, args); + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCanceledException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCanceledException.java new file mode 100644 index 00000000..8136a093 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCanceledException.java @@ -0,0 +1,26 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +public class SLCanceledException extends + at.gv.egiz.bku.slexceptions.SLException { + + public SLCanceledException(int errorCode, String msg, Object[] args) { + super(errorCode, msg, args); + // TODO Auto-generated constructor stub + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCommandException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCommandException.java new file mode 100644 index 00000000..73ae3325 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLCommandException.java @@ -0,0 +1,30 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +public class SLCommandException extends at.gv.egiz.bku.slexceptions.SLException { + + private static final long serialVersionUID = 1L; + + public SLCommandException(int errorCode) { + super(errorCode); + } + + public SLCommandException(int errorCode, String msg, Object[] args) { + super(errorCode, msg, args); + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLException.java new file mode 100644 index 00000000..4b541deb --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLException.java @@ -0,0 +1,88 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +import java.text.MessageFormat; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.ResourceBundle; + +public class SLException extends Exception { + + private static String RESOURCE_BUNDLE_BASE_NAME = "at.gv.egiz.bku.slexceptions.SLExceptionMessages"; + + private static String MISSING_RESOURCE_PATTERN = "MISSING RESOURCE FOR ERROR MESSAGE: {0} ({1})"; + + private static String ILLEGAL_ARGUMENT_MESSAGE = "MESSAGE FORMAT FAILED"; + + private static final long serialVersionUID = 1L; + + private int errorCode; + + private String message; + + private Object[] arguments; + + public SLException(int errorCode) { + this.errorCode = errorCode; + this.message = SLExceptionMessages.STANDARD_PREFIX + Integer.toString(errorCode); + } + + public SLException(int errorCode, String message, Object[] arguments) { + this.errorCode = errorCode; + this.message = message; + this.arguments = arguments; + } + + public int getErrorCode() { + return errorCode; + } + + public String getDetailedMsg() { + return getLocalizedMessage(); + } + + @Override + public String getLocalizedMessage() { + return getLocalizedMessage(Locale.getDefault()); + } + + public String getLocalizedMessage(Locale locale) { + + String pattern; + Object[] arguments = this.arguments; + try { + ResourceBundle bundle = ResourceBundle.getBundle(RESOURCE_BUNDLE_BASE_NAME, locale); + pattern = bundle.getString(message); + } catch (MissingResourceException e) { + pattern = MISSING_RESOURCE_PATTERN; + arguments = new Object[]{message, e.getMessage()}; + } + + String localizedMessage; + try { + localizedMessage = MessageFormat.format(pattern, arguments); + } catch (IllegalArgumentException e) { + localizedMessage = ILLEGAL_ARGUMENT_MESSAGE + ": " + pattern; + } + + return localizedMessage; + + } + + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java new file mode 100644 index 00000000..5ce5cba1 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java @@ -0,0 +1,50 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +public final class SLExceptionMessages { + + private SLExceptionMessages() { + } + + public static final String STANDARD_PREFIX = "ec"; + + // + // 3xxx + // + // Error in the XML structure of the command request + + public static final String EC3000_UNCLASSIFIED = "ec3000.unclassified"; + + public static final String EC3002_INVALID = "ec3002.invalid"; + + // + // 4xxx + // + // Error during command execution + + public static final String EC4000_UNCLASSIFIED_INFOBOX_INVALID = "ec4000.infobox.invalid"; + + public static final String EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED = "ec4000.idlink.transfomation.failed"; + + public static final String EC4002_INFOBOX_UNKNOWN = "ec4002.infobox.unknown"; + + public static final String EC4003_NOT_RESOLVED = "ec4003.not.resolved"; + + public static final String EC4011_NOTIMPLEMENTED = "ec4011.notimplemented"; + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRequestException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRequestException.java new file mode 100644 index 00000000..548732e6 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRequestException.java @@ -0,0 +1,30 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +public class SLRequestException extends SLException { + + public SLRequestException(int errorCode) { + super(errorCode); + // TODO Auto-generated constructor stub + } + + public SLRequestException(int errorCode, String msg, Object[] args) { + super(errorCode, msg, args); + // TODO Auto-generated constructor stub + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRuntimeException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRuntimeException.java new file mode 100644 index 00000000..d09ca418 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLRuntimeException.java @@ -0,0 +1,37 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +public class SLRuntimeException extends RuntimeException { + + public SLRuntimeException(String message, Throwable cause) { + super(message, cause); + } + + public SLRuntimeException(String message) { + super(message); + } + + public SLRuntimeException(Throwable cause) { + super(cause); + } + + public SLRuntimeException() { + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java new file mode 100644 index 00000000..1d128a00 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java @@ -0,0 +1,25 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slexceptions; + +public class SLViewerException extends SLException { + + public SLViewerException(int errorCode, String msg, Object[] args) { + super(errorCode, msg, args); + // TODO Auto-generated constructor stub + } +} \ No newline at end of file diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd new file mode 100644 index 00000000..594e4415 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd @@ -0,0 +1,877 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xml.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xml.xsd new file mode 100644 index 00000000..eeb9db56 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xml.xsd @@ -0,0 +1,145 @@ + + + + + + See http://www.w3.org/XML/1998/namespace.html and + http://www.w3.org/TR/REC-xml for information about this namespace. + + This schema document describes the XML namespace, in a form + suitable for import by other schema documents. + + Note that local names in this namespace are intended to be defined + only by the World Wide Web Consortium or its subgroups. The + following names are currently defined in this namespace and should + not be used with conflicting semantics by any Working Group, + specification, or document instance: + + base (as an attribute name): denotes an attribute whose value + provides a URI to be used as the base for interpreting any + relative URIs in the scope of the element on which it + appears; its value is inherited. This name is reserved + by virtue of its definition in the XML Base specification. + + id (as an attribute name): denotes an attribute whose value + should be interpreted as if declared to be of type ID. + This name is reserved by virtue of its definition in the + xml:id specification. + + lang (as an attribute name): denotes an attribute whose value + is a language code for the natural language of the content of + any element; its value is inherited. This name is reserved + by virtue of its definition in the XML specification. + + space (as an attribute name): denotes an attribute whose + value is a keyword indicating what whitespace processing + discipline is intended for the content of the element; its + value is inherited. This name is reserved by virtue of its + definition in the XML specification. + + Father (in any context at all): denotes Jon Bosak, the chair of + the original XML Working Group. This name is reserved by + the following decision of the W3C XML Plenary and + XML Coordination groups: + + In appreciation for his vision, leadership and dedication + the W3C XML Plenary on this 10th day of February, 2000 + reserves for Jon Bosak in perpetuity the XML name + xml:Father + + + + + This schema defines attributes and an attribute group + suitable for use by + schemas wishing to allow xml:base, xml:lang, xml:space or xml:id + attributes on elements they define. + + To enable this, such a schema must import this schema + for the XML namespace, e.g. as follows: + <schema . . .> + . . . + <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/xml.xsd"/> + + Subsequently, qualified reference to any of the attributes + or the group defined below will have the desired effect, e.g. + + <type . . .> + . . . + <attributeGroup ref="xml:specialAttrs"/> + + will define a type which will schema-validate an instance + element with any of those attributes + + + + In keeping with the XML Schema WG's standard versioning + policy, this schema document will persist at + http://www.w3.org/2007/08/xml.xsd. + At the date of issue it can also be found at + http://www.w3.org/2001/xml.xsd. + The schema document at that URI may however change in the future, + in order to remain compatible with the latest version of XML Schema + itself, or with the XML namespace itself. In other words, if the XML + Schema or XML namespaces change, the version of this document at + http://www.w3.org/2001/xml.xsd will change + accordingly; the version at + http://www.w3.org/2007/08/xml.xsd will not change. + + + + + + Attempting to install the relevant ISO 2- and 3-letter + codes as the enumerated possible values is probably never + going to be a realistic possibility. See + RFC 3066 at http://www.ietf.org/rfc/rfc3066.txt and the IANA registry + at http://www.iana.org/assignments/lang-tag-apps.htm for + further information. + + The union allows for the 'un-declaration' of xml:lang with + the empty string. + + + + + + + + + + + + + + + + + + + + + + + + See http://www.w3.org/TR/xmlbase/ for + information about this attribute. + + + + + + See http://www.w3.org/TR/xml-id/ for + information about this attribute. + + + + + + + + + + + diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-core-schema.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-core-schema.xsd new file mode 100644 index 00000000..8422fdfa --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-core-schema.xsd @@ -0,0 +1,308 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-transforms.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-transforms.xsd new file mode 100644 index 00000000..25fdec88 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/xmldsig-transforms.xsd @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties new file mode 100644 index 00000000..8e0a09bc --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties @@ -0,0 +1,97 @@ +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +test.noerror=This is a test error-message. No error occurred. + +ec1000=Unclassified error. +ec2000=Unclassified error in the transport binding. +ec2001=HTTP/HTTPS binding: DataURL cannot be resolved. +ec2002=HTTP/HTTPS binding: StylesheetURL cannot be resolved. +ec2003=HTTP/HTTPS binding: RedirectURL cannot be resolved. +ec2004=HTTP/HTTPS binding: XMLRequest parameter missing. +ec2005=HTTP/HTTPS binding: Unknown parameter encoding. +ec2006=HTTP/HTTPS binding: Incorrect parameter encoding. +ec2007=HTTP/HTTPS binding: DataURL server transmits error or unexpected response. +ec2008=HTTP/HTTPS binding: Error in stylesheet obtained from the StylesheetURL. +ec2009=HTTP/HTTPS binding: HTTP request to local CCE directed to unauthorised URL. +ec2010=HTTPS binding: Error while establishing the TLS connection. +ec3000=Unclassified error in the XML structure of the command request. +ec3001=XML structure of the command request is not well formed. +ec3002=XML structure of the command request does not comply with the Security Layer schema. +ec3003=XML structure of the command request contains an invalid combination of optional elements or attributes. +ec3004=XML structure contains an element or attribute whose syntax does not match the Security Layer specification. +ec3005=Protocol version of Security Layer not supported. +ec4000=Unclassified error while processing command. +ec4001=Unknown key box identifier. +ec4002=Unknown info box identifier. +ec4003=Date to be signed cannot be resolved. +ec4004=Supplementary object cannot be resolved. +ec4005=Date to be encrypted cannot be resolved. +ec4006=Algorithm (signature, encryption, digest, canonicalisation, transformation) not supported. +ec4007=Error while executing algorithm (signature, encryption, digest, canonicalisation, transformation). +ec4008=Error while parsing CMS message +ec4009=No matching decryption key. +ec4010=Info box command parameters do not match info box type. +ec4011=Command not implemented. +ec4100=XML document in which the signature is to be integrated cannot be resolved. +ec4101=XML document in which the signature is to be integrated cannot be parsed. +ec4102=Signature cannot be integrated in the existing XML document at the specified location. +ec4103=Signature certificate not contained in the CMS signature. +ec4104=Signed data not contained in the CMS signature or XML request. +ec4105=XML document containing the signature to be verified cannot be resolved. +ec4106=XML document containing the signature to be verified cannot be parsed. +ec4107=There is no XML signature at the specified location within the XML document. +ec4108=Encrypted date cannot be inserted in the existing XML document at the specified location. +ec4109=Existing XML document is required but missing. +ec4110=Existing XML document cannot be resolved. +ec4111=Existing XML document cannot be parsed. +ec4112=Encrypted data encryption keys cannot be inserted in the existing XML document at the specified location. +ec4113=Data to be decrypted not contained in either the CMS message or XML request. +ec4114=XML document to be decrypted cannot be resolved. +ec4115=XML document to be decrypted cannot be parsed. +ec4116=At least one specified encryption element cannot be found in the XML document to be decrypted. +ec4117=No encryption element for binary response. +ec4118=Date to be hashed cannot be resolved. +ec4119=Date for which the hash value is to be verified cannot be resolved. +ec4120=Selected info box identifier already allocated. +ec4121=Info box with specified identifier does not exist. +ec4122=Contents of the selected info box cannot be displayed as XML. +ec4123=Associative array: No entry for the specified key. +ec5000=Unclassified error in the viewer component. +ec5001=Display of data of the mime type specified in the command request not supported. +ec5002=Character encoding of the data to be displayed is invalid or not supported. +ec5003=Data to be displayed contains unsupported characters. +ec5004=Standard display format: HTML does not conform to specification. +ec5005=Standard display format: CSS does not conform to specification. +ec5006=Standard display format: Format of an embedded image does not conform to specification. +ec5007=Standard display format: Signature for embedded images missing or does not conform to specification. +ec6000=Unclassified cancelling by the citizen. +ec6001=Cancelled by the citizen via the user interface. +ec6002=Cancelled because of insufficient rights to execute command. + +# 3xxx +# + +ec3000.unclassified=Error in the XML structure of the command request. {0} +ec3002.invalid=XML structure of the command request does not comply with the Security Layer schema. {0} + +# 4xxx +# + +ec4000.infobox.invalid=The infobox '{0}' contains invalid content. +ec4000.idlink.transfomation.failed=Failed to transform CompressedIdentityLink with Stylesheet {0}. +ec4002.infobox.unknown=Unknown info box identifier {0}. +ec4003.not.resolved=Data to be signed cannot be resolved from URI={0}. +ec4011.notimplemented=Command {0} not implemented. diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties new file mode 100644 index 00000000..cf52a4c3 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties @@ -0,0 +1,98 @@ +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +test.noerror=Das ist eine Test-Fehlermeldung. Es ist kein Fehler aufgetreten. + +ec1000=Unklassifizierter Fehler. +ec2000=Unklassifizierter Fehler in der Transportbindung. +ec2001=HTTP/HTTPS-Bindung: DataURL kann nicht aufgelöst werden. +ec2002=HTTP/HTTPS-Bindung: StylesheetURL kann nicht aufgelöst werden. +ec2003=HTTP/HTTPS-Bindung: RedirectURL kann nicht aufgelöst werden. +ec2004=HTTP/HTTPS-Bindung: Parameter XMLRequest fehlt. +ec2005=HTTP/HTTPS-Bindung: Unbekannte Kodierung der Parameter. +ec2006=HTTP/HTTPS-Bindung: Fehlerhafte Kodierung der Parameter. +ec2007=HTTP/HTTPS-Bindung: DataURL-Server sendet Fehler oder unerwartete Antwort. +ec2008=HTTP/HTTPS-Bindung: Fehler im Stylesheet, der von der StylesheetURL bezogen wurde. +ec2009=HTTP/HTTPS-Bindung: HTTP-Anfrage an lokale BKU wurde an unerlaubte URL gerichtet. +ec2010=HTTPS-Bindung: Fehler beim Aufbau der TLS-Verbindung. +ec3000=Unklassifizierter Fehler in der XML-Struktur der Befehlsanfrage. +ec3001=XML-Struktur der Befehlsanfrage ist nicht wohlgeformt. +ec3002=XML-Struktur der Befehlsanfrage entspricht nicht dem Schema des Security-Layers. +ec3003=XML-Struktur der Befehlsanfrage enthält eine unerlaubte Kombination aus optionalen Elementen oder Attributen. +ec3004=XML-Struktur enthält ein Element oder Attribut, dessen Syntax nicht der Spezifikation des Security-Layer entspricht. +ec3005=Protokollversion des Security-Layer wird nicht unterstützt. +ec4000=Unklassifizierter Fehler in der Befehlsabarbeitung. +ec4001=Unbekannter Keyboxbezeichner. +ec4002=Unbekannter Infoboxbezeichner. +ec4003=Zu signierendes Datum kann nicht aufgelöst werden. +ec4004=Ergänzungsobjekt kann nicht aufgelöst werden. +ec4005=Zu verschlüsselndes Datum kann nicht aufgelöst werden. +ec4006=Algorithmus (Signatur, Verschlüsselung, Digest, Kanonisierung, Transformation) wird nicht unterstützt. +ec4007=Fehler bei der Algorithmusausführung (Signatur, Verschlüsselung, Digest, Kanonisierung, Transformation). +ec4008=Fehler beim Parsen der CMS-Nachricht. +ec4009=Kein passender Entschlüsselungsschlüssel vorhanden. +ec4010=Parameter des Infobox-Befehls passen nicht zum Typ der Infobox. +ec4011=Befehl ist nicht implementiert. +ec4100=XML-Dokument, in das die Signatur integriert werden soll, kann nicht aufgelöst werden. +ec4101=XML-Dokument, in das die Signatur integriert werden soll, kann nicht geparst werden. +ec4102=Signatur kann nicht am spezifizierten Ort in das bestehende XML-Dokument integriert werden. +ec4103=Signatorzertifikat ist nicht in der CMS-Signatur enthalten. +ec4104=Signierte Daten sind weder in der CMS-Signatur noch im XML-Request enthalten. +ec4105=XML-Dokument, das die zu prüfende Signatur enthält, kann nicht aufgelöst werden. +ec4106=XML-Dokument, das die zu prüfende Signatur enthält, kann nicht geparst werden. +ec4107=Am spezifizierten Ort innerhalb des XML-Dokuments befindet sich keine XML-Signatur. +ec4108=Verschlüsseltes Datum kann nicht am spezifizierten Ort in das bestehende XML-Dokument eingefügt werden. +ec4109=Bestehendes XML-Dokument ist notwendig, aber nicht vorhanden. +ec4110=Bestehendes XML-Dokument kann nicht aufgelöst werden. +ec4111=Bestehendes XML-Dokument kann nicht geparst werden. +ec4112=Verschlüsselte Datenverschlüsselungsschlüssel können nicht am spezifizierten Ort in das bestehende XML-Dokument eingefügt werden. +ec4113=Zu entschlüsselnde Daten sind weder in der CMS-Nachricht noch im XML-Request enthalten. +ec4114=Zu entschlüsselndes XML-Dokument kann nicht aufgelöst werden. +ec4115=Zu entschlüsselndes XML-Dokument kann nicht geparst werden. +ec4116=Zumindest ein spezifiziertes Verschlüsselungselement kann nicht im zu entschlüsselnden XML-Dokument gefunden werden. +ec4117=Kein Verschlüsselungselement für Binärantwort vorhanden. +ec4118=Zu hashendes Datum kann nicht aufgelöst werden. +ec4119=Datum, für das der Hashwert zu prüfen ist, kann nicht aufgelöst werden. +ec4120=Gewählter Infoboxbezeichner bereits vergeben. +ec4121=Infobox mit spezifiziertem Bezeichner existiert nicht. +ec4122=Inhalt der ausgewählten Infobox kann nicht als XML dargestellt werden. +ec4123=Assoziatives Array: Zum spezifizierten Schlüssel existiert kein Eintrag. +ec5000=Unklassifizierter Fehler in der Anzeigekomponente. +ec5001=Anzeige von Daten des in der Befehlsanfrage angegebenen Mime-Types wird nicht unterstützt. +ec5002=Zeichenkodierung der anzuzeigenden Daten ist fehlerhaft oder wird nicht unterstützt. +ec5003=Anzuzeigende Daten enhalten nicht unterstützte Zeichen. +ec5004=Standardanzeigeformat: HTML ist nicht spezifikationskonform. +ec5005=Standardanzeigeformat: CSS ist nicht spezifikationskonform. +ec5006=Standardanzeigeformat: Format eines eingebundenen Bildes ist nicht spezifikationskonform. +ec5007=Standardanzeigeformat: Signatur über eingebundene Bilder fehlt oder ist nicht spezifikationskonform. +ec6000=Unklassifizierter Abbruch durch den Bürger. +ec6001=Abbruch durch den Bürger über die Benutzerschnittstelle. +ec6002=Abbruch auf Grund mangelnder Rechte zur Befehlsausführung. + +# 3xxx +# + +ec3000.unclassified=Unklassifizierter Fehler in der XML-Struktur der Befehlsanfrage. {0} +ec3002.invalid=XML-Struktur der Befehlsanfrage entspricht nicht dem Schema des Security-Layers. {0} + +# 4xxx +# + +ec4000.infobox.invalid=Die Infobox '{0}' enthält ungültige Daten. +ec4000.idlink.transfomation.failed=Die komprimierte Personenbindung konnte mit dem Stylesheet {0} nicht transformiert werden. +ec4002.infobox.unknown=Unbekannter Infoboxbezeichner {0}. +ec4003.not.resolved=Zu signierendes Datum kann nicht aufgelöst werden (URI={0}). +ec4011.notimplemented=Befehl {0} ist nicht implementiert. + -- cgit v1.2.3 From 03d4206918ca3db9554e78bf8070a11503f083d9 Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 3 Sep 2008 12:59:26 +0000 Subject: Added skeleton for the access controller classes. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@8 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../egiz/bku/accesscontroller/AccessChecker.java | 7 +++ .../bku/accesscontroller/AccessCheckerContext.java | 27 ++++++++ .../accesscontroller/AccessControllerFactory.java | 39 ++++++++++++ .../at/gv/egiz/bku/accesscontroller/Action.java | 19 ++++++ .../bku/accesscontroller/AuthenticationClass.java | 21 +++++++ .../accesscontroller/AuthenticationClassifier.java | 63 +++++++++++++++++++ .../gv/egiz/bku/accesscontroller/ChainChecker.java | 71 ++++++++++++++++++++++ .../gv/egiz/bku/accesscontroller/ChainResult.java | 32 ++++++++++ .../gv/egiz/bku/accesscontroller/RuleChecker.java | 69 +++++++++++++++++++++ .../gv/egiz/bku/accesscontroller/RuleResult.java | 16 +++++ .../gv/egiz/bku/accesscontroller/UserAction.java | 20 ++++++ 11 files changed, 384 insertions(+) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessChecker.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessCheckerContext.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/Action.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClass.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/UserAction.java (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessChecker.java new file mode 100644 index 00000000..81bf1795 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessChecker.java @@ -0,0 +1,7 @@ +package at.gv.egiz.bku.accesscontroller; + +import at.gv.egiz.bku.slexceptions.SLException; + +public interface AccessChecker { + public ChainResult check(AccessCheckerContext checkCtx) throws SLException; +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessCheckerContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessCheckerContext.java new file mode 100644 index 00000000..1206c022 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessCheckerContext.java @@ -0,0 +1,27 @@ +package at.gv.egiz.bku.accesscontroller; + +import at.gv.egiz.bku.slcommands.SLCommand; + +public class AccessCheckerContext { + private SLCommand command; + private AuthenticationClass authenticationClass; + private String peerUrl; + + public AccessCheckerContext(SLCommand cmd, AuthenticationClass ac, String url) { + this.command = cmd; + this.authenticationClass = ac; + this.peerUrl = url; + } + + public SLCommand getCommand() { + return command; + } + + public AuthenticationClass getAuthenticationClass() { + return authenticationClass; + } + + public String getPeerUrl() { + return peerUrl; + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java new file mode 100644 index 00000000..9b3e563d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java @@ -0,0 +1,39 @@ +package at.gv.egiz.bku.accesscontroller; + +import java.util.Hashtable; + +public class AccessControllerFactory { + + private static AccessControllerFactory instance; + + private Hashtable chainTable = new Hashtable(); + + private AccessControllerFactory() { + } + + public static AccessControllerFactory getInstance() { + return instance; + } + + /** + * + * @param id + * @return null if there is no chain with this id. + */ + public ChainChecker getChainChecker(String id) { + return chainTable.get(id); + } + + public ChainChecker createChainChecker(String id, boolean register) { + ChainChecker cc = new ChainChecker(id); + if (register) { + chainTable.put(id, cc); + } + return cc; + } + + public void registerChainChecker(ChainChecker cc) { + chainTable.put(cc.getId(), cc); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/Action.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/Action.java new file mode 100644 index 00000000..11a22c99 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/Action.java @@ -0,0 +1,19 @@ +package at.gv.egiz.bku.accesscontroller; + +public enum Action { + ALLOW("allow"), DENY("deny"); + private String name; + + Action(String name) { + this.name = name; + } + + public static Action fromString(String s) { + for (Action ac : values()) { + if (ac.name.equals(s)) { + return ac; + } + } + return null; + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClass.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClass.java new file mode 100644 index 00000000..4d58df78 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClass.java @@ -0,0 +1,21 @@ +package at.gv.egiz.bku.accesscontroller; + +public enum AuthenticationClass { + ANONYMOUS("anonymous"), PSEUDO_ANONYMOUS("pseudoanonymous"), CERTIFIED( + "certified"), CERTIFIED_GOV_AGENCY("certifiedGovAgency"); + + private String name; + + AuthenticationClass(String name) { + this.name = name; + } + + public static AuthenticationClass fromString(String s) { + for (AuthenticationClass ac : values()) { + if (ac.name.equals(s)) { + return ac; + } + } + return null; + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java new file mode 100644 index 00000000..2e856f06 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java @@ -0,0 +1,63 @@ +package at.gv.egiz.bku.accesscontroller; + +import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.ANONYMOUS; +import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.CERTIFIED; +import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.PSEUDO_ANONYMOUS; +import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.CERTIFIED_GOV_AGENCY; + +import java.net.InetAddress; +import java.net.URL; +import java.net.UnknownHostException; +import java.security.cert.X509Certificate; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class AuthenticationClassifier { + private static AuthenticationClassifier instance = new AuthenticationClassifier(); + private static Log log = LogFactory.getLog(AuthenticationClassifier.class); + private final static String GOV_DOMAIN = ".gv.at"; + + private AuthenticationClassifier() { + } + + /** + * Client Certificates are currently not supported + * + */ + protected AuthenticationClass getMyAuthenticationClass(boolean isDataUrl, + URL url, X509Certificate cert) { + if (isDataUrl) { + if (url.getProtocol().equalsIgnoreCase("https")) { + try { + if (InetAddress.getByName(url.getHost()).getCanonicalHostName() + .endsWith(GOV_DOMAIN)) { + return CERTIFIED_GOV_AGENCY; + } + } catch (UnknownHostException e) { + log.error("Cannot determine host name", e); + } + if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) { + return CERTIFIED_GOV_AGENCY; + } + return CERTIFIED; + } else { + return PSEUDO_ANONYMOUS; + } + } else { + return ANONYMOUS; + } + } + + /** + * + * @param isDataUrl + * @param url if the url's protocol is https a cert parameter must be provided. + * @param cert + * @return + */ + public static AuthenticationClass getAuthenticationClass(boolean isDataUrl, + URL url, X509Certificate cert) { + return instance.getMyAuthenticationClass(isDataUrl, url, cert); + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java new file mode 100644 index 00000000..242d9b02 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java @@ -0,0 +1,71 @@ +package at.gv.egiz.bku.accesscontroller; + +import java.util.LinkedList; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLException; + +public class ChainChecker implements AccessChecker { + private static Log log = LogFactory.getLog(ChainChecker.class); + + private String id; + private List rules = new LinkedList(); + + /** + * + * @param id must not be null + */ + public ChainChecker(String id) { + if (id == null) { + throw new NullPointerException("Id argument must not be null"); + } + this.id = id; + } + + + public String getId() { + return id; + } + + public void addRule(RuleChecker rule) { + if (rule != null) { + rules.add(rule); + } + } + + @Override + public ChainResult check(AccessCheckerContext checkCtx) throws SLException { + log.debug("Processing chain: "+id); + for (RuleChecker rule : rules) { + log.trace("Checking rule: "+rule.getId()); + RuleResult result = rule.check(checkCtx); + if (result.matchFound()) { + log.debug("Found matching rule: "+rule.getId()); + if (result.getDelegateChainId() != null) { + // process chain + ChainChecker cc = AccessControllerFactory.getInstance().getChainChecker(result.getDelegateChainId()); + if (cc == null) { + log.error("Cannot delegate to chain. Unknown chain id: "+result.getDelegateChainId()); + throw new SLException(4000); + } + ChainResult cr = cc.check(checkCtx); + if (cr.matchFound()) { + return cr; + } + // if chain does not contain matching rule + // cont. here. + } else { + return result; + } + } + } + log.debug("Did not find a matching rule here"); + return new ChainResult(null, null, false); + } + + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java new file mode 100644 index 00000000..a534f4e5 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java @@ -0,0 +1,32 @@ +package at.gv.egiz.bku.accesscontroller; + +/** + * Result of the access controller + * + */ +public class ChainResult { + private UserAction userAction; + private Action action; + private boolean matchFound; + + public ChainResult(Action action, UserAction userAction, boolean matchFound) { + this.action = action; + this.userAction = userAction; + } + + public Action getAction() { + return action; + } + + public UserAction getUserAction() { + return userAction; + } + + /** + * + * @return true if a matching rule has been found + */ + public boolean matchFound() { + return matchFound; + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java new file mode 100644 index 00000000..bf46034d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java @@ -0,0 +1,69 @@ +package at.gv.egiz.bku.accesscontroller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +public class RuleChecker implements AccessChecker { + + private static Log log = LogFactory.getLog(RuleChecker.class); + + public static enum PEER_TYPE {HOST, IP, URL}; + + protected String id; + protected AuthenticationClass authenticationClass; + protected String commandName; + protected String peerId; + protected PEER_TYPE peerType; + protected Action action; + protected UserAction userAction; + + public RuleChecker(String id) { + if (id == null) { + throw new NullPointerException("Id argument must not be null"); + } + this.id = id; + } + + public void setAuthenticationClass(String ac) { + AuthenticationClass tmp = AuthenticationClass.fromString(ac); + if (tmp == null) { + throw new SLRuntimeException("Unknown authentication class "+ac); + } + authenticationClass = tmp; + } + + public void setAction(String ac) { + Action tmp = Action.fromString(ac); + if (tmp == null) { + throw new SLRuntimeException("Unknown action "+ac); + } + action = tmp; + } + + public void setUserAction(String uac) { + UserAction tmp = UserAction.fromString(uac); + if (tmp == null) { + throw new SLRuntimeException("Unknown user action "+uac); + } + userAction = tmp; + } + + public void setPeerId(String peerId, PEER_TYPE type) { + this.peerType = type; + this.peerId = peerId; + } + + public String getId() { + return id; + } + + @Override + public RuleResult check(AccessCheckerContext checkCtx) { + log.debug("Processing rule: "+id); + // TODO Auto-generated method stub + return null; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleResult.java new file mode 100644 index 00000000..26f42db0 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleResult.java @@ -0,0 +1,16 @@ +package at.gv.egiz.bku.accesscontroller; + + +public class RuleResult extends ChainResult { + private String chainId; + + public RuleResult(Action action, UserAction userAction, boolean matchFound, String chainId) { + super(action, userAction, matchFound); + this.chainId = chainId; + } + + public String getDelegateChainId() { + return chainId; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/UserAction.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/UserAction.java new file mode 100644 index 00000000..307ec1e5 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/UserAction.java @@ -0,0 +1,20 @@ +package at.gv.egiz.bku.accesscontroller; + +public enum UserAction { + NONE("none"), INFO("info"), CONFIRM("confirm"), CONFIRM_WITH_SECRET("confirmWithSecret"); + + private String name; + + UserAction(String name) { + this.name = name; + } + + public static UserAction fromString(String s) { + for (UserAction ac : values()) { + if (ac.name.equals(s)) { + return ac; + } + } + return null; + } +} -- cgit v1.2.3 From 13976eb3a430f319e0fdb0a6c75b58881512fba5 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 3 Sep 2008 13:53:13 +0000 Subject: accesscontrol config git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@9 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../bku/accesscontrol/config/AccessControl.java | 71 +++++ .../gv/egiz/bku/accesscontrol/config/Action.java | 110 +++++++ .../at/gv/egiz/bku/accesscontrol/config/Chain.java | 106 +++++++ .../gv/egiz/bku/accesscontrol/config/Chains.java | 78 +++++ .../gv/egiz/bku/accesscontrol/config/Command.java | 108 +++++++ .../bku/accesscontrol/config/ObjectFactory.java | 134 ++++++++ .../at/gv/egiz/bku/accesscontrol/config/Param.java | 101 ++++++ .../at/gv/egiz/bku/accesscontrol/config/Rule.java | 342 +++++++++++++++++++++ .../at/gv/egiz/bku/accesscontrol/config/Rules.java | 78 +++++ 9 files changed, 1128 insertions(+) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java new file mode 100644 index 00000000..c9efaca6 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java @@ -0,0 +1,71 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element ref="{}Chains"/>
+ *       </sequence>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "chains" +}) +@XmlRootElement(name = "AccessControl") +public class AccessControl { + + @XmlElement(name = "Chains", required = true) + protected Chains chains; + + /** + * Gets the value of the chains property. + * + * @return + * possible object is + * {@link Chains } + * + */ + public Chains getChains() { + return chains; + } + + /** + * Sets the value of the chains property. + * + * @param value + * allowed object is + * {@link Chains } + * + */ + public void setChains(Chains value) { + this.chains = value; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java new file mode 100644 index 00000000..8d457d1c --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java @@ -0,0 +1,110 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlIDREF; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <choice>
+ *         <element name="ChainRef" type="{http://www.w3.org/2001/XMLSchema}IDREF"/>
+ *         <element name="RuleAction">
+ *           <simpleType>
+ *             <restriction base="{http://www.w3.org/2001/XMLSchema}string">
+ *               <enumeration value="allow"/>
+ *               <enumeration value="deny"/>
+ *             </restriction>
+ *           </simpleType>
+ *         </element>
+ *       </choice>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "chainRef", + "ruleAction" +}) +@XmlRootElement(name = "Action") +public class Action { + + @XmlElement(name = "ChainRef") + @XmlIDREF + @XmlSchemaType(name = "IDREF") + protected Object chainRef; + @XmlElement(name = "RuleAction") + protected String ruleAction; + + /** + * Gets the value of the chainRef property. + * + * @return + * possible object is + * {@link Object } + * + */ + public Object getChainRef() { + return chainRef; + } + + /** + * Sets the value of the chainRef property. + * + * @param value + * allowed object is + * {@link Object } + * + */ + public void setChainRef(Object value) { + this.chainRef = value; + } + + /** + * Gets the value of the ruleAction property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getRuleAction() { + return ruleAction; + } + + /** + * Sets the value of the ruleAction property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setRuleAction(String value) { + this.ruleAction = value; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java new file mode 100644 index 00000000..aa0b920b --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java @@ -0,0 +1,106 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlID; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element ref="{}Rules" minOccurs="0"/>
+ *       </sequence>
+ *       <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" />
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "rules" +}) +@XmlRootElement(name = "Chain") +public class Chain { + + @XmlElement(name = "Rules") + protected Rules rules; + @XmlAttribute(name = "Id") + @XmlJavaTypeAdapter(CollapsedStringAdapter.class) + @XmlID + @XmlSchemaType(name = "ID") + protected String id; + + /** + * Gets the value of the rules property. + * + * @return + * possible object is + * {@link Rules } + * + */ + public Rules getRules() { + return rules; + } + + /** + * Sets the value of the rules property. + * + * @param value + * allowed object is + * {@link Rules } + * + */ + public void setRules(Rules value) { + this.rules = value; + } + + /** + * Gets the value of the id property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getId() { + return id; + } + + /** + * Sets the value of the id property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setId(String value) { + this.id = value; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java new file mode 100644 index 00000000..f75c8dba --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java @@ -0,0 +1,78 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element ref="{}Chain" maxOccurs="unbounded"/>
+ *       </sequence>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "chain" +}) +@XmlRootElement(name = "Chains") +public class Chains { + + @XmlElement(name = "Chain", required = true) + protected List chain; + + /** + * Gets the value of the chain property. + * + *

+ * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a set method for the chain property. + * + *

+ * For example, to add a new item, do as follows: + * 

+     *    getChain().add(newItem);
+     *
+ * + * + *

+ * Objects of the following type(s) are allowed in the list + * {@link Chain } + * + * + */ + public List getChain() { + if (chain == null) { + chain = new ArrayList(); + } + return this.chain; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java new file mode 100644 index 00000000..fcba969f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java @@ -0,0 +1,108 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element ref="{}Param" maxOccurs="unbounded" minOccurs="0"/>
+ *       </sequence>
+ *       <attribute name="Name" use="required" type="{http://www.w3.org/2001/XMLSchema}anySimpleType" />
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "param" +}) +@XmlRootElement(name = "Command") +public class Command { + + @XmlElement(name = "Param") + protected List param; + @XmlAttribute(name = "Name", required = true) + @XmlSchemaType(name = "anySimpleType") + protected String name; + + /** + * Gets the value of the param property. + * + *

+ * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a set method for the param property. + * + *

+ * For example, to add a new item, do as follows: + * 

+     *    getParam().add(newItem);
+     *
+ * + * + *

+ * Objects of the following type(s) are allowed in the list + * {@link Param } + * + * + */ + public List getParam() { + if (param == null) { + param = new ArrayList(); + } + return this.param; + } + + /** + * Gets the value of the name property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getName() { + return name; + } + + /** + * Sets the value of the name property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setName(String value) { + this.name = value; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java new file mode 100644 index 00000000..7291d759 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java @@ -0,0 +1,134 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.annotation.XmlElementDecl; +import javax.xml.bind.annotation.XmlRegistry; +import javax.xml.namespace.QName; + + +/** + * This object contains factory methods for each + * Java content interface and Java element interface + * generated in the at.gv.egiz.bku.accesscontrol.config package. + *

An ObjectFactory allows you to programatically + * construct new instances of the Java representation + * for XML content. The Java representation of XML + * content can consist of schema derived interfaces + * and classes representing the binding of schema + * type definitions, element declarations and model + * groups. Factory methods for each of these are + * provided in this class. + * + */ +@XmlRegistry +public class ObjectFactory { + + private final static QName _UserInteraction_QNAME = new QName("", "UserInteraction"); + private final static QName _AuthClass_QNAME = new QName("", "AuthClass"); + + /** + * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: at.gv.egiz.bku.accesscontrol.config + * + */ + public ObjectFactory() { + } + + /** + * Create an instance of {@link AccessControl } + * + */ + public AccessControl createAccessControl() { + return new AccessControl(); + } + + /** + * Create an instance of {@link Chain } + * + */ + public Chain createChain() { + return new Chain(); + } + + /** + * Create an instance of {@link Command } + * + */ + public Command createCommand() { + return new Command(); + } + + /** + * Create an instance of {@link Chains } + * + */ + public Chains createChains() { + return new Chains(); + } + + /** + * Create an instance of {@link Rule } + * + */ + public Rule createRule() { + return new Rule(); + } + + /** + * Create an instance of {@link Rule.AnyPeer } + * + */ + public Rule.AnyPeer createRuleAnyPeer() { + return new Rule.AnyPeer(); + } + + /** + * Create an instance of {@link Rules } + * + */ + public Rules createRules() { + return new Rules(); + } + + /** + * Create an instance of {@link Param } + * + */ + public Param createParam() { + return new Param(); + } + + /** + * Create an instance of {@link Action } + * + */ + public Action createAction() { + return new Action(); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >}} + * + */ + @XmlElementDecl(namespace = "", name = "UserInteraction") + public JAXBElement createUserInteraction(String value) { + return new JAXBElement(_UserInteraction_QNAME, String.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >}} + * + */ + @XmlElementDecl(namespace = "", name = "AuthClass") + public JAXBElement createAuthClass(String value) { + return new JAXBElement(_AuthClass_QNAME, String.class, null, value); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java new file mode 100644 index 00000000..44afc196 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java @@ -0,0 +1,101 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.XmlValue; +import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <simpleContent>
+ *     <extension base="<http://www.w3.org/2001/XMLSchema>string">
+ *       <attribute name="Name" use="required" type="{http://www.w3.org/2001/XMLSchema}NCName" />
+ *     </extension>
+ *   </simpleContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "value" +}) +@XmlRootElement(name = "Param") +public class Param { + + @XmlValue + protected String value; + @XmlAttribute(name = "Name", required = true) + @XmlJavaTypeAdapter(CollapsedStringAdapter.class) + @XmlSchemaType(name = "NCName") + protected String name; + + /** + * Gets the value of the value property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getValue() { + return value; + } + + /** + * Sets the value of the value property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setValue(String value) { + this.value = value; + } + + /** + * Gets the value of the name property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getName() { + return name; + } + + /** + * Sets the value of the name property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setName(String value) { + this.name = value; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java new file mode 100644 index 00000000..3c85f256 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java @@ -0,0 +1,342 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlID; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlSchemaType; +import javax.xml.bind.annotation.XmlType; +import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element ref="{}AuthClass"/>
+ *         <choice>
+ *           <element name="AnyPeer">
+ *             <complexType>
+ *               <complexContent>
+ *                 <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *                 </restriction>
+ *               </complexContent>
+ *             </complexType>
+ *           </element>
+ *           <element name="DomainName" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ *           <element name="IPv4Address" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ *           <element name="URL" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ *         </choice>
+ *         <element ref="{}Command" minOccurs="0"/>
+ *         <element ref="{}Action" maxOccurs="unbounded"/>
+ *         <element ref="{}UserInteraction"/>
+ *       </sequence>
+ *       <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" />
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "authClass", + "anyPeer", + "domainName", + "iPv4Address", + "url", + "command", + "action", + "userInteraction" +}) +@XmlRootElement(name = "Rule") +public class Rule { + + @XmlElement(name = "AuthClass", required = true) + protected String authClass; + @XmlElement(name = "AnyPeer") + protected Rule.AnyPeer anyPeer; + @XmlElement(name = "DomainName") + protected String domainName; + @XmlElement(name = "IPv4Address") + protected String iPv4Address; + @XmlElement(name = "URL") + protected String url; + @XmlElement(name = "Command") + protected Command command; + @XmlElement(name = "Action", required = true) + protected List action; + @XmlElement(name = "UserInteraction", required = true) + protected String userInteraction; + @XmlAttribute(name = "Id") + @XmlJavaTypeAdapter(CollapsedStringAdapter.class) + @XmlID + @XmlSchemaType(name = "ID") + protected String id; + + /** + * Gets the value of the authClass property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getAuthClass() { + return authClass; + } + + /** + * Sets the value of the authClass property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setAuthClass(String value) { + this.authClass = value; + } + + /** + * Gets the value of the anyPeer property. + * + * @return + * possible object is + * {@link Rule.AnyPeer } + * + */ + public Rule.AnyPeer getAnyPeer() { + return anyPeer; + } + + /** + * Sets the value of the anyPeer property. + * + * @param value + * allowed object is + * {@link Rule.AnyPeer } + * + */ + public void setAnyPeer(Rule.AnyPeer value) { + this.anyPeer = value; + } + + /** + * Gets the value of the domainName property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getDomainName() { + return domainName; + } + + /** + * Sets the value of the domainName property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setDomainName(String value) { + this.domainName = value; + } + + /** + * Gets the value of the iPv4Address property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getIPv4Address() { + return iPv4Address; + } + + /** + * Sets the value of the iPv4Address property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setIPv4Address(String value) { + this.iPv4Address = value; + } + + /** + * Gets the value of the url property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getURL() { + return url; + } + + /** + * Sets the value of the url property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setURL(String value) { + this.url = value; + } + + /** + * Gets the value of the command property. + * + * @return + * possible object is + * {@link Command } + * + */ + public Command getCommand() { + return command; + } + + /** + * Sets the value of the command property. + * + * @param value + * allowed object is + * {@link Command } + * + */ + public void setCommand(Command value) { + this.command = value; + } + + /** + * Gets the value of the action property. + * + *

+ * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a set method for the action property. + * + *

+ * For example, to add a new item, do as follows: + * 

+     *    getAction().add(newItem);
+     *
+ * + * + *

+ * Objects of the following type(s) are allowed in the list + * {@link Action } + * + * + */ + public List getAction() { + if (action == null) { + action = new ArrayList(); + } + return this.action; + } + + /** + * Gets the value of the userInteraction property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getUserInteraction() { + return userInteraction; + } + + /** + * Sets the value of the userInteraction property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setUserInteraction(String value) { + this.userInteraction = value; + } + + /** + * Gets the value of the id property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getId() { + return id; + } + + /** + * Sets the value of the id property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setId(String value) { + this.id = value; + } + + + /** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+     * <complexType>
+     *   <complexContent>
+     *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+     *     </restriction>
+     *   </complexContent>
+     * </complexType>
+     *
+ * + * + */ + @XmlAccessorType(XmlAccessType.FIELD) + @XmlType(name = "") + public static class AnyPeer { + + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java new file mode 100644 index 00000000..5a5fa11f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java @@ -0,0 +1,78 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2008.09.03 at 01:53:08 PM GMT +// + + +package at.gv.egiz.bku.accesscontrol.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for anonymous complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType>
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element ref="{}Rule" maxOccurs="unbounded"/>
+ *       </sequence>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", propOrder = { + "rule" +}) +@XmlRootElement(name = "Rules") +public class Rules { + + @XmlElement(name = "Rule", required = true) + protected List rule; + + /** + * Gets the value of the rule property. + * + *

+ * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a set method for the rule property. + * + *

+ * For example, to add a new item, do as follows: + * 

+     *    getRule().add(newItem);
+     *
+ * + * + *

+ * Objects of the following type(s) are allowed in the list + * {@link Rule } + * + * + */ + public List getRule() { + if (rule == null) { + rule = new ArrayList(); + } + return this.rule; + } + +} -- cgit v1.2.3 From 838aaacdd713d262801aa99ff161866a8939ec11 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 3 Sep 2008 14:53:43 +0000 Subject: accesscontrol config git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@10 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../bku/accesscontrol/config/AccessControl.java | 2 +- .../gv/egiz/bku/accesscontrol/config/Action.java | 2 +- .../at/gv/egiz/bku/accesscontrol/config/Chain.java | 2 +- .../gv/egiz/bku/accesscontrol/config/Chains.java | 2 +- .../gv/egiz/bku/accesscontrol/config/Command.java | 2 +- .../bku/accesscontrol/config/ObjectFactory.java | 52 +++++----- .../at/gv/egiz/bku/accesscontrol/config/Param.java | 2 +- .../at/gv/egiz/bku/accesscontrol/config/Rule.java | 108 ++++----------------- .../at/gv/egiz/bku/accesscontrol/config/Rules.java | 2 +- 9 files changed, 50 insertions(+), 124 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java index c9efaca6..90271231 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/AccessControl.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java index 8d457d1c..b9c8fa83 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java index aa0b920b..1408c8d8 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chain.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java index f75c8dba..d58f7bad 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Chains.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java index fcba969f..0d25ca1c 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Command.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java index 7291d759..0efa4beb 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/ObjectFactory.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // @@ -42,19 +42,19 @@ public class ObjectFactory { } /** - * Create an instance of {@link AccessControl } + * Create an instance of {@link Param } * */ - public AccessControl createAccessControl() { - return new AccessControl(); + public Param createParam() { + return new Param(); } /** - * Create an instance of {@link Chain } + * Create an instance of {@link AccessControl } * */ - public Chain createChain() { - return new Chain(); + public AccessControl createAccessControl() { + return new AccessControl(); } /** @@ -66,51 +66,43 @@ public class ObjectFactory { } /** - * Create an instance of {@link Chains } - * - */ - public Chains createChains() { - return new Chains(); - } - - /** - * Create an instance of {@link Rule } + * Create an instance of {@link Rules } * */ - public Rule createRule() { - return new Rule(); + public Rules createRules() { + return new Rules(); } /** - * Create an instance of {@link Rule.AnyPeer } + * Create an instance of {@link Action } * */ - public Rule.AnyPeer createRuleAnyPeer() { - return new Rule.AnyPeer(); + public Action createAction() { + return new Action(); } /** - * Create an instance of {@link Rules } + * Create an instance of {@link Chains } * */ - public Rules createRules() { - return new Rules(); + public Chains createChains() { + return new Chains(); } /** - * Create an instance of {@link Param } + * Create an instance of {@link Chain } * */ - public Param createParam() { - return new Param(); + public Chain createChain() { + return new Chain(); } /** - * Create an instance of {@link Action } + * Create an instance of {@link Rule } * */ - public Action createAction() { - return new Action(); + public Rule createRule() { + return new Rule(); } /** diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java index 44afc196..94e190ff 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Param.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java index 3c85f256..512cced9 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rule.java @@ -2,14 +2,12 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // package at.gv.egiz.bku.accesscontrol.config; -import java.util.ArrayList; -import java.util.List; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; @@ -33,21 +31,13 @@ import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> * <sequence> * <element ref="{}AuthClass"/> - * <choice> - * <element name="AnyPeer"> - * <complexType> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * </restriction> - * </complexContent> - * </complexType> - * </element> + * <choice minOccurs="0"> * <element name="DomainName" type="{http://www.w3.org/2001/XMLSchema}string"/> * <element name="IPv4Address" type="{http://www.w3.org/2001/XMLSchema}string"/> * <element name="URL" type="{http://www.w3.org/2001/XMLSchema}string"/> * </choice> * <element ref="{}Command" minOccurs="0"/> - * <element ref="{}Action" maxOccurs="unbounded"/> + * <element ref="{}Action"/> * <element ref="{}UserInteraction"/> * </sequence> * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> @@ -61,7 +51,6 @@ import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; @XmlAccessorType(XmlAccessType.FIELD) @XmlType(name = "", propOrder = { "authClass", - "anyPeer", "domainName", "iPv4Address", "url", @@ -74,8 +63,6 @@ public class Rule { @XmlElement(name = "AuthClass", required = true) protected String authClass; - @XmlElement(name = "AnyPeer") - protected Rule.AnyPeer anyPeer; @XmlElement(name = "DomainName") protected String domainName; @XmlElement(name = "IPv4Address") @@ -85,7 +72,7 @@ public class Rule { @XmlElement(name = "Command") protected Command command; @XmlElement(name = "Action", required = true) - protected List action; + protected Action action; @XmlElement(name = "UserInteraction", required = true) protected String userInteraction; @XmlAttribute(name = "Id") @@ -118,30 +105,6 @@ public class Rule { this.authClass = value; } - /** - * Gets the value of the anyPeer property. - * - * @return - * possible object is - * {@link Rule.AnyPeer } - * - */ - public Rule.AnyPeer getAnyPeer() { - return anyPeer; - } - - /** - * Sets the value of the anyPeer property. - * - * @param value - * allowed object is - * {@link Rule.AnyPeer } - * - */ - public void setAnyPeer(Rule.AnyPeer value) { - this.anyPeer = value; - } - /** * Gets the value of the domainName property. * @@ -241,30 +204,25 @@ public class Rule { /** * Gets the value of the action property. * - *

- * This accessor method returns a reference to the live list, - * not a snapshot. Therefore any modification you make to the - * returned list will be present inside the JAXB object. - * This is why there is not a set method for the action property. - * - *

- * For example, to add a new item, do as follows: - * 

-     *    getAction().add(newItem);
-     *
- * - * - *

- * Objects of the following type(s) are allowed in the list - * {@link Action } - * + * @return + * possible object is + * {@link Action } + * + */ + public Action getAction() { + return action; + } + + /** + * Sets the value of the action property. * + * @param value + * allowed object is + * {@link Action } + * */ - public List getAction() { - if (action == null) { - action = new ArrayList(); - } - return this.action; + public void setAction(Action value) { + this.action = value; } /** @@ -315,28 +273,4 @@ public class Rule { this.id = value; } - - /** - *

Java class for anonymous complex type. - * - *

The following schema fragment specifies the expected content contained within this class. - * - * 

-     * <complexType>
-     *   <complexContent>
-     *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
-     *     </restriction>
-     *   </complexContent>
-     * </complexType>
-     *
- * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class AnyPeer { - - - } - } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java index 5a5fa11f..6429e58a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Rules.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 01:53:08 PM GMT +// Generated on: 2008.09.03 at 02:52:44 PM GMT // -- cgit v1.2.3 From 3099f0f157d6a1f6c9df2183833b3279b44211f0 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 3 Sep 2008 15:06:39 +0000 Subject: accesscontrol config git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@11 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/accesscontrol/config/Action.java | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java index b9c8fa83..b4ae938c 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontrol/config/Action.java @@ -2,7 +2,7 @@ // This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vhudson-jaxb-ri-2.1-520 // See http://java.sun.com/xml/jaxb // Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2008.09.03 at 02:52:44 PM GMT +// Generated on: 2008.09.03 at 03:06:11 PM GMT // @@ -11,9 +11,7 @@ package at.gv.egiz.bku.accesscontrol.config; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlIDREF; import javax.xml.bind.annotation.XmlRootElement; -import javax.xml.bind.annotation.XmlSchemaType; import javax.xml.bind.annotation.XmlType; @@ -27,7 +25,7 @@ import javax.xml.bind.annotation.XmlType; * <complexContent> * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> * <choice> - * <element name="ChainRef" type="{http://www.w3.org/2001/XMLSchema}IDREF"/> + * <element name="ChainRef" type="{http://www.w3.org/2001/XMLSchema}string"/> * <element name="RuleAction"> * <simpleType> * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> @@ -53,9 +51,7 @@ import javax.xml.bind.annotation.XmlType; public class Action { @XmlElement(name = "ChainRef") - @XmlIDREF - @XmlSchemaType(name = "IDREF") - protected Object chainRef; + protected String chainRef; @XmlElement(name = "RuleAction") protected String ruleAction; @@ -64,10 +60,10 @@ public class Action { * * @return * possible object is - * {@link Object } + * {@link String } * */ - public Object getChainRef() { + public String getChainRef() { return chainRef; } @@ -76,10 +72,10 @@ public class Action { * * @param value * allowed object is - * {@link Object } + * {@link String } * */ - public void setChainRef(Object value) { + public void setChainRef(String value) { this.chainRef = value; } -- cgit v1.2.3 From 2f029b9cb3ebc11abe28e0b2801bacc40cb584b1 Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 3 Sep 2008 15:19:48 +0000 Subject: Just a backup of updated accesscontroller files git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@12 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../accesscontroller/AccessControllerFactory.java | 68 ++++++++++++- .../gv/egiz/bku/accesscontroller/ChainResult.java | 1 + .../bku/accesscontroller/InfoboxRuleChecker.java | 14 +++ .../gv/egiz/bku/accesscontroller/RuleChecker.java | 112 ++++++++++++++++++--- .../gv/egiz/bku/accesscontroller/ConfigTest.java | 17 ++++ .../egiz/bku/accesscontroller/RuleCheckerTest.java | 87 ++++++++++++++++ .../bku/accesscontroller/AccessControlConfig.xml | 78 ++++++++++++++ 7 files changed, 361 insertions(+), 16 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java index 9b3e563d..3b75a5f2 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java @@ -1,10 +1,38 @@ package at.gv.egiz.bku.accesscontroller; +import java.io.InputStream; import java.util.Hashtable; +import java.util.List; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.accesscontrol.config.AccessControl; +import at.gv.egiz.bku.accesscontrol.config.Chain; +import at.gv.egiz.bku.accesscontrol.config.Command; +import at.gv.egiz.bku.accesscontrol.config.ObjectFactory; +import at.gv.egiz.bku.accesscontrol.config.Rule; +import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class AccessControllerFactory { - private static AccessControllerFactory instance; + private static AccessControllerFactory instance = new AccessControllerFactory(); + private static Log log = LogFactory.getLog(AccessControllerFactory.class); + private static JAXBContext jaxbContext; + + static { + try { + jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage() + .getName()); + } catch (JAXBException e) { + log.fatal("Cannot init jaxbContext", e); + } + } private Hashtable chainTable = new Hashtable(); @@ -35,5 +63,43 @@ public class AccessControllerFactory { public void registerChainChecker(ChainChecker cc) { chainTable.put(cc.getId(), cc); } + + public RuleChecker createRuleChecker(Rule rule) { + RuleChecker rc; + Command cmd = rule.getCommand(); + if (cmd != null) { + if ((cmd.getParam() != null) && (cmd.getParam().size()>0)) { + if (cmd.getName().startsWith("Infobox")) { + rc = new InfoboxRuleChecker(rule.getId()); + } else { + throw new SLRuntimeException("Cannot handle parameters for command "+cmd.getName()); + } + } else { + rc = new RuleChecker(rule.getId()); + } + } else { + rc = new RuleChecker(rule.getId()); + } + // FIXME TODO cont. here + + + return rc; + } + + + public void init(InputStream is) throws JAXBException { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + AccessControl ac = (AccessControl) unmarshaller.unmarshal(is); + List chainList = ac.getChains().getChain(); + log.debug("Found "+chainList.size()+" chains in config"); + for (Chain chain : chainList) { + List ruleList = chain.getRules().getRule(); + log.debug("Found "+ruleList.size()+" rules in chain "+chain.getId()); + for (Rule rule : ruleList) { + //rule.g + } + } + + } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java index a534f4e5..a8fb789e 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainResult.java @@ -12,6 +12,7 @@ public class ChainResult { public ChainResult(Action action, UserAction userAction, boolean matchFound) { this.action = action; this.userAction = userAction; + this.matchFound = matchFound; } public Action getAction() { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java new file mode 100644 index 00000000..2981d24e --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java @@ -0,0 +1,14 @@ +package at.gv.egiz.bku.accesscontroller; + +/** + * Adds infobox parameter checks + * @author wbauer + * + */ +public class InfoboxRuleChecker extends RuleChecker { + + public InfoboxRuleChecker(String id) { + super(id); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java index bf46034d..c59f5b70 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java @@ -1,23 +1,36 @@ package at.gv.egiz.bku.accesscontroller; +import java.net.InetAddress; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.UnknownHostException; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.bku.slcommands.SLCommand; import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class RuleChecker implements AccessChecker { - + private static Log log = LogFactory.getLog(RuleChecker.class); - - public static enum PEER_TYPE {HOST, IP, URL}; + + public static enum PEER_TYPE { + HOST, IP, URL + }; protected String id; protected AuthenticationClass authenticationClass; protected String commandName; + protected Pattern commandNamePattern; protected String peerId; + protected Pattern peerIdPattern; protected PEER_TYPE peerType; protected Action action; protected UserAction userAction; + protected String chainId; public RuleChecker(String id) { if (id == null) { @@ -27,43 +40,112 @@ public class RuleChecker implements AccessChecker { } public void setAuthenticationClass(String ac) { - AuthenticationClass tmp = AuthenticationClass.fromString(ac); + AuthenticationClass tmp = AuthenticationClass.fromString(ac); if (tmp == null) { - throw new SLRuntimeException("Unknown authentication class "+ac); + throw new SLRuntimeException("Unknown authentication class " + ac); } authenticationClass = tmp; } - + public void setAction(String ac) { Action tmp = Action.fromString(ac); if (tmp == null) { - throw new SLRuntimeException("Unknown action "+ac); + throw new SLRuntimeException("Unknown action " + ac); } action = tmp; } - + public void setUserAction(String uac) { - UserAction tmp = UserAction.fromString(uac); + UserAction tmp = UserAction.fromString(uac); if (tmp == null) { - throw new SLRuntimeException("Unknown user action "+uac); + throw new SLRuntimeException("Unknown user action " + uac); } userAction = tmp; } - + + public void setChainId(String chainId) { + this.chainId = chainId; + } + public void setPeerId(String peerId, PEER_TYPE type) { this.peerType = type; this.peerId = peerId; + peerIdPattern = Pattern.compile(peerId); } - + + public void setCommandName(String commandName) { + this.commandName = commandName; + commandNamePattern = Pattern.compile(commandName); + } + public String getId() { return id; } + protected boolean matchAuthenticationClass(AuthenticationClass cls) { + if (this.authenticationClass == null) { + return true; + } + return this.authenticationClass.compareTo(cls) <= 0; + } + + protected boolean matchCommandName(SLCommand cmd) { + if (commandName == null) { + return true; + } + Matcher matcher = commandNamePattern.matcher(cmd.getName()); + return matcher.matches(); + } + + protected boolean matchPeerId(String peerUrl) { + if (peerId == null) { + return true; + } + if (peerType == PEER_TYPE.URL) { + Matcher matcher = peerIdPattern.matcher(peerUrl); + return matcher.matches(); + } else { + try { + URL url = new URL(peerUrl); + if (peerType == PEER_TYPE.HOST) { + try { + String host = url.getHost(); + String hostName = InetAddress.getByName(host).getCanonicalHostName(); + Matcher matcher = peerIdPattern.matcher(hostName); + return matcher.matches(); + } catch (UnknownHostException e) { + log.error("Cannot resolve hostname", e); + return false; + } + } else { + try { + String hostAddr = InetAddress.getByName(url.getHost()) + .getHostAddress(); + Matcher matcher = peerIdPattern.matcher(hostAddr); + return matcher.matches(); + } catch (UnknownHostException e) { + log.error("Cannot resolve host address", e); + return false; + } + } + } catch (MalformedURLException e) { + log.error("Cannot parse url", e); + return false; + } + } + } + @Override public RuleResult check(AccessCheckerContext checkCtx) { - log.debug("Processing rule: "+id); - // TODO Auto-generated method stub - return null; + log.debug("Processing rule: " + id); + if (matchAuthenticationClass(checkCtx.getAuthenticationClass()) + && matchCommandName(checkCtx.getCommand()) + && matchPeerId(checkCtx.getPeerUrl())) { + log.debug("Match found for rule: " + id); + return new RuleResult(action, userAction, true, chainId); + } + log.debug("No match found for rule: " + id); + return new RuleResult(action, userAction, false, chainId); } } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java new file mode 100644 index 00000000..b53db264 --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java @@ -0,0 +1,17 @@ +package at.gv.egiz.bku.accesscontroller; + +import javax.xml.bind.JAXBException; + +import org.junit.Test; + +public class ConfigTest { + + public final static String RESOURCE = "at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml"; + + @Test + public void testUnmarshall() throws JAXBException { + AccessControllerFactory.getInstance().init( + getClass().getClassLoader().getResourceAsStream(RESOURCE)); + } + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java new file mode 100644 index 00000000..88f1490c --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java @@ -0,0 +1,87 @@ +package at.gv.egiz.bku.accesscontroller; + +import org.junit.Before; +import org.junit.Test; + +import at.gv.egiz.bku.accesscontroller.RuleChecker.PEER_TYPE; +import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl; +import at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl; +import static org.junit.Assert.*; + +public class RuleCheckerTest { + + protected RuleChecker onlyAuthChecker; + protected RuleChecker onlyCmdChecker; + protected RuleChecker onlyPeerChecker; + + @Before + public void setUp() { + onlyAuthChecker = new RuleChecker("OnlyAuthChecker"); + onlyAuthChecker.setAction("allow"); + onlyAuthChecker.setUserAction("none"); + onlyAuthChecker.setAuthenticationClass("pseudoanonymous"); + onlyCmdChecker = new RuleChecker("OnlyCmdChecker"); + onlyCmdChecker.setAction("allow"); + onlyCmdChecker.setCommandName("InfoboxReadRequest"); + onlyPeerChecker = new RuleChecker("OnlyPeerChecker"); + onlyPeerChecker.setAction("allow"); + onlyPeerChecker.setPeerId("https://129.27.142..*", PEER_TYPE.URL); + } + + @Test + public void testAuthClass() { + AccessCheckerContext ctx = new AccessCheckerContext(null, + AuthenticationClass.ANONYMOUS, null); + RuleResult rr = onlyAuthChecker.check(ctx); + assertFalse(rr.matchFound()); + ctx = new AccessCheckerContext(null, AuthenticationClass.PSEUDO_ANONYMOUS, + null); + rr = onlyAuthChecker.check(ctx); + assertTrue(rr.matchFound()); + ctx = new AccessCheckerContext(null, AuthenticationClass.CERTIFIED, null); + rr = onlyAuthChecker.check(ctx); + assertTrue(rr.matchFound()); + } + + @Test + public void testCmd() { + AccessCheckerContext ctx = new AccessCheckerContext( + new InfoboxReadCommandImpl(), null, null); + RuleResult rr = onlyCmdChecker.check(ctx); + assertTrue(rr.matchFound()); + onlyCmdChecker.setCommandName("Info.*"); + rr = onlyCmdChecker.check(ctx); + assertTrue(rr.matchFound()); + ctx = new AccessCheckerContext(new NullOperationCommandImpl(), null, null); + rr = onlyCmdChecker.check(ctx); + assertFalse(rr.matchFound()); + onlyCmdChecker.setCommandName(".*"); + rr = onlyCmdChecker.check(ctx); + assertTrue(rr.matchFound()); + } + + @Test + public void testPeerId() { + AccessCheckerContext ctx = new AccessCheckerContext(null, null, + "https://129.27.142.20:80/index.html"); + RuleResult rr = onlyPeerChecker.check(ctx); + assertTrue(rr.matchFound()); + + ctx = new AccessCheckerContext(null, null, + "https://129.27.14.20:80/index.html"); + rr = onlyPeerChecker.check(ctx); + assertFalse(rr.matchFound()); + + onlyPeerChecker.setPeerId(".*.iaik..*", PEER_TYPE.HOST); + ctx = new AccessCheckerContext(null, null, + "https://129.27.142.20:80/index.html"); + rr = onlyPeerChecker.check(ctx); + assertTrue(rr.matchFound()); + + onlyPeerChecker.setPeerId("129.27.142..*", PEER_TYPE.IP); + ctx = new AccessCheckerContext(null, null, "https://www.iaik.tugraz.at:80/"); + rr = onlyPeerChecker.check(ctx); + assertTrue(rr.matchFound()); + } + +} diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml new file mode 100644 index 00000000..2455d68d --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml @@ -0,0 +1,78 @@ + + + + + + + certifiedGovAgency + + + allow + + confirm + + + pseudoanonymous + + + Command + + none + + + anonymous + 127.0.0.1 + + Command + + none + + + anonymous + *.gv.at + + allow + + confirm + + + + + + + certified + + + IdentityLink + * + + + allow + + confirm + + + certified + https://finanzonline.bmf.gv.at/* + + Mandates + * + + + allow + + info + + + certified + + + + allow + + none + + + + + -- cgit v1.2.3 From e0f2c64ad6360e2ecec983cb5e0a60f812672106 Mon Sep 17 00:00:00 2001 From: wbauer Date: Thu, 4 Sep 2008 14:56:54 +0000 Subject: finished access controller, accessed it from command invoker and configured everything within onlinebku git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@14 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../egiz/bku/local/webapp/BKURequestHandler.java | 194 ++- .../accesscontroller/SpringSecurityManager.java | 48 + .../at/gv/egiz/bku/online/conf/Configurator.java | 47 +- .../egiz/bku/online/conf/SpringConfigurator.java | 27 + .../egiz/bku/online/webapp/BKURequestHandler.java | 177 ++- .../egiz/bku/online/conf/accessControlConfig.xml | 98 ++ .../gv/egiz/bku/online/conf/defaultConf.properties | 3 + .../src/main/webapp/WEB-INF/applicationContext.xml | 92 +- .../main/webapp/applet/BKUApplet-1.0-SNAPSHOT.jar | Bin 0 -> 132767 bytes .../main/webapp/applet/commons-logging-1.1.1.jar | Bin 0 -> 60686 bytes .../src/main/webapp/applet/iaik_jce_me4se-3.04.jar | Bin 0 -> 99061 bytes STALService/META-INF/MANIFEST.MF | 3 + .../accesscontroller/AccessControllerFactory.java | 76 +- .../gv/egiz/bku/accesscontroller/ChainChecker.java | 6 +- .../bku/accesscontroller/CommandParamChecker.java | 52 + .../bku/accesscontroller/InfoboxParamChecker.java | 58 + .../bku/accesscontroller/InfoboxRuleChecker.java | 14 - .../gv/egiz/bku/accesscontroller/RuleChecker.java | 72 +- .../accesscontroller/SecurityManagerFacade.java | 102 ++ .../egiz/bku/binding/BindingProcessorManager.java | 15 +- .../bku/binding/BindingProcessorManagerImpl.java | 20 +- .../at/gv/egiz/bku/binding/DataUrlConnection.java | 17 +- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 7 +- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 1634 ++++++++++---------- .../gv/egiz/bku/binding/SLCommandInvokerImpl.java | 157 +- .../gv/egiz/bku/slcommands/InfoboxReadCommand.java | 10 +- .../gv/egiz/bku/slcommands/SLCommandInvoker.java | 7 +- .../at/gv/egiz/bku/slcommands/SLSourceContext.java | 11 +- .../at/gv/egiz/bku/slcommands/SLTargetContext.java | 13 +- .../slcommands/impl/InfoboxReadCommandImpl.java | 7 +- .../gv/egiz/bku/accesscontroller/ConfigTest.java | 91 +- .../bku/binding/BindingProcessorManagerTest.java | 12 +- .../gv/egiz/bku/binding/DataUrlConnectionTest.java | 22 +- .../at/gv/egiz/bku/binding/ExpiryRemoverTest.java | 10 +- .../egiz/bku/binding/HttpBindingProcessorTest.java | 2 +- .../egiz/bku/binding/MultipartSLRequestTest.java | 5 +- .../at/gv/egiz/bku/binding/NullOperationTest.java | 5 +- .../gv/egiz/bku/binding/TestDataUrlConnection.java | 7 +- .../bku/accesscontroller/AccessControlConfig.xml | 6 +- .../egiz/bku/accesscontroller/SimpleChainTest.xml | 39 + 40 files changed, 1907 insertions(+), 1259 deletions(-) create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties create mode 100644 BKUOnline/src/main/webapp/applet/BKUApplet-1.0-SNAPSHOT.jar create mode 100644 BKUOnline/src/main/webapp/applet/commons-logging-1.1.1.jar create mode 100644 BKUOnline/src/main/webapp/applet/iaik_jce_me4se-3.04.jar create mode 100644 STALService/META-INF/MANIFEST.MF create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/CommandParamChecker.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxParamChecker.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/SecurityManagerFacade.java create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/SimpleChainTest.xml (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java index 8529949d..f19b86b5 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -1,100 +1,96 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.webapp; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Locale; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.web.HttpRequestHandler; - -import at.gv.egiz.bku.binding.BindingProcessorManager; -import at.gv.egiz.bku.binding.HTTPBindingProcessor; -import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.bku.utils.StreamUtil; -import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; - -public abstract class BKURequestHandler extends HttpServlet { - - public final static String ENCODING = "UTF-8"; - - protected Log log = LogFactory.getLog(BKURequestHandler.class); - - protected abstract BindingProcessorManager getBindingProcessorManager(); - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, java.io.IOException { - log.debug("Got new request"); - String lang = req.getHeader("Accept-Language"); - Locale locale = AcceptLanguage.getLocale(lang); - log.debug("Using locale: "+locale); - HTTPBindingProcessor bindingProcessor; - if (req.isSecure()) { - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor("https", null, locale); - } else { - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor("http", null, locale); - } - Map headerMap = new HashMap(); - for (Enumeration headerName = req.getHeaderNames(); headerName - .hasMoreElements();) { - String header = headerName.nextElement(); - if (header != null) { - headerMap.put(header, req.getHeader(header)); - } - } - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, req.getContentType()+";"+req.getCharacterEncoding()); - bindingProcessor.setHTTPHeaders(headerMap); - bindingProcessor.consumeRequestStream(req.getInputStream()); - - // fixxme just for testing - bindingProcessor.run(); - if (bindingProcessor.getRedirectURL() != null) { - resp.sendRedirect(bindingProcessor.getRedirectURL()); - return; - } - resp.setStatus(bindingProcessor.getResponseCode()); - for (Iterator it = bindingProcessor.getResponseHeaders().keySet() - .iterator(); it.hasNext();) { - String header = it.next(); - resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); - } - resp.setContentType(bindingProcessor.getResultContentType()); - resp.setCharacterEncoding(ENCODING); - bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); - req.getInputStream().close(); - resp.getOutputStream().flush(); - resp.getOutputStream().close(); - log.debug("Finished Request"); - } - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, java.io.IOException { - doPost(req, resp); - } -} + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import java.io.IOException; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.web.HttpRequestHandler; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; + +public abstract class BKURequestHandler extends HttpServlet { + + public final static String ENCODING = "UTF-8"; + + protected Log log = LogFactory.getLog(BKURequestHandler.class); + + protected abstract BindingProcessorManager getBindingProcessorManager(); + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + log.debug("Got new request"); + String lang = req.getHeader("Accept-Language"); + Locale locale = AcceptLanguage.getLocale(lang); + log.debug("Using locale: " + locale); + HTTPBindingProcessor bindingProcessor; + bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() + .createBindingProcessor(req.getRequestURL().toString(), null, locale); + Map headerMap = new HashMap(); + for (Enumeration headerName = req.getHeaderNames(); headerName + .hasMoreElements();) { + String header = headerName.nextElement(); + if (header != null) { + headerMap.put(header, req.getHeader(header)); + } + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, req.getContentType() + ";" + + req.getCharacterEncoding()); + bindingProcessor.setHTTPHeaders(headerMap); + bindingProcessor.consumeRequestStream(req.getInputStream()); + + // fixxme just for testing + bindingProcessor.run(); + if (bindingProcessor.getRedirectURL() != null) { + resp.sendRedirect(bindingProcessor.getRedirectURL()); + return; + } + resp.setStatus(bindingProcessor.getResponseCode()); + for (Iterator it = bindingProcessor.getResponseHeaders().keySet() + .iterator(); it.hasNext();) { + String header = it.next(); + resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); + } + resp.setContentType(bindingProcessor.getResultContentType()); + resp.setCharacterEncoding(ENCODING); + bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); + req.getInputStream().close(); + resp.getOutputStream().flush(); + resp.getOutputStream().close(); + log.debug("Finished Request"); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + doPost(req, resp); + } +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java new file mode 100644 index 00000000..404e254e --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java @@ -0,0 +1,48 @@ +package at.gv.egiz.bku.online.accesscontroller; + +import java.io.IOException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ResourceLoaderAware; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; + +import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; +import at.gv.egiz.bku.online.conf.Configurator; + +public class SpringSecurityManager extends SecurityManagerFacade implements + ResourceLoaderAware { + + private ResourceLoader resourceLoader; + + private static Log log = LogFactory.getLog(SpringSecurityManager.class); + + protected Configurator config; + + public void setConfig(Configurator config) { + this.config = config; + } + + public void init() { + String noMatch = config.getProperty("AccessController.acceptNoMatch"); + if (noMatch != null) { + log.debug("Setting allow now match to: " + noMatch); + setAllowUnmatched(Boolean.getBoolean(noMatch)); + } + String policy = config.getProperty("AccessController.policyResource"); + log.info("Loading resource: " + policy); + try { + Resource res = resourceLoader.getResource(policy); + init(res.getInputStream()); + } catch (IOException e) { + log.error(e); + } + } + + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } + +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java index 0cb717c4..f51335e1 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java @@ -16,29 +16,31 @@ */ package at.gv.egiz.bku.online.conf; -import iaik.security.ecc.provider.ECCProvider; -import iaik.xml.crypto.XSecProvider; - -import java.net.HttpURLConnection; -import java.security.Provider; -import java.security.Security; - -import javax.net.ssl.HttpsURLConnection; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; +import iaik.security.ecc.provider.ECCProvider; +import iaik.xml.crypto.XSecProvider; + +import java.net.HttpURLConnection; +import java.security.Provider; +import java.security.Security; +import java.util.Properties; + +import javax.net.ssl.HttpsURLConnection; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; /** * * TODO currently only the code to get started. */ public class Configurator { - private Log log = LogFactory.getLog(Configurator.class); + private Log log = LogFactory.getLog(Configurator.class); + + protected Properties properties; public Configurator() { - configure(); } protected void configUrlConnections() { @@ -63,7 +65,18 @@ public class Configurator { public void configure() { configureProviders(); configUrlConnections(); - } - + + public void setConfiguration(Properties props) { + this.properties = props; + configure(); + } + + public String getProperty(String key) { + if (properties != null) { + return properties.getProperty(key); + } + return null; + } + } diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java new file mode 100644 index 00000000..96588d7d --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -0,0 +1,27 @@ +package at.gv.egiz.bku.online.conf; + +import java.io.IOException; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.core.io.Resource; + +public class SpringConfigurator extends Configurator { + + private final static Log log = LogFactory.getLog(SpringConfigurator.class); + + public void setResource(Resource resource) { + log.debug("Loading config from: " + resource); + if (resource != null) { + Properties props = new Properties(); + try { + props.load(resource.getInputStream()); + super.setConfiguration(props); + } catch (IOException e) { + log.error("Cannot load config", e); + } + } + } + +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index 53a7c164..20320d8e 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -1,91 +1,88 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.online.webapp; - -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Locale; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.binding.HTTPBindingProcessor; -import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; - -/** - * Handles SL requests and instantiates BindingProcessors - * - */ -public class BKURequestHandler extends SpringBKUServlet { - - public final static String REDIRECT_URL ="appletPage.jsp"; - - protected Log log = LogFactory.getLog(BKURequestHandler.class); - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, java.io.IOException { - log.debug("Got new request"); - String lang = req.getHeader("Accept-Language"); - Locale locale = AcceptLanguage.getLocale(lang); - log.debug("Using locale: "+locale); - HttpSession session = req.getSession(); - if (session != null) { - session.invalidate(); - } - String id = req.getSession(true).getId(); - log.debug("Using session id: "+id); - HTTPBindingProcessor bindingProcessor; - if (req.isSecure()) { - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor("https", id, locale); - } else { - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor("http", id, locale); - } - Map headerMap = new HashMap(); - for (Enumeration headerName = req.getHeaderNames(); headerName - .hasMoreElements();) { - String header = headerName.nextElement(); - if (header != null) { - headerMap.put(header, req.getHeader(header)); - } - } - String charset = req.getCharacterEncoding(); - String contentType = req.getContentType(); - if (charset != null) { - contentType += ";"+charset; - } - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); - bindingProcessor.setHTTPHeaders(headerMap); - bindingProcessor.consumeRequestStream(req.getInputStream()); - req.getInputStream().close(); - getBindingProcessorManager().process(bindingProcessor); - resp.sendRedirect(REDIRECT_URL); - } - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, java.io.IOException { - doPost(req, resp); - } -} + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.webapp; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; + +/** + * Handles SL requests and instantiates BindingProcessors + * + */ +public class BKURequestHandler extends SpringBKUServlet { + + public final static String REDIRECT_URL = "appletPage.jsp"; + + protected Log log = LogFactory.getLog(BKURequestHandler.class); + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + log.debug("Got new request"); + String lang = req.getHeader("Accept-Language"); + Locale locale = AcceptLanguage.getLocale(lang); + log.debug("Using locale: " + locale); + HttpSession session = req.getSession(); + if (session != null) { + session.invalidate(); + } + String id = req.getSession(true).getId(); + log.debug("Using session id: " + id); + HTTPBindingProcessor bindingProcessor; + + bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() + .createBindingProcessor(req.getRequestURL().toString(), id, locale); + + Map headerMap = new HashMap(); + for (Enumeration headerName = req.getHeaderNames(); headerName + .hasMoreElements();) { + String header = headerName.nextElement(); + if (header != null) { + headerMap.put(header, req.getHeader(header)); + } + } + String charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + bindingProcessor.setHTTPHeaders(headerMap); + bindingProcessor.consumeRequestStream(req.getInputStream()); + req.getInputStream().close(); + getBindingProcessorManager().process(bindingProcessor); + resp.sendRedirect(REDIRECT_URL); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + doPost(req, resp); + } +} diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml new file mode 100644 index 00000000..15d62155 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml @@ -0,0 +1,98 @@ + + + + + + + certifiedGovAgency + + + allow + + confirm + + + pseudoanonymous + + + Command + + none + + + anonymous + 127.0.0.1 + + Command + + none + + + anonymous + $.gv.at + + allow + + confirm + + + + + + + certified + + + IdentityLink + .* + + + allow + + confirm + + + certified + https://finanzonline.bmf.gv.at/* + + + Mandates + .* + + + allow + + info + + + certified + + + + allow + + none + + + anonymous + + + 127.0.0.1 + + allow + + none + + + + + + + + allow + + + + + + diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties new file mode 100644 index 00000000..12deac35 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -0,0 +1,3 @@ +# Configuration for online CCE +AccessController.acceptUnmatched=false +AccessController.policyResource=classpath:at/gv/egiz/bku/online/conf/accessControlConfig.xml \ No newline at end of file diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index 7a2f12b8..c5da25c0 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -1,43 +1,53 @@ - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/BKUOnline/src/main/webapp/applet/BKUApplet-1.0-SNAPSHOT.jar b/BKUOnline/src/main/webapp/applet/BKUApplet-1.0-SNAPSHOT.jar new file mode 100644 index 00000000..986842db Binary files /dev/null and b/BKUOnline/src/main/webapp/applet/BKUApplet-1.0-SNAPSHOT.jar differ diff --git a/BKUOnline/src/main/webapp/applet/commons-logging-1.1.1.jar b/BKUOnline/src/main/webapp/applet/commons-logging-1.1.1.jar new file mode 100644 index 00000000..1deef144 Binary files /dev/null and b/BKUOnline/src/main/webapp/applet/commons-logging-1.1.1.jar differ diff --git a/BKUOnline/src/main/webapp/applet/iaik_jce_me4se-3.04.jar b/BKUOnline/src/main/webapp/applet/iaik_jce_me4se-3.04.jar new file mode 100644 index 00000000..f2173562 Binary files /dev/null and b/BKUOnline/src/main/webapp/applet/iaik_jce_me4se-3.04.jar differ diff --git a/STALService/META-INF/MANIFEST.MF b/STALService/META-INF/MANIFEST.MF new file mode 100644 index 00000000..5e949512 --- /dev/null +++ b/STALService/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java index 3b75a5f2..cd837cd7 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AccessControllerFactory.java @@ -15,8 +15,9 @@ import at.gv.egiz.bku.accesscontrol.config.AccessControl; import at.gv.egiz.bku.accesscontrol.config.Chain; import at.gv.egiz.bku.accesscontrol.config.Command; import at.gv.egiz.bku.accesscontrol.config.ObjectFactory; +import at.gv.egiz.bku.accesscontrol.config.Param; import at.gv.egiz.bku.accesscontrol.config.Rule; -import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl; +import at.gv.egiz.bku.accesscontroller.RuleChecker.PEER_TYPE; import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class AccessControllerFactory { @@ -24,6 +25,8 @@ public class AccessControllerFactory { private static AccessControllerFactory instance = new AccessControllerFactory(); private static Log log = LogFactory.getLog(AccessControllerFactory.class); private static JAXBContext jaxbContext; + public static String INPUT_CHAIN = "InputChain"; + public static String OUTPUT_CHAIN = "OutputChain"; static { try { @@ -63,43 +66,72 @@ public class AccessControllerFactory { public void registerChainChecker(ChainChecker cc) { chainTable.put(cc.getId(), cc); } - + + public CommandParamChecker createParamChecker(String cmd) { + if ((cmd != null) && (cmd.startsWith("Infobox"))) { + return new InfoboxParamChecker(); + } else { + return null; + } + } + public RuleChecker createRuleChecker(Rule rule) { RuleChecker rc; + rc = new RuleChecker(rule.getId()); Command cmd = rule.getCommand(); if (cmd != null) { - if ((cmd.getParam() != null) && (cmd.getParam().size()>0)) { - if (cmd.getName().startsWith("Infobox")) { - rc = new InfoboxRuleChecker(rule.getId()); - } else { - throw new SLRuntimeException("Cannot handle parameters for command "+cmd.getName()); - } - } else { - rc = new RuleChecker(rule.getId()); + rc.setCommandName(cmd.getName()); + for (Param p : cmd.getParam()) { + rc.addParameter(p.getName(), p.getValue()); } - } else { - rc = new RuleChecker(rule.getId()); } - // FIXME TODO cont. here - - - return rc; + rc.setAuthenticationClass(rule.getAuthClass()); + if (rule.getIPv4Address() != null) { + rc.setPeerId(rule.getIPv4Address(), PEER_TYPE.IP); + } else if (rule.getDomainName() != null) { + rc.setPeerId(rule.getDomainName(), PEER_TYPE.HOST); + } else if (rule.getURL() != null) { + rc.setPeerId(rule.getURL(), PEER_TYPE.URL); + } + rc.setAction(rule.getAction().getRuleAction()); + rc.setChainId(rule.getAction().getChainRef()); + rc.setUserAction(rule.getUserInteraction()); + return rc; } - - + public void init(InputStream is) throws JAXBException { + chainTable.clear(); Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); AccessControl ac = (AccessControl) unmarshaller.unmarshal(is); List chainList = ac.getChains().getChain(); - log.debug("Found "+chainList.size()+" chains in config"); + log.debug("Found " + chainList.size() + " chains in config"); for (Chain chain : chainList) { + log.trace("Creating chain: " + chain.getId()); + ChainChecker cc = createChainChecker(chain.getId(), false); List ruleList = chain.getRules().getRule(); - log.debug("Found "+ruleList.size()+" rules in chain "+chain.getId()); + log + .debug("Found " + ruleList.size() + " rules in chain " + + chain.getId()); for (Rule rule : ruleList) { - //rule.g + log.trace("Creating rule: " + rule.getId()); + cc.addRule(createRuleChecker(rule)); + } + registerChainChecker(cc); + } + validate(); + } + + private void validate() { + for (ChainChecker chain : chainTable.values()) { + for (RuleChecker rule : chain.getRules()) { + if (rule.getChainId() != null) { + log.trace("Checking reference to chain: "+rule.getChainId()); + if (getChainChecker(rule.getChainId()) == null) { + throw new SLRuntimeException("Invalid reference to unknown chain: "+rule.getChainId()); + } + } } } - } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java index 242d9b02..a290fe8d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/ChainChecker.java @@ -1,5 +1,6 @@ package at.gv.egiz.bku.accesscontroller; +import java.util.Collections; import java.util.LinkedList; import java.util.List; @@ -35,6 +36,10 @@ public class ChainChecker implements AccessChecker { rules.add(rule); } } + + public List getRules() { + return Collections.unmodifiableList(rules); + } @Override public ChainResult check(AccessCheckerContext checkCtx) throws SLException { @@ -43,7 +48,6 @@ public class ChainChecker implements AccessChecker { log.trace("Checking rule: "+rule.getId()); RuleResult result = rule.check(checkCtx); if (result.matchFound()) { - log.debug("Found matching rule: "+rule.getId()); if (result.getDelegateChainId() != null) { // process chain ChainChecker cc = AccessControllerFactory.getInstance().getChainChecker(result.getDelegateChainId()); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/CommandParamChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/CommandParamChecker.java new file mode 100644 index 00000000..3927c3c9 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/CommandParamChecker.java @@ -0,0 +1,52 @@ +package at.gv.egiz.bku.accesscontroller; + +import java.util.LinkedList; +import java.util.List; + +import at.gv.egiz.bku.slcommands.SLCommand; + +public abstract class CommandParamChecker { + + protected List> paramList = new LinkedList>(); + + public static class Tupel { + private T key; + private Q val; + + public Tupel(T key, Q val) { + if ((key == null) || (val == null)) { + throw new NullPointerException("Tupel key and value must not be null"); + } + this.key = key; + this.val = val; + } + + public T getKey() { + return key; + } + + public Q getVal() { + return val; + } + + @SuppressWarnings("unchecked") + public boolean equals(Object other) { + if (other instanceof Tupel) { + Tupel ot = (Tupel) other; + return (key.equals(ot.key) && val.equals(ot.val)); + } + return false; + } + + public int hashCode() { + return key.hashCode(); + } + } + + public void addParameter(String key, String value) { + paramList.add(new Tupel(key, value)); + } + + public abstract boolean checkParameter(SLCommand cmd); + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxParamChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxParamChecker.java new file mode 100644 index 00000000..33689ae0 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxParamChecker.java @@ -0,0 +1,58 @@ +package at.gv.egiz.bku.accesscontroller; + +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.InfoboxReadCommand; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +public class InfoboxParamChecker extends CommandParamChecker { + private static Log log = LogFactory.getLog(InfoboxParamChecker.class); + + public final static String INFOBOX_ID = "InfoboxIdentifier"; + public final static String PERSON_ID = "PersonIdentifier"; + public final static String DERIVED = "derived"; + + @Override + public boolean checkParameter(SLCommand cmd) { + if (paramList.size() == 0) { + return true; + } + + if (cmd instanceof InfoboxReadCommand) { + InfoboxReadCommand irc = (InfoboxReadCommand) cmd; + for (Tupel param : paramList) { + if (param.getKey().equals(INFOBOX_ID)) { + if (!param.getVal().equals(irc.getInfoboxIdentifier())) { + return false; + } + } else if (param.getKey().equals(PERSON_ID)) { + if (param.getVal().equals(DERIVED)) { + if (irc.getIdentityLinkDomainId() == null) { + return false; + } + } else { + Pattern p = Pattern.compile(param.getVal()); + Matcher m = p.matcher(irc.getIdentityLinkDomainId()); + if (!m.matches()) { + return false; + } + } + + } else { + throw new SLRuntimeException("Cannot handle parameter " + + param.getKey()); + } + } + return true; + } else { + log.error("Cannot handle parameter for command: " + cmd.getName()); + throw new SLRuntimeException("Cannot handle parameters for command: " + + cmd.getName()); + } + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java deleted file mode 100644 index 2981d24e..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/InfoboxRuleChecker.java +++ /dev/null @@ -1,14 +0,0 @@ -package at.gv.egiz.bku.accesscontroller; - -/** - * Adds infobox parameter checks - * @author wbauer - * - */ -public class InfoboxRuleChecker extends RuleChecker { - - public InfoboxRuleChecker(String id) { - super(id); - } - -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java index c59f5b70..b0bf7fac 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/RuleChecker.java @@ -31,6 +31,7 @@ public class RuleChecker implements AccessChecker { protected Action action; protected UserAction userAction; protected String chainId; + protected CommandParamChecker paramChecker; public RuleChecker(String id) { if (id == null) { @@ -40,27 +41,33 @@ public class RuleChecker implements AccessChecker { } public void setAuthenticationClass(String ac) { - AuthenticationClass tmp = AuthenticationClass.fromString(ac); - if (tmp == null) { - throw new SLRuntimeException("Unknown authentication class " + ac); + if (ac != null) { + AuthenticationClass tmp = AuthenticationClass.fromString(ac); + if (tmp == null) { + throw new SLRuntimeException("Unknown authentication class " + ac); + } + authenticationClass = tmp; } - authenticationClass = tmp; } public void setAction(String ac) { - Action tmp = Action.fromString(ac); - if (tmp == null) { - throw new SLRuntimeException("Unknown action " + ac); + if (ac != null) { + Action tmp = Action.fromString(ac); + if (tmp == null) { + throw new SLRuntimeException("Unknown action " + ac); + } + action = tmp; } - action = tmp; } public void setUserAction(String uac) { - UserAction tmp = UserAction.fromString(uac); - if (tmp == null) { - throw new SLRuntimeException("Unknown user action " + uac); + if (uac != null) { + UserAction tmp = UserAction.fromString(uac); + if (tmp == null) { + throw new SLRuntimeException("Unknown user action " + uac); + } + userAction = tmp; } - userAction = tmp; } public void setChainId(String chainId) { @@ -76,6 +83,22 @@ public class RuleChecker implements AccessChecker { public void setCommandName(String commandName) { this.commandName = commandName; commandNamePattern = Pattern.compile(commandName); + paramChecker = AccessControllerFactory.getInstance().createParamChecker( + commandName); + } + + /** + * Make sure to set the commandName first + * + * @param key + * @param value + */ + public void addParameter(String key, String value) { + if (paramChecker == null) { + throw new IllegalArgumentException("Cannot set parameters for command " + + commandName); + } + paramChecker.addParameter(key, value); } public String getId() { @@ -83,22 +106,30 @@ public class RuleChecker implements AccessChecker { } protected boolean matchAuthenticationClass(AuthenticationClass cls) { - if (this.authenticationClass == null) { + if ((this.authenticationClass == null) || (cls == null)) { return true; } return this.authenticationClass.compareTo(cls) <= 0; } protected boolean matchCommandName(SLCommand cmd) { - if (commandName == null) { + if ((commandName == null) || (cmd == null)) { return true; } Matcher matcher = commandNamePattern.matcher(cmd.getName()); - return matcher.matches(); + if (matcher.matches()) { + if (paramChecker != null) { + return paramChecker.checkParameter(cmd); + } else { + return true; + } + } else { + return false; + } } protected boolean matchPeerId(String peerUrl) { - if (peerId == null) { + if ((peerId == null) || (peerUrl == null)) { return true; } if (peerType == PEER_TYPE.URL) { @@ -110,7 +141,8 @@ public class RuleChecker implements AccessChecker { if (peerType == PEER_TYPE.HOST) { try { String host = url.getHost(); - String hostName = InetAddress.getByName(host).getCanonicalHostName(); + String hostName = InetAddress.getByName(host) + .getCanonicalHostName(); Matcher matcher = peerIdPattern.matcher(hostName); return matcher.matches(); } catch (UnknownHostException e) { @@ -143,9 +175,13 @@ public class RuleChecker implements AccessChecker { && matchPeerId(checkCtx.getPeerUrl())) { log.debug("Match found for rule: " + id); return new RuleResult(action, userAction, true, chainId); - } + } log.debug("No match found for rule: " + id); return new RuleResult(action, userAction, false, chainId); } + public String getChainId() { + return chainId; + } + } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/SecurityManagerFacade.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/SecurityManagerFacade.java new file mode 100644 index 00000000..32242772 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/SecurityManagerFacade.java @@ -0,0 +1,102 @@ +package at.gv.egiz.bku.accesscontroller; + +import java.io.InputStream; + +import javax.xml.bind.JAXBException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLSourceContext; +import at.gv.egiz.bku.slcommands.SLTargetContext; + +/** + * Facade for the access controller + */ +public class SecurityManagerFacade { + + private static Log log = LogFactory.getLog(SecurityManagerFacade.class); + + private boolean allowUnmatched = false; + private ChainChecker inputFilter = null; + private ChainChecker outputFilter = null; + + public boolean mayInvokeCommand(SLCommand cmd, SLSourceContext ctx) { + if (inputFilter != null) { + AuthenticationClass ac = AuthenticationClassifier.getAuthenticationClass( + ctx.isSourceIsDataURL(), ctx.getSourceUrl(), ctx + .getSourceCertificate()); + AccessCheckerContext acc = new AccessCheckerContext(cmd, ac, ctx + .getSourceUrl().toString()); + try { + ChainResult cr = inputFilter.check(acc); + if (cr.matchFound()) { + if (cr.getAction() == Action.ALLOW) { + return true; + } else { + return false; + } + } else { + return allowUnmatched; + } + } catch (Exception e) { + log.error(e); + return false; + } + } else { + log.warn("No input chain defined"); + return allowUnmatched; + } + } + + public boolean maySendResult(SLCommand cmd, SLTargetContext ctx) { + if (outputFilter != null) { + AuthenticationClass ac = AuthenticationClassifier.getAuthenticationClass( + ctx.isTargetIsDataURL(), ctx.getTargetUrl(), ctx + .getTargetCertificate()); + AccessCheckerContext acc = new AccessCheckerContext(cmd, ac, ctx + .getTargetUrl().toString()); + try { + ChainResult cr = outputFilter.check(acc); + if (cr.matchFound()) { + if (cr.getAction() == Action.ALLOW) { + return true; + } else { + return false; + } + } else { + return allowUnmatched; + } + } catch (Exception e) { + log.error(e); + return false; + } + } else { + log.warn("No output chain defined"); + return allowUnmatched; + } + } + + /** + * Default policy if not match was found + * + * @param allow + */ + public void setAllowUnmatched(boolean allow) { + this.allowUnmatched = allow; + } + + public void init(InputStream is) { + inputFilter = null; + outputFilter = null; + AccessControllerFactory fab = AccessControllerFactory.getInstance(); + try { + fab.init(is); + } catch (JAXBException e) { + log.error(e); + } + inputFilter = fab.getChainChecker(AccessControllerFactory.INPUT_CHAIN); + outputFilter = fab.getChainChecker(AccessControllerFactory.OUTPUT_CHAIN); + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java index a4e5bd90..ed37f08f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.binding; +import java.net.MalformedURLException; import java.util.Locale; import java.util.Set; @@ -34,28 +35,28 @@ public interface BindingProcessorManager { * FactoryMethod creating a new BindingProcessor object. * The created binding processor must be passed to the process method to execute. * - * @param protcol - * the transport binding protocol + * @param urlString + * the source url * @param aSessionId * optional an external sessionId (e.g. http session) could be * provided. This parameter may be null. * @param locale the locale used for user interaction, may be null */ - public BindingProcessor createBindingProcessor(String protcol, - String aSessionId, Locale locale); + public BindingProcessor createBindingProcessor(String urlString, + String aSessionId, Locale locale) throws MalformedURLException; /** * FactoryMethod creating a new BindingProcessor object. * The created binding processor must be passed to the process method to execute. * * @param protcol - * the transport binding protocol + * the source url * @param aSessionId * optional an external sessionId (e.g. http session) could be * provided. This parameter may be null. */ - public BindingProcessor createBindingProcessor(String protcol, - String aSessionId); + public BindingProcessor createBindingProcessor(String urlString, + String aSessionId) throws MalformedURLException; /** diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 7a3b1bb9..6f5ca2d2 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -16,6 +16,8 @@ */ package at.gv.egiz.bku.binding; +import java.net.MalformedURLException; +import java.net.URL; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; @@ -152,20 +154,22 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { /** * Uses the default locale */ - public BindingProcessor createBindingProcessor(String protocol, - String aSessionId) { - return createBindingProcessor(protocol, aSessionId, null); + public BindingProcessor createBindingProcessor(String srcUrl, + String aSessionId) throws MalformedURLException { + return createBindingProcessor(srcUrl, aSessionId, null); } /** * FactoryMethod creating a new BindingProcessor object. * * @param protocol - * must not be null + * must not be null + * @throws MalformedURLException */ - public BindingProcessor createBindingProcessor(String protocol, - String aSessionId, Locale locale) { - String low = protocol.toLowerCase(); + public BindingProcessor createBindingProcessor(String srcUrl, + String aSessionId, Locale locale) throws MalformedURLException { + URL url = new URL(srcUrl); + String low = url.getProtocol().toLowerCase(); Protocol proto = null; for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { if (SUPPORTED_PROTOCOLS[i].toString().equals(low)) { @@ -177,7 +181,7 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { throw new UnsupportedOperationException(); } BindingProcessor bindingProcessor = new HTTPBindingProcessor(aSessionId, - commandInvokerClass.newInstance(), proto); + commandInvokerClass.newInstance(), url); STAL stal = stalFactory.createSTAL(); bindingProcessor.init(stal, commandInvokerClass.newInstance()); if (locale != null) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java index e6d5e075..6d654639 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java @@ -16,12 +16,13 @@ */ package at.gv.egiz.bku.binding; -import java.io.IOException; -import java.io.InputStream; -import java.net.SocketTimeoutException; -import java.security.cert.X509Certificate; - -import at.gv.egiz.bku.slcommands.SLResult; +import java.io.IOException; +import java.io.InputStream; +import java.net.SocketTimeoutException; +import java.net.URL; +import java.security.cert.X509Certificate; + +import at.gv.egiz.bku.slcommands.SLResult; /** * Transmit a security layer result to DataURL via HTTP POST, encoded as multipart/form-data. @@ -41,7 +42,9 @@ public interface DataUrlConnection { public static final String XML_RESPONSE_ENCODING = "UTF-8"; - public String getProtocol(); + public String getProtocol(); + + public URL getUrl(); /** * Set a HTTP Header. diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 134d765e..9f5d70cb 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -212,5 +212,10 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { @Override public DataUrlConnectionSPI newInstance() { return new DataUrlConnectionImpl(); - } + } + + @Override + public URL getUrl() { + return url; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index b79f7d55..19f22126 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -1,820 +1,818 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.binding; - -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.Reader; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collection; -import java.util.Collections; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Locale; -import java.util.Map; - -import javax.net.ssl.SSLHandshakeException; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.URIResolver; -import javax.xml.transform.stream.StreamResult; -import javax.xml.transform.stream.StreamSource; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slcommands.SLCommand; -import at.gv.egiz.bku.slcommands.SLCommandContext; -import at.gv.egiz.bku.slcommands.SLCommandFactory; -import at.gv.egiz.bku.slcommands.SLCommandInvoker; -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slcommands.SLSourceContext; -import at.gv.egiz.bku.slcommands.SLTargetContext; -import at.gv.egiz.bku.slcommands.impl.ErrorResultImpl; -import at.gv.egiz.bku.slexceptions.SLBindingException; -import at.gv.egiz.bku.slexceptions.SLCanceledException; -import at.gv.egiz.bku.slexceptions.SLException; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.bku.utils.StreamUtil; -import at.gv.egiz.bku.utils.binding.Protocol; -import at.gv.egiz.bku.utils.urldereferencer.FormDataURLSupplier; -import at.gv.egiz.bku.utils.urldereferencer.SimpleFormDataContextImpl; -import at.gv.egiz.bku.utils.urldereferencer.StreamData; -import at.gv.egiz.bku.utils.urldereferencer.URIResolverAdapter; -import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; -import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; -import at.gv.egiz.stal.QuitRequest; -import at.gv.egiz.stal.STALRequest; - -/** - * Class performing the HTTP binding as defined by the CCE specification. - * Currently a huge monolithic class. - * @TODO refactor - */ -@SuppressWarnings("unchecked") -public class HTTPBindingProcessor extends AbstractBindingProcessor implements - FormDataURLSupplier { - - private static Log log = LogFactory.getLog(HTTPBindingProcessor.class); - - private static enum State { - INIT, PROCESS, DATAURL, TRANSFORM, FINISHED - }; - - public final static Collection XML_REQ_TRANSFER_ENCODING = Arrays - .asList(new String[] { "binary" }); - - /** - * Defines the maximum number of dataurl connects that are allowed within a - * single SL Request processing. - */ - protected static int MAX_DATAURL_HOPS = 10; - - protected static String XML_MIME_TYPE = "text/xml"; - protected static String BINARY_MIME_TYPE = "application/octet-stream"; - - /** - * If null everything is ok and the result is taken from the command invoker. - */ - protected SLException bindingProcessorError; - protected SLCommandInvoker commandInvoker; - protected DataUrlResponse dataUrlResponse; - protected Map headerMap = Collections.EMPTY_MAP; - protected SLCommand slCommand; - protected Map formParameterMap = new HashMap(); - protected SLSourceContext srcContex = new SLSourceContext(); - protected SLTargetContext targetContext = new SLTargetContext(); - protected Protocol protocol; - protected State currentState = State.INIT; - protected Transformer transformer = null; - protected String resultContentType = null; - protected SLResult slResult = null; - protected int responseCode = 200; - protected Map responseHeaders = Collections.EMPTY_MAP; - protected Locale locale = Locale.getDefault(); - - /** - * - * @param id - * may be null. In this case a new session id will be created. - * @param cmdInvoker - * must not be null; - */ - public HTTPBindingProcessor(String id, SLCommandInvoker cmdInvoker, - Protocol protocol) { - super(id); - if ((protocol != Protocol.HTTP) && (protocol != Protocol.HTTPS)) { - throw new SLRuntimeException("Protocol not supported: " + protocol); - } - if (cmdInvoker == null) { - throw new NullPointerException("Commandinvoker cannot be set to null"); - } - commandInvoker = cmdInvoker; - this.protocol = protocol; - srcContex.setSourceProtocol(protocol); - srcContex.setSourceIsDataURL(false); - } - - //---------------------------------------------------------------------------- - // ----------- BEGIN CONVENIENCE METHODS ----------- - - protected void sendSTALQuit() { - log.info("Sending QUIT command to STAL"); - List quit = new ArrayList(1); - quit.add(new QuitRequest()); - getSTAL().handleRequest(quit); - } - - protected String getFormParameterAsString(String formParameterName) { - FormParameter fp = formParameterMap.get(formParameterName); - return getFormParameterAsString(fp); - } - - protected String getFormParameterAsString(FormParameter fp) { - if (fp == null) { - return null; - } - try { - return StreamUtil.asString(fp.getFormParameterValue(), HttpUtil - .getCharset(fp.getFormParameterContentType(), true)); - } catch (IOException e) { - return null; - } - } - - protected String getDataUrl() { - return getFormParameterAsString(FixedFormParameters.DATAURL); - } - - protected String getStyleSheetUrl() { - return getFormParameterAsString(FixedFormParameters.STYLESHEETURL); - } - - protected List getFormParameters(String parameterNamePostfix) { - List resultList = new ArrayList(); - for (Iterator fpi = formParameterMap.keySet().iterator(); fpi - .hasNext();) { - String paramName = fpi.next(); - if (paramName.endsWith(parameterNamePostfix)) { - resultList.add(formParameterMap.get(paramName)); - } - } - return resultList; - } - - protected List getTransferHeaders() { - return getFormParameters("__"); - } - - protected List getTransferForms() { - List resultList = new ArrayList(); - for (Iterator fpi = formParameterMap.keySet().iterator(); fpi - .hasNext();) { - String paramName = fpi.next(); - if ((paramName.endsWith("_")) && (!paramName.endsWith("__"))) { - resultList.add(formParameterMap.get(paramName)); - } - } - return resultList; - } - - protected void closeDataUrlConnection() { - log.debug("Closing data url input stream"); - if (dataUrlResponse == null) { - return; - } - InputStream is = dataUrlResponse.getStream(); - if (is != null) { - try { - is.close(); - } catch (IOException e) { - log.info("Error closing input stream to dataurl server:" + e); - } - } - } - - //---------------------------------------------------------------------------- - // ----------- END CONVENIENCE METHODS ----------- - - //---------------------------------------------------------------------------- - // -- BEGIN Methods that handle the http binding activities as defined in the - // activity diagram -- - - protected void init() { - log.info("Starting Bindingprocessor in Thread: " - + Thread.currentThread().getId()); - if (bindingProcessorError != null) { - log.debug("Detected binding processor error, sending quit command"); - // sendSTALQuit(); - currentState = State.FINISHED; - } else if (slCommand == null) { - log.error("SLCommand not set (consumeRequest not called ??)"); - bindingProcessorError = new SLException(2000); - // sendSTALQuit(); - currentState = State.FINISHED; - } else { - currentState = State.PROCESS; - } - } - - protected void processRequest() { - log.debug("Entered State: " + State.PROCESS); - log.debug("Processing command: " + slCommand); - commandInvoker.setCommand(slCommand); - responseCode = 200; - responseHeaders = Collections.EMPTY_MAP; - try { - commandInvoker.invoke(srcContex); - } catch (SLCanceledException e) { - log.info("Caught exception: " + e); - bindingProcessorError = e; - currentState = State.TRANSFORM; - } - dataUrlResponse = null; - if (getDataUrl() != null) { - log.debug("Data Url set to: " + getDataUrl()); - currentState = State.DATAURL; - } else { - log.debug("No data url set"); - currentState = State.TRANSFORM; - } - } - - protected void handleDataUrl() { - log.debug("Entered State: " + State.DATAURL); - try { - DataUrl dataUrl = new DataUrl(getDataUrl()); - DataUrlConnection conn = dataUrl.openConnection(); - - // set transfer headers - for (FormParameter fp : getTransferHeaders()) { - String paramString = getFormParameterAsString(fp); - if (paramString == null) { - log.error("Got empty transfer header, ignoring this"); - } else { - String[] keyVal = paramString.split(":", 2); - String key = keyVal[0]; - String val = null; - if (keyVal.length == 2) { - val = keyVal[1]; - } - val = val.trim(); - log.debug("Setting header " + key + " to value " + val); - conn.setHTTPHeader(key, val); - } - } - - // set transfer form parameters - for (FormParameter fp : getTransferForms()) { - String contentTransferEncoding = null; - String contentType = fp.getFormParameterContentType(); - String charSet = HttpUtil.getCharset(contentType, false); - if (charSet != null) { - contentType = contentType.substring(0, contentType - .lastIndexOf(HttpUtil.SEPERATOR[0])); - } - for (Iterator header = fp.getHeaderNames(); header.hasNext();) { - if (HttpUtil.CONTENT_TRANSFER_ENCODING - .equalsIgnoreCase(header.next())) { - contentTransferEncoding = getFormParameterAsString(fp); - } - } - log.debug("Setting form: " + fp.getFormParameterName() - + " contentType: " + contentType + " charset: " + charSet - + " contentTransferEncoding: " + contentTransferEncoding); - conn.setHTTPFormParameter(fp.getFormParameterName(), fp - .getFormParameterValue(), contentType, charSet, - contentTransferEncoding); - } - - // connect - conn.connect(); - // fetch and set SL result - targetContext.setTargetIsDataURL(true); - targetContext.setTargetCertificate(conn.getServerCertificate()); - targetContext.setTargetProtocol(conn.getProtocol()); - SLResult result = commandInvoker.getResult(targetContext); - - // transfer result - conn.transmit(result); - - // process Dataurl response - dataUrlResponse = conn.getResponse(); - log.debug("Received data url response code: " - + dataUrlResponse.getResponseCode()); - protocol = Protocol.fromString(conn.getProtocol()); - - switch (dataUrlResponse.getResponseCode()) { - case 200: - String contentType = dataUrlResponse.getContentType(); - log.debug("Got dataurl response content type: " + contentType); - if (contentType != null) { - if ((contentType.startsWith(HttpUtil.APPLICATION_URL_ENCODED)) - || (contentType.startsWith(HttpUtil.MULTIPART_FOTMDATA))) { - log.debug("Detected SL Request in dataurl response"); - // process headers and request - setHTTPHeaders(dataUrlResponse.getResponseHeaders()); - consumeRequestStream(dataUrlResponse.getStream()); - closeDataUrlConnection(); - srcContex.setSourceCertificate(conn.getServerCertificate()); - srcContex.setSourceIsDataURL(true); - srcContex - .setSourceProtocol(Protocol.fromString(conn.getProtocol())); - currentState = State.PROCESS; - } else if (((contentType.startsWith(HttpUtil.TXT_HTML)) - || (contentType.startsWith(HttpUtil.TXT_PLAIN)) || (contentType - .startsWith(HttpUtil.TXT_XML))) - && (dataUrlResponse.isHttpResponseXMLOK())) { - log.info("Dataurl response matches with content type: " - + contentType); - currentState = State.TRANSFORM; - - } else if ((contentType.startsWith(HttpUtil.TXT_XML)) - && (!dataUrlResponse.isHttpResponseXMLOK())) { - log - .debug("Detected text/xml dataurl response with content != "); - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); - assignXMLRequest(dataUrlResponse.getStream(), HttpUtil.getCharset( - contentType, true)); - closeDataUrlConnection(); - srcContex.setSourceCertificate(conn.getServerCertificate()); - srcContex.setSourceIsDataURL(true); - srcContex - .setSourceProtocol(Protocol.fromString(conn.getProtocol())); - currentState = State.PROCESS; - // just to be complete, actually not used - srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() - .get(HttpUtil.HTTP_HEADER_REFERER)); - } else { - resultContentType = contentType; - responseHeaders = dataUrlResponse.getResponseHeaders(); - responseCode = dataUrlResponse.getResponseCode(); - currentState = State.FINISHED; - } - } else { - log.debug("Content type not set in dataurl response"); - closeDataUrlConnection(); - throw new SLBindingException(2007); - } - - break; - case 307: - contentType = dataUrlResponse.getContentType(); - if ((contentType != null) && (contentType.startsWith(HttpUtil.TXT_XML))) { - log.debug("Received dataurl response code 307 with XML content"); - String location = dataUrlResponse.getResponseHeaders().get( - HttpUtil.HTTP_HEADER_LOCATION); - if (location == null) { - log - .error("Did not get a location header for a 307 data url response"); - throw new SLBindingException(2003); - } - // consumeRequestStream(dataUrlResponse.getStream()); - FormParameterStore fp = new FormParameterStore(); - fp.init(location.getBytes(HttpUtil.DEFAULT_CHARSET), - FixedFormParameters.DATAURL, null, null); - formParameterMap.put(FixedFormParameters.DATAURL, fp); - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); - assignXMLRequest(dataUrlResponse.getStream(), HttpUtil.getCharset( - dataUrlResponse.getContentType(), true)); - closeDataUrlConnection(); - srcContex.setSourceCertificate(conn.getServerCertificate()); - srcContex.setSourceIsDataURL(true); - srcContex.setSourceProtocol(Protocol.fromString(conn.getProtocol())); - currentState = State.PROCESS; - // just to be complete, actually not used - srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() - .get(HttpUtil.HTTP_HEADER_REFERER)); - - } else { - log.debug("Received dataurl response code 307 non XML content: " - + dataUrlResponse.getContentType()); - resultContentType = dataUrlResponse.getContentType(); - currentState = State.FINISHED; - } - responseHeaders = dataUrlResponse.getResponseHeaders(); - responseCode = dataUrlResponse.getResponseCode(); - break; - - case 301: - case 302: - case 303: - responseHeaders = dataUrlResponse.getResponseHeaders(); - responseCode = dataUrlResponse.getResponseCode(); - resultContentType = dataUrlResponse.getContentType(); - currentState = State.FINISHED; - break; - - default: - // issue error - log.info("Unexpected response code from dataurl server: " - + dataUrlResponse.getResponseCode()); - throw new SLBindingException(2007); - } - - } catch (SLException slx) { - bindingProcessorError = slx; - log.error("Error during dataurl communication"); - resultContentType = HttpUtil.TXT_XML; - currentState = State.TRANSFORM; - } catch (SSLHandshakeException hx) { - bindingProcessorError = new SLException(2010); - log.info("Error during dataurl communication", hx); - resultContentType = HttpUtil.TXT_XML; - currentState = State.TRANSFORM; - } catch (IOException e) { - bindingProcessorError = new SLBindingException(2001); - log.error("Error while data url handling", e); - resultContentType = HttpUtil.TXT_XML; - currentState = State.TRANSFORM; - return; - } - } - - protected void transformResult() { - log.debug("Entered State: " + State.TRANSFORM); - if (bindingProcessorError != null) { - resultContentType = HttpUtil.TXT_XML; - } else if (dataUrlResponse != null) { - resultContentType = dataUrlResponse.getContentType(); - } else { - targetContext.setTargetIsDataURL(false); - targetContext.setTargetProtocol(protocol.toString()); - try { - slResult = commandInvoker.getResult(targetContext); - resultContentType = slResult.getMimeType(); - log - .debug("Successfully got SLResult from commandinvoker, setting mimetype to: " - + resultContentType); - } catch (SLCanceledException e) { - log.info("Cannot get result from invoker:", e); - bindingProcessorError = new SLException(6002); - resultContentType = HttpUtil.TXT_XML; - } - } - transformer = getTransformer(getStyleSheetUrl()); - if (transformer != null) { - log.debug("Output transformation required"); - resultContentType = transformer.getOutputProperty("media-type"); - log.debug("Got media type from stylesheet: " + resultContentType); - if (resultContentType == null) { - log.debug("Setting to default text/xml result conent type"); - resultContentType = "text/xml"; - } - log.debug("Deferring sytylesheet processing"); - } - currentState = State.FINISHED; - } - - protected void finished() { - log.debug("Entered State: " + State.FINISHED); - if (bindingProcessorError != null) { - log.debug("Binding processor error, sending quit command"); - resultContentType = HttpUtil.TXT_XML; - } - sendSTALQuit(); - log.info("Terminating Bindingprocessor; Thread: " - + Thread.currentThread().getId()); - } - - // -- END Methods that handle the http binding activities as defined in the - // activity diagram -- - //---------------------------------------------------------------------------- - - /** - * Sets the headers of the SL Request. IMPORTANT: make sure to set all headers - * before invoking {@link #consumeRequestStream(InputStream)} - * - * @param aHeaderMap - * if null all header will be cleared. - */ - public void setHTTPHeaders(Map aHeaderMap) { - headerMap = new HashMap(); - // ensure lowercase keys - if (aHeaderMap != null) { - for (String s : aHeaderMap.keySet()) { - if (s != null) { - headerMap.put(s.toLowerCase(), aHeaderMap.get(s)); - if (s.equalsIgnoreCase(HttpUtil.HTTP_HEADER_REFERER)) { - String referer = aHeaderMap.get(s); - log.debug("Got referer header: " + referer); - srcContex.setSourceHTTPReferer(referer); - } - } - } - } - } - - public void setSourceCertificate(X509Certificate aCert) { - srcContex.setSourceCertificate(aCert); - } - - /** - * The HTTPBindingProcessor does not handle redirect URLs. It only provides - * the parameter. - * - * @return null if redirect url is not set. - */ - public String getRedirectURL() { - return getFormParameterAsString(FixedFormParameters.REDIRECTURL); - } - - public String getFormDataContentType(String aParameterName) { - FormParameter fp = formParameterMap.get(aParameterName); - if (fp != null) { - return fp.getFormParameterContentType(); - } - return null; - } - - public InputStream getFormData(String aParameterName) { - FormParameter fp = formParameterMap.get(aParameterName); - if (fp != null) { - return fp.getFormParameterValue(); - } - return null; - } - - protected void assignXMLRequest(InputStream is, String charset) - throws IOException, SLException { - Reader r = new InputStreamReader(is, charset); - StreamSource source = new StreamSource(r); - SLCommandContext commandCtx = new SLCommandContext(); - commandCtx.setSTAL(getSTAL()); - commandCtx.setURLDereferencerContext(new SimpleFormDataContextImpl(this)); - slCommand = SLCommandFactory.getInstance().createSLCommand(source, - commandCtx); - log.debug("Created new command: " + slCommand); - } - - @Override - public void run() { - boolean done = false; - int hopcounter = 0; - if (bindingProcessorError != null) { - currentState = State.FINISHED; - } - try { - while (!done) { - try { - switch (currentState) { - case INIT: - init(); - break; - case PROCESS: - processRequest(); - break; - case DATAURL: - handleDataUrl(); - if (++hopcounter > MAX_DATAURL_HOPS) { - log.error("Maximum number of dataurl hops reached"); - bindingProcessorError = new SLBindingException(2000); - currentState = State.FINISHED; - } - break; - case TRANSFORM: - transformResult(); - break; - case FINISHED: - done = true; - finished(); - break; - } - } catch (RuntimeException rte) { - throw rte; - } catch (Exception t) { - log.error("Caught unexpected exception", t); - responseCode = 200; - resultContentType = HttpUtil.TXT_XML; - responseHeaders = Collections.EMPTY_MAP; - bindingProcessorError = new SLException(2000); - currentState = State.FINISHED; - } - } - } catch (Throwable t) { - log.error("Caught unexpected exception", t); - responseCode = 200; - resultContentType = HttpUtil.TXT_XML; - responseHeaders = Collections.EMPTY_MAP; - bindingProcessorError = new SLException(2000); - currentState = State.FINISHED; - } - log.debug("Terminated http binding processor"); - } - - @Override - public void consumeRequestStream(InputStream is) { - try { - log.debug("Start consuming request stream"); - formParameterMap.clear(); - String cl = headerMap - .get(HttpUtil.HTTP_HEADER_CONTENT_TYPE.toLowerCase()); - if (cl == null) { - log.info("No content type set in http header"); - throw new SLBindingException(2006); - } - InputDecoder id = InputDecoderFactory.getDecoder(cl, is); - id.setContentType(cl); - if (id == null) { - log.error("Cannot get inputdecoder for is"); - throw new SLException(2006); - } - for (Iterator fpi = id.getFormParameterIterator(); fpi - .hasNext();) { - FormParameter fp = fpi.next(); - log.debug("Got request parameter with name: " - + fp.getFormParameterName()); - if (fp.getFormParameterName().equals(FixedFormParameters.XMLREQUEST)) { - log.debug("Creating XML Request"); - for (Iterator headerIterator = fp.getHeaderNames(); headerIterator - .hasNext();) { - String headerName = headerIterator.next(); - if (HttpUtil.CONTENT_TRANSFER_ENCODING.equalsIgnoreCase(headerName)) { - String transferEncoding = fp.getHeaderValue(headerName); - log.debug("Got transfer encoding for xmlrequest: " - + transferEncoding); - if (XML_REQ_TRANSFER_ENCODING.contains(transferEncoding)) { - log.debug("Supported transfer encoding: " + transferEncoding); - } else { - log - .error("Transferencoding not supported: " - + transferEncoding); - throw new SLBindingException(2005); - } - } - } - String charset = HttpUtil.getCharset(cl, true); - assignXMLRequest(fp.getFormParameterValue(), charset); - } else { - FormParameterStore fps = new FormParameterStore(); - fps.init(fp); - if (!fps.isEmpty()) { - log.debug("Setting from parameter: " + fps.getFormParameterName()); - formParameterMap.put(fps.getFormParameterName(), fps); - } - } - } - if (slCommand == null) { - throw new SLBindingException(2004); - } - if (is.read() != -1) { - log.error("Request input stream not completely read"); - // consume rest of stream, should never occur - throw new SLRuntimeException( - "request input stream not consumed till end"); - } - } catch (SLException slx) { - log.info("Error while consuming input stream " + slx); - bindingProcessorError = slx; - } catch (Throwable t) { - log.info("Error while consuming input stream " + t, t); - bindingProcessorError = new SLException(2000); - } finally { - try { - while (is.read() != -1) - ; - } catch (IOException e) { - log.error(e); - } - } - } - - @Override - public String getResultContentType() { - return resultContentType; - } - - protected Transformer getTransformer(String styleSheetURL) { - if (styleSheetURL == null) { - log.debug("Stylesheet URL not set"); - return null; - } - try { - URLDereferencerContext urlCtx = new SimpleFormDataContextImpl(this); - URIResolver resolver = new URIResolverAdapter(URLDereferencer - .getInstance(), urlCtx); - TransformerFactory factory = TransformerFactory.newInstance(); - StreamData sd = URLDereferencer.getInstance().dereference(styleSheetURL, - urlCtx); - Transformer t = factory.newTransformer(new StreamSource(sd.getStream())); - t.setURIResolver(resolver); - return t; - } catch (Exception ex) { - log.info("Cannot instantiate transformer", ex); - bindingProcessorError = new SLException(2002); - return null; - } - } - - protected void handleBindingProcessorError(OutputStream os, String encoding, - Transformer transformer) throws IOException { - log.debug("Writing error as result"); - ErrorResultImpl error = new ErrorResultImpl(bindingProcessorError); - try { - error.writeTo(new StreamResult(new OutputStreamWriter(os, encoding)), - transformer); - } catch (TransformerException e) { - log.fatal("Cannot write error result to stream", e); - } - } - - @Override - public void writeResultTo(OutputStream os, String encoding) - throws IOException { - if (encoding == null) { - encoding = HttpUtil.DEFAULT_CHARSET; - } - if (bindingProcessorError != null) { - log.debug("Detected error in binding processor, writing error as result"); - handleBindingProcessorError(os, encoding, transformer); - return; - } else if (dataUrlResponse != null) { - log.debug("Writing data url response as result"); - String charEnc = HttpUtil.getCharset(dataUrlResponse.getContentType(), - true); - InputStreamReader isr = new InputStreamReader( - dataUrlResponse.getStream(), charEnc); - OutputStreamWriter osw = new OutputStreamWriter(os, encoding); - if (transformer == null) { - StreamUtil.copyStream(isr, osw); - } else { - try { - transformer.transform(new StreamSource(isr), new StreamResult(osw)); - } catch (TransformerException e) { - log.fatal("Exception occured during result transformation", e); - // bindingProcessorError = new SLException(2008); - // handleBindingProcessorError(os, encoding, null); - return; - } - } - osw.flush(); - isr.close(); - } else if (slResult == null) { - // result not yet assigned -> must be a cancel - bindingProcessorError = new SLException(6001); - handleBindingProcessorError(os, encoding, transformer); - return; - } else { - log.debug("Getting result from invoker"); - OutputStreamWriter osw = new OutputStreamWriter(os, encoding); - try { - slResult.writeTo(new StreamResult(osw), transformer); - } catch (TransformerException e) { - log.fatal("Cannot write result to stream", e); - // bindingProcessorError = new SLException(2008); - // handleBindingProcessorError(os, encoding, transformer); - } - osw.flush(); - } - } - - /** - * The response code from the dataurl server or 200 if no dataurl server - * created the result - * - * @return - */ - public int getResponseCode() { - return responseCode; - } - - /** - * All headers from the data url server in case of a direct forward from the - * dataurl server. - * - * @return - */ - public Map getResponseHeaders() { - return responseHeaders; - } - - @Override - public void setLocale(Locale locale) { - if (locale == null) { - throw new NullPointerException("Locale must not be set to null"); - } - this.locale = locale; - } - + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.io.Reader; +import java.net.URL; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.net.ssl.SSLHandshakeException; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.URIResolver; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLSourceContext; +import at.gv.egiz.bku.slcommands.SLTargetContext; +import at.gv.egiz.bku.slcommands.impl.ErrorResultImpl; +import at.gv.egiz.bku.slexceptions.SLBindingException; +import at.gv.egiz.bku.slexceptions.SLException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.bku.utils.binding.Protocol; +import at.gv.egiz.bku.utils.urldereferencer.FormDataURLSupplier; +import at.gv.egiz.bku.utils.urldereferencer.SimpleFormDataContextImpl; +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URIResolverAdapter; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STALRequest; + +/** + * Class performing the HTTP binding as defined by the CCE specification. + * Currently a huge monolithic class. + * + * @TODO refactor + */ +@SuppressWarnings("unchecked") +public class HTTPBindingProcessor extends AbstractBindingProcessor implements + FormDataURLSupplier { + + private static Log log = LogFactory.getLog(HTTPBindingProcessor.class); + + private static enum State { + INIT, PROCESS, DATAURL, TRANSFORM, FINISHED + }; + + public final static Collection XML_REQ_TRANSFER_ENCODING = Arrays + .asList(new String[] { "binary" }); + + /** + * Defines the maximum number of dataurl connects that are allowed within a + * single SL Request processing. + */ + protected static int MAX_DATAURL_HOPS = 10; + + protected static String XML_MIME_TYPE = "text/xml"; + protected static String BINARY_MIME_TYPE = "application/octet-stream"; + + /** + * If null everything is ok and the result is taken from the command invoker. + */ + protected SLException bindingProcessorError; + protected SLCommandInvoker commandInvoker; + protected DataUrlResponse dataUrlResponse; + protected Map headerMap = Collections.EMPTY_MAP; + protected SLCommand slCommand; + protected Map formParameterMap = new HashMap(); + protected SLSourceContext srcContex = new SLSourceContext(); + protected SLTargetContext targetContext = new SLTargetContext(); + protected URL srcUrl; + protected State currentState = State.INIT; + protected Transformer transformer = null; + protected String resultContentType = null; + protected SLResult slResult = null; + protected int responseCode = 200; + protected Map responseHeaders = Collections.EMPTY_MAP; + protected Locale locale = Locale.getDefault(); + + /** + * + * @param id + * may be null. In this case a new session id will be created. + * @param cmdInvoker + * must not be null; + */ + public HTTPBindingProcessor(String id, SLCommandInvoker cmdInvoker, URL source) { + super(id); + this.srcUrl = source; + Protocol protocol = Protocol.fromString(source.getProtocol()); + if ((protocol != Protocol.HTTP) && (protocol != Protocol.HTTPS)) { + throw new SLRuntimeException("Protocol not supported: " + protocol); + } + if (cmdInvoker == null) { + throw new NullPointerException("Commandinvoker cannot be set to null"); + } + commandInvoker = cmdInvoker; + srcContex.setSourceUrl(source); + srcContex.setSourceIsDataURL(false); + } + + //---------------------------------------------------------------------------- + // ----------- BEGIN CONVENIENCE METHODS ----------- + + protected void sendSTALQuit() { + log.info("Sending QUIT command to STAL"); + List quit = new ArrayList(1); + quit.add(new QuitRequest()); + getSTAL().handleRequest(quit); + } + + protected String getFormParameterAsString(String formParameterName) { + FormParameter fp = formParameterMap.get(formParameterName); + return getFormParameterAsString(fp); + } + + protected String getFormParameterAsString(FormParameter fp) { + if (fp == null) { + return null; + } + try { + return StreamUtil.asString(fp.getFormParameterValue(), HttpUtil + .getCharset(fp.getFormParameterContentType(), true)); + } catch (IOException e) { + return null; + } + } + + protected String getDataUrl() { + return getFormParameterAsString(FixedFormParameters.DATAURL); + } + + protected String getStyleSheetUrl() { + return getFormParameterAsString(FixedFormParameters.STYLESHEETURL); + } + + protected List getFormParameters(String parameterNamePostfix) { + List resultList = new ArrayList(); + for (Iterator fpi = formParameterMap.keySet().iterator(); fpi + .hasNext();) { + String paramName = fpi.next(); + if (paramName.endsWith(parameterNamePostfix)) { + resultList.add(formParameterMap.get(paramName)); + } + } + return resultList; + } + + protected List getTransferHeaders() { + return getFormParameters("__"); + } + + protected List getTransferForms() { + List resultList = new ArrayList(); + for (Iterator fpi = formParameterMap.keySet().iterator(); fpi + .hasNext();) { + String paramName = fpi.next(); + if ((paramName.endsWith("_")) && (!paramName.endsWith("__"))) { + resultList.add(formParameterMap.get(paramName)); + } + } + return resultList; + } + + protected void closeDataUrlConnection() { + log.debug("Closing data url input stream"); + if (dataUrlResponse == null) { + return; + } + InputStream is = dataUrlResponse.getStream(); + if (is != null) { + try { + is.close(); + } catch (IOException e) { + log.info("Error closing input stream to dataurl server:" + e); + } + } + } + + //---------------------------------------------------------------------------- + // ----------- END CONVENIENCE METHODS ----------- + + //---------------------------------------------------------------------------- + // -- BEGIN Methods that handle the http binding activities as defined in the + // activity diagram -- + + protected void init() { + log.info("Starting Bindingprocessor in Thread: " + + Thread.currentThread().getId()); + if (bindingProcessorError != null) { + log.debug("Detected binding processor error, sending quit command"); + // sendSTALQuit(); + currentState = State.FINISHED; + } else if (slCommand == null) { + log.error("SLCommand not set (consumeRequest not called ??)"); + bindingProcessorError = new SLException(2000); + // sendSTALQuit(); + currentState = State.FINISHED; + } else { + currentState = State.PROCESS; + } + } + + protected void processRequest() { + log.debug("Entered State: " + State.PROCESS); + log.debug("Processing command: " + slCommand); + commandInvoker.setCommand(slCommand); + responseCode = 200; + responseHeaders = Collections.EMPTY_MAP; + try { + commandInvoker.invoke(srcContex); + } catch (SLException e) { + log.info("Caught exception: " + e); + bindingProcessorError = e; + currentState = State.TRANSFORM; + } + dataUrlResponse = null; + if (getDataUrl() != null) { + log.debug("Data Url set to: " + getDataUrl()); + currentState = State.DATAURL; + } else { + log.debug("No data url set"); + currentState = State.TRANSFORM; + } + } + + protected void handleDataUrl() { + log.debug("Entered State: " + State.DATAURL); + try { + DataUrl dataUrl = new DataUrl(getDataUrl()); + DataUrlConnection conn = dataUrl.openConnection(); + + // set transfer headers + for (FormParameter fp : getTransferHeaders()) { + String paramString = getFormParameterAsString(fp); + if (paramString == null) { + log.error("Got empty transfer header, ignoring this"); + } else { + String[] keyVal = paramString.split(":", 2); + String key = keyVal[0]; + String val = null; + if (keyVal.length == 2) { + val = keyVal[1]; + } + val = val.trim(); + log.debug("Setting header " + key + " to value " + val); + conn.setHTTPHeader(key, val); + } + } + + // set transfer form parameters + for (FormParameter fp : getTransferForms()) { + String contentTransferEncoding = null; + String contentType = fp.getFormParameterContentType(); + String charSet = HttpUtil.getCharset(contentType, false); + if (charSet != null) { + contentType = contentType.substring(0, contentType + .lastIndexOf(HttpUtil.SEPERATOR[0])); + } + for (Iterator header = fp.getHeaderNames(); header.hasNext();) { + if (HttpUtil.CONTENT_TRANSFER_ENCODING + .equalsIgnoreCase(header.next())) { + contentTransferEncoding = getFormParameterAsString(fp); + } + } + log.debug("Setting form: " + fp.getFormParameterName() + + " contentType: " + contentType + " charset: " + charSet + + " contentTransferEncoding: " + contentTransferEncoding); + conn.setHTTPFormParameter(fp.getFormParameterName(), fp + .getFormParameterValue(), contentType, charSet, + contentTransferEncoding); + } + + // connect + conn.connect(); + // fetch and set SL result + targetContext.setTargetIsDataURL(true); + targetContext.setTargetCertificate(conn.getServerCertificate()); + targetContext.setTargetUrl(conn.getUrl()); + SLResult result = commandInvoker.getResult(targetContext); + + // transfer result + conn.transmit(result); + + // process Dataurl response + dataUrlResponse = conn.getResponse(); + log.debug("Received data url response code: " + + dataUrlResponse.getResponseCode()); + + switch (dataUrlResponse.getResponseCode()) { + case 200: + String contentType = dataUrlResponse.getContentType(); + log.debug("Got dataurl response content type: " + contentType); + if (contentType != null) { + if ((contentType.startsWith(HttpUtil.APPLICATION_URL_ENCODED)) + || (contentType.startsWith(HttpUtil.MULTIPART_FOTMDATA))) { + log.debug("Detected SL Request in dataurl response"); + // process headers and request + setHTTPHeaders(dataUrlResponse.getResponseHeaders()); + consumeRequestStream(dataUrlResponse.getStream()); + closeDataUrlConnection(); + srcContex.setSourceCertificate(conn.getServerCertificate()); + srcContex.setSourceIsDataURL(true); + srcContex.setSourceUrl(conn.getUrl()); + currentState = State.PROCESS; + } else if (((contentType.startsWith(HttpUtil.TXT_HTML)) + || (contentType.startsWith(HttpUtil.TXT_PLAIN)) || (contentType + .startsWith(HttpUtil.TXT_XML))) + && (dataUrlResponse.isHttpResponseXMLOK())) { + log.info("Dataurl response matches with content type: " + + contentType); + currentState = State.TRANSFORM; + + } else if ((contentType.startsWith(HttpUtil.TXT_XML)) + && (!dataUrlResponse.isHttpResponseXMLOK())) { + log + .debug("Detected text/xml dataurl response with content != "); + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + assignXMLRequest(dataUrlResponse.getStream(), HttpUtil.getCharset( + contentType, true)); + closeDataUrlConnection(); + srcContex.setSourceCertificate(conn.getServerCertificate()); + srcContex.setSourceIsDataURL(true); + srcContex.setSourceUrl(conn.getUrl()); + currentState = State.PROCESS; + // just to be complete, actually not used + srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() + .get(HttpUtil.HTTP_HEADER_REFERER)); + } else { + resultContentType = contentType; + responseHeaders = dataUrlResponse.getResponseHeaders(); + responseCode = dataUrlResponse.getResponseCode(); + currentState = State.FINISHED; + } + } else { + log.debug("Content type not set in dataurl response"); + closeDataUrlConnection(); + throw new SLBindingException(2007); + } + + break; + case 307: + contentType = dataUrlResponse.getContentType(); + if ((contentType != null) && (contentType.startsWith(HttpUtil.TXT_XML))) { + log.debug("Received dataurl response code 307 with XML content"); + String location = dataUrlResponse.getResponseHeaders().get( + HttpUtil.HTTP_HEADER_LOCATION); + if (location == null) { + log + .error("Did not get a location header for a 307 data url response"); + throw new SLBindingException(2003); + } + // consumeRequestStream(dataUrlResponse.getStream()); + FormParameterStore fp = new FormParameterStore(); + fp.init(location.getBytes(HttpUtil.DEFAULT_CHARSET), + FixedFormParameters.DATAURL, null, null); + formParameterMap.put(FixedFormParameters.DATAURL, fp); + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + assignXMLRequest(dataUrlResponse.getStream(), HttpUtil.getCharset( + dataUrlResponse.getContentType(), true)); + closeDataUrlConnection(); + srcContex.setSourceCertificate(conn.getServerCertificate()); + srcContex.setSourceIsDataURL(true); + srcContex.setSourceUrl(conn.getUrl()); + currentState = State.PROCESS; + // just to be complete, actually not used + srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() + .get(HttpUtil.HTTP_HEADER_REFERER)); + + } else { + log.debug("Received dataurl response code 307 non XML content: " + + dataUrlResponse.getContentType()); + resultContentType = dataUrlResponse.getContentType(); + currentState = State.FINISHED; + } + responseHeaders = dataUrlResponse.getResponseHeaders(); + responseCode = dataUrlResponse.getResponseCode(); + break; + + case 301: + case 302: + case 303: + responseHeaders = dataUrlResponse.getResponseHeaders(); + responseCode = dataUrlResponse.getResponseCode(); + resultContentType = dataUrlResponse.getContentType(); + currentState = State.FINISHED; + break; + + default: + // issue error + log.info("Unexpected response code from dataurl server: " + + dataUrlResponse.getResponseCode()); + throw new SLBindingException(2007); + } + + } catch (SLException slx) { + bindingProcessorError = slx; + log.error("Error during dataurl communication"); + resultContentType = HttpUtil.TXT_XML; + currentState = State.TRANSFORM; + } catch (SSLHandshakeException hx) { + bindingProcessorError = new SLException(2010); + log.info("Error during dataurl communication", hx); + resultContentType = HttpUtil.TXT_XML; + currentState = State.TRANSFORM; + } catch (IOException e) { + bindingProcessorError = new SLBindingException(2001); + log.error("Error while data url handling", e); + resultContentType = HttpUtil.TXT_XML; + currentState = State.TRANSFORM; + return; + } + } + + protected void transformResult() { + log.debug("Entered State: " + State.TRANSFORM); + if (bindingProcessorError != null) { + resultContentType = HttpUtil.TXT_XML; + } else if (dataUrlResponse != null) { + resultContentType = dataUrlResponse.getContentType(); + } else { + targetContext.setTargetIsDataURL(false); + targetContext.setTargetUrl(srcUrl); + try { + slResult = commandInvoker.getResult(targetContext); + resultContentType = slResult.getMimeType(); + log + .debug("Successfully got SLResult from commandinvoker, setting mimetype to: " + + resultContentType); + } catch (SLException e) { + log.info("Cannot get result from invoker:", e); + bindingProcessorError = new SLException(6002); + resultContentType = HttpUtil.TXT_XML; + } + } + transformer = getTransformer(getStyleSheetUrl()); + if (transformer != null) { + log.debug("Output transformation required"); + resultContentType = transformer.getOutputProperty("media-type"); + log.debug("Got media type from stylesheet: " + resultContentType); + if (resultContentType == null) { + log.debug("Setting to default text/xml result conent type"); + resultContentType = "text/xml"; + } + log.debug("Deferring sytylesheet processing"); + } + currentState = State.FINISHED; + } + + protected void finished() { + log.debug("Entered State: " + State.FINISHED); + if (bindingProcessorError != null) { + log.debug("Binding processor error, sending quit command"); + resultContentType = HttpUtil.TXT_XML; + } + sendSTALQuit(); + log.info("Terminating Bindingprocessor; Thread: " + + Thread.currentThread().getId()); + } + + // -- END Methods that handle the http binding activities as defined in the + // activity diagram -- + //---------------------------------------------------------------------------- + + /** + * Sets the headers of the SL Request. IMPORTANT: make sure to set all headers + * before invoking {@link #consumeRequestStream(InputStream)} + * + * @param aHeaderMap + * if null all header will be cleared. + */ + public void setHTTPHeaders(Map aHeaderMap) { + headerMap = new HashMap(); + // ensure lowercase keys + if (aHeaderMap != null) { + for (String s : aHeaderMap.keySet()) { + if (s != null) { + headerMap.put(s.toLowerCase(), aHeaderMap.get(s)); + if (s.equalsIgnoreCase(HttpUtil.HTTP_HEADER_REFERER)) { + String referer = aHeaderMap.get(s); + log.debug("Got referer header: " + referer); + srcContex.setSourceHTTPReferer(referer); + } + } + } + } + } + + public void setSourceCertificate(X509Certificate aCert) { + srcContex.setSourceCertificate(aCert); + } + + /** + * The HTTPBindingProcessor does not handle redirect URLs. It only provides + * the parameter. + * + * @return null if redirect url is not set. + */ + public String getRedirectURL() { + return getFormParameterAsString(FixedFormParameters.REDIRECTURL); + } + + public String getFormDataContentType(String aParameterName) { + FormParameter fp = formParameterMap.get(aParameterName); + if (fp != null) { + return fp.getFormParameterContentType(); + } + return null; + } + + public InputStream getFormData(String aParameterName) { + FormParameter fp = formParameterMap.get(aParameterName); + if (fp != null) { + return fp.getFormParameterValue(); + } + return null; + } + + protected void assignXMLRequest(InputStream is, String charset) + throws IOException, SLException { + Reader r = new InputStreamReader(is, charset); + StreamSource source = new StreamSource(r); + SLCommandContext commandCtx = new SLCommandContext(); + commandCtx.setSTAL(getSTAL()); + commandCtx.setURLDereferencerContext(new SimpleFormDataContextImpl(this)); + slCommand = SLCommandFactory.getInstance().createSLCommand(source, + commandCtx); + log.debug("Created new command: " + slCommand); + } + + @Override + public void run() { + boolean done = false; + int hopcounter = 0; + if (bindingProcessorError != null) { + currentState = State.FINISHED; + } + try { + while (!done) { + try { + switch (currentState) { + case INIT: + init(); + break; + case PROCESS: + processRequest(); + break; + case DATAURL: + handleDataUrl(); + if (++hopcounter > MAX_DATAURL_HOPS) { + log.error("Maximum number of dataurl hops reached"); + bindingProcessorError = new SLBindingException(2000); + currentState = State.FINISHED; + } + break; + case TRANSFORM: + transformResult(); + break; + case FINISHED: + done = true; + finished(); + break; + } + } catch (RuntimeException rte) { + throw rte; + } catch (Exception t) { + log.error("Caught unexpected exception", t); + responseCode = 200; + resultContentType = HttpUtil.TXT_XML; + responseHeaders = Collections.EMPTY_MAP; + bindingProcessorError = new SLException(2000); + currentState = State.FINISHED; + } + } + } catch (Throwable t) { + log.error("Caught unexpected exception", t); + responseCode = 200; + resultContentType = HttpUtil.TXT_XML; + responseHeaders = Collections.EMPTY_MAP; + bindingProcessorError = new SLException(2000); + currentState = State.FINISHED; + } + log.debug("Terminated http binding processor"); + } + + @Override + public void consumeRequestStream(InputStream is) { + try { + log.debug("Start consuming request stream"); + formParameterMap.clear(); + String cl = headerMap + .get(HttpUtil.HTTP_HEADER_CONTENT_TYPE.toLowerCase()); + if (cl == null) { + log.info("No content type set in http header"); + throw new SLBindingException(2006); + } + InputDecoder id = InputDecoderFactory.getDecoder(cl, is); + id.setContentType(cl); + if (id == null) { + log.error("Cannot get inputdecoder for is"); + throw new SLException(2006); + } + for (Iterator fpi = id.getFormParameterIterator(); fpi + .hasNext();) { + FormParameter fp = fpi.next(); + log.debug("Got request parameter with name: " + + fp.getFormParameterName()); + if (fp.getFormParameterName().equals(FixedFormParameters.XMLREQUEST)) { + log.debug("Creating XML Request"); + for (Iterator headerIterator = fp.getHeaderNames(); headerIterator + .hasNext();) { + String headerName = headerIterator.next(); + if (HttpUtil.CONTENT_TRANSFER_ENCODING.equalsIgnoreCase(headerName)) { + String transferEncoding = fp.getHeaderValue(headerName); + log.debug("Got transfer encoding for xmlrequest: " + + transferEncoding); + if (XML_REQ_TRANSFER_ENCODING.contains(transferEncoding)) { + log.debug("Supported transfer encoding: " + transferEncoding); + } else { + log + .error("Transferencoding not supported: " + + transferEncoding); + throw new SLBindingException(2005); + } + } + } + String charset = HttpUtil.getCharset(cl, true); + assignXMLRequest(fp.getFormParameterValue(), charset); + } else { + FormParameterStore fps = new FormParameterStore(); + fps.init(fp); + if (!fps.isEmpty()) { + log.debug("Setting from parameter: " + fps.getFormParameterName()); + formParameterMap.put(fps.getFormParameterName(), fps); + } + } + } + if (slCommand == null) { + throw new SLBindingException(2004); + } + if (is.read() != -1) { + log.error("Request input stream not completely read"); + // consume rest of stream, should never occur + throw new SLRuntimeException( + "request input stream not consumed till end"); + } + } catch (SLException slx) { + log.info("Error while consuming input stream " + slx); + bindingProcessorError = slx; + } catch (Throwable t) { + log.info("Error while consuming input stream " + t, t); + bindingProcessorError = new SLException(2000); + } finally { + try { + while (is.read() != -1) + ; + } catch (IOException e) { + log.error(e); + } + } + } + + @Override + public String getResultContentType() { + return resultContentType; + } + + protected Transformer getTransformer(String styleSheetURL) { + if (styleSheetURL == null) { + log.debug("Stylesheet URL not set"); + return null; + } + try { + URLDereferencerContext urlCtx = new SimpleFormDataContextImpl(this); + URIResolver resolver = new URIResolverAdapter(URLDereferencer + .getInstance(), urlCtx); + TransformerFactory factory = TransformerFactory.newInstance(); + StreamData sd = URLDereferencer.getInstance().dereference(styleSheetURL, + urlCtx); + Transformer t = factory.newTransformer(new StreamSource(sd.getStream())); + t.setURIResolver(resolver); + return t; + } catch (Exception ex) { + log.info("Cannot instantiate transformer", ex); + bindingProcessorError = new SLException(2002); + return null; + } + } + + protected void handleBindingProcessorError(OutputStream os, String encoding, + Transformer transformer) throws IOException { + log.debug("Writing error as result"); + ErrorResultImpl error = new ErrorResultImpl(bindingProcessorError); + try { + error.writeTo(new StreamResult(new OutputStreamWriter(os, encoding)), + transformer); + } catch (TransformerException e) { + log.fatal("Cannot write error result to stream", e); + } + } + + @Override + public void writeResultTo(OutputStream os, String encoding) + throws IOException { + if (encoding == null) { + encoding = HttpUtil.DEFAULT_CHARSET; + } + if (bindingProcessorError != null) { + log.debug("Detected error in binding processor, writing error as result"); + handleBindingProcessorError(os, encoding, transformer); + return; + } else if (dataUrlResponse != null) { + log.debug("Writing data url response as result"); + String charEnc = HttpUtil.getCharset(dataUrlResponse.getContentType(), + true); + InputStreamReader isr = new InputStreamReader( + dataUrlResponse.getStream(), charEnc); + OutputStreamWriter osw = new OutputStreamWriter(os, encoding); + if (transformer == null) { + StreamUtil.copyStream(isr, osw); + } else { + try { + transformer.transform(new StreamSource(isr), new StreamResult(osw)); + } catch (TransformerException e) { + log.fatal("Exception occured during result transformation", e); + // bindingProcessorError = new SLException(2008); + // handleBindingProcessorError(os, encoding, null); + return; + } + } + osw.flush(); + isr.close(); + } else if (slResult == null) { + // result not yet assigned -> must be a cancel + bindingProcessorError = new SLException(6001); + handleBindingProcessorError(os, encoding, transformer); + return; + } else { + log.debug("Getting result from invoker"); + OutputStreamWriter osw = new OutputStreamWriter(os, encoding); + try { + slResult.writeTo(new StreamResult(osw), transformer); + } catch (TransformerException e) { + log.fatal("Cannot write result to stream", e); + // bindingProcessorError = new SLException(2008); + // handleBindingProcessorError(os, encoding, transformer); + } + osw.flush(); + } + } + + /** + * The response code from the dataurl server or 200 if no dataurl server + * created the result + * + * @return + */ + public int getResponseCode() { + return responseCode; + } + + /** + * All headers from the data url server in case of a direct forward from the + * dataurl server. + * + * @return + */ + public Map getResponseHeaders() { + return responseHeaders; + } + + @Override + public void setLocale(Locale locale) { + if (locale == null) { + throw new NullPointerException("Locale must not be set to null"); + } + this.locale = locale; + } + } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java index ef2affd1..a23d96e8 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/SLCommandInvokerImpl.java @@ -1,66 +1,95 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.binding; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slcommands.SLCommand; -import at.gv.egiz.bku.slcommands.SLCommandInvoker; -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slcommands.SLSourceContext; -import at.gv.egiz.bku.slcommands.SLTargetContext; - -/** - * This class implements the entry point for the CCEs security management. - * - * TODO the secuirty management is currently not implemented. - */ -public class SLCommandInvokerImpl implements SLCommandInvoker { - - private static Log log = LogFactory.getLog(SLCommandInvokerImpl.class); - - protected SLCommand command; - protected SLResult result; - - /** - * Invokes a sl command. - */ - public void invoke(SLSourceContext aContext) { - // FIXXME add security policy here. - log.warn("Security policy not implemented yet, invoking command: "+command); - result = command.execute(); - } - - public SLResult getResult(SLTargetContext aContext) { - // FIXXME - log.warn("Security policy not implemented yet, getting result of command: "+command); - return result; - } - - public void setCommand(SLCommand aCmd) { - command = aCmd; - } - - @Override - public SLCommandInvoker newInstance() { - SLCommandInvokerImpl cmdInv = new SLCommandInvokerImpl(); - return cmdInv; - } - - + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.binding; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLSourceContext; +import at.gv.egiz.bku.slcommands.SLTargetContext; +import at.gv.egiz.bku.slexceptions.SLException; + +/** + * This class implements the entry point for the CCEs security management. + * + */ +public class SLCommandInvokerImpl implements SLCommandInvoker { + + private static Log log = LogFactory.getLog(SLCommandInvokerImpl.class); + + protected SLCommand command; + protected SLResult result; + protected SecurityManagerFacade securityManager; + + /** + * Invokes a sl command. + * + * @throws SLException + */ + public void invoke(SLSourceContext aContext) throws SLException { + if (securityManager == null) { + log.warn("Security policy not implemented yet, invoking command: " + + command); + result = command.execute(); + } else { + if (securityManager.mayInvokeCommand(command, aContext)) { + result = command.execute(); + } else { + throw new SLException(6002); + } + } + } + + public SLResult getResult(SLTargetContext aContext) throws SLException { + if (securityManager == null) { + log + .warn("Security policy not implemented yet, getting result of command: " + + command); + return result; + } else { + if (securityManager.maySendResult(command, aContext)) { + return result; + } else { + throw new SLException(6002); + } + } + } + + public void setCommand(SLCommand aCmd) { + command = aCmd; + } + + @Override + public SLCommandInvoker newInstance() { + SLCommandInvokerImpl cmdInv = new SLCommandInvokerImpl(); + cmdInv.setSecurityManager(securityManager); + return cmdInv; + } + + public SecurityManagerFacade getSecurityManager() { + return securityManager; + } + + public void setSecurityManager(SecurityManagerFacade securityManager) { + this.securityManager = securityManager; + } + } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java index 77529a36..73fddf1f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxReadCommand.java @@ -16,5 +16,13 @@ */ package at.gv.egiz.bku.slcommands; -public interface InfoboxReadCommand extends SLCommand { +public interface InfoboxReadCommand extends SLCommand { + public String getInfoboxIdentifier(); + + /** + * Convenience method to get the domain identifier if the infobox + * referes to a Identitylink. + * @return the domain id or null if the Infobox is not of type Identitylink or no domain parameter was specified + */ + public String getIdentityLinkDomainId(); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java index 30c6b68f..c28288c9 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandInvoker.java @@ -16,7 +16,8 @@ */ package at.gv.egiz.bku.slcommands; -import at.gv.egiz.bku.slexceptions.SLCanceledException; +import at.gv.egiz.bku.slexceptions.SLCanceledException; +import at.gv.egiz.bku.slexceptions.SLException; public interface SLCommandInvoker { @@ -25,7 +26,7 @@ public interface SLCommandInvoker { * @param aContext * @throws SLCanceledException if the security management prevents execution of this command */ - public void invoke(SLSourceContext aContext) throws SLCanceledException; + public void invoke(SLSourceContext aContext) throws SLException; /** * @@ -33,7 +34,7 @@ public interface SLCommandInvoker { * @return * @throws SLCanceledException if the security management prevents execution of this command */ - public SLResult getResult(SLTargetContext aContext) throws SLCanceledException; + public SLResult getResult(SLTargetContext aContext) throws SLException; public void setCommand(at.gv.egiz.bku.slcommands.SLCommand aCmd); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java index ded55b2a..f25a0ea4 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLSourceContext.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.slcommands; +import java.net.URL; import java.security.cert.X509Certificate; import at.gv.egiz.bku.utils.binding.Protocol; @@ -23,17 +24,17 @@ import at.gv.egiz.bku.utils.binding.Protocol; public class SLSourceContext { - private Protocol sourceProtocol; + private URL sourceUrl; private boolean sourceIsDataURL; private X509Certificate sourceCertificate; private String sourceHTTPReferer; - public Protocol getSourceProtocol() { - return sourceProtocol; + public URL getSourceUrl() { + return sourceUrl; } - public void setSourceProtocol(Protocol sourceProtocol) { - this.sourceProtocol = sourceProtocol; + public void setSourceUrl(URL sourceProtocol) { + this.sourceUrl = sourceProtocol; } public boolean isSourceIsDataURL() { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java index cf800406..f9df3ced 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLTargetContext.java @@ -16,19 +16,20 @@ */ package at.gv.egiz.bku.slcommands; -import java.security.cert.X509Certificate; +import java.net.URL; +import java.security.cert.X509Certificate; public class SLTargetContext { - private String targetProtocol; + private URL targetUrl; private boolean targetIsDataURL; private X509Certificate targetCertificate; - public String getTargetProtocol() { - return targetProtocol; + public URL getTargetUrl() { + return targetUrl; } - public void setTargetProtocol(String targetProtocol) { - this.targetProtocol = targetProtocol; + public void setTargetUrl(URL targetUrl) { + this.targetUrl = targetUrl; } public boolean isTargetIsDataURL() { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index 93131cf4..b6745e1f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -405,5 +405,10 @@ public class InfoboxReadCommandImpl extends SLCommandImpl headers = new HashMap(); headers.put("Content-Type", InputDecoderFactory.MULTIPART_FORMDATA + ";boundary=---------------------------2330864292941"); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java index 41c69a1d..61729567 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java @@ -16,16 +16,18 @@ */ package at.gv.egiz.bku.binding; +import java.net.MalformedURLException; + import org.junit.Test; import static org.junit.Assert.*; public class ExpiryRemoverTest { @Test - public void testMe() throws InterruptedException { + public void testMe() throws InterruptedException, MalformedURLException { BindingProcessorManager manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); - BindingProcessor bp = manager.createBindingProcessor("http", null); + BindingProcessor bp = manager.createBindingProcessor("http://www.at", null); ExpiryRemover remover = new ExpiryRemover(); remover.setBindingProcessorManager(manager); remover.execute(); @@ -42,10 +44,10 @@ public class ExpiryRemoverTest { } @Test - public void testMe2() throws InterruptedException { + public void testMe2() throws InterruptedException, MalformedURLException { BindingProcessorManager manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); - BindingProcessor bp = manager.createBindingProcessor("http", null); + BindingProcessor bp = manager.createBindingProcessor("http://www.iaik.at", null); ExpiryRemover remover = new ExpiryRemover(); remover.setBindingProcessorManager(manager); remover.execute(); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java index 38f61aa2..6a0792d5 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java @@ -93,7 +93,7 @@ public class HttpBindingProcessorTest { manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); bindingProcessor = (HTTPBindingProcessor) manager.createBindingProcessor( - "http", null); + "http://www.iaik.at", null); clientHeaderMap = new HashMap(); clientHeaderMap.put("Content-Type", "application/x-www-form-urlencoded;charset=utf8"); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java index 7ef1a9bf..2c48bf4e 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.binding; import java.io.InputStream; +import java.net.MalformedURLException; import java.util.HashMap; import java.util.LinkedList; import java.util.List; @@ -34,11 +35,11 @@ public class MultipartSLRequestTest { protected BindingProcessorManager manager; @Before - public void setUp() { + public void setUp() throws MalformedURLException { manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); HTTPBindingProcessor http = (HTTPBindingProcessor) manager - .createBindingProcessor("http", null); + .createBindingProcessor("http://www.at/", null); Map headers = new HashMap(); headers.put("Content-Type", InputDecoderFactory.MULTIPART_FORMDATA + ";boundary=---------------------------2330864292941"); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java index 66b9dffb..b2a7d387 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.binding; import java.io.InputStream; +import java.net.MalformedURLException; import java.util.HashMap; import java.util.Map; @@ -32,9 +33,9 @@ public class NullOperationTest { protected BindingProcessorManager manager; @Before - public void setUp() { + public void setUp() throws MalformedURLException { manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); - HTTPBindingProcessor http = (HTTPBindingProcessor) manager.createBindingProcessor("http", null); + HTTPBindingProcessor http = (HTTPBindingProcessor) manager.createBindingProcessor("http://www.at/", null); Map headers = new HashMap(); headers.put("Content-Type", "application/x-www-form-urlencoded"); http.setHTTPHeaders(headers); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java index e644f964..45e38674 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java @@ -119,5 +119,10 @@ public class TestDataUrlConnection implements DataUrlConnectionSPI { @Override public DataUrlConnectionSPI newInstance() { return this; - } + } + + @Override + public URL getUrl() { + return url; + } } diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml index 2455d68d..22f9e4a5 100644 --- a/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml @@ -29,7 +29,7 @@ anonymous - *.gv.at + $.gv.at allow @@ -44,7 +44,7 @@ IdentityLink - * + .* allow @@ -56,7 +56,7 @@ https://finanzonline.bmf.gv.at/* Mandates - * + .* allow diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/SimpleChainTest.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/SimpleChainTest.xml new file mode 100644 index 00000000..92490fb2 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/SimpleChainTest.xml @@ -0,0 +1,39 @@ + + + + + + + pseudoanonymous + + DelegateFilter + + + + + + + + + certified + + IdentityLink + derived + + + allow + + + + certified + + IdentityLink + + + deny + + + + + + \ No newline at end of file -- cgit v1.2.3 From 14d74dd27c32a02b5301a0755f3fe174d7e3c9f6 Mon Sep 17 00:00:00 2001 From: wbauer Date: Fri, 5 Sep 2008 12:05:55 +0000 Subject: added file headers git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@17 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../accesscontroller/SpringSecurityManager.java | 16 +++++++++++++++ .../egiz/bku/online/conf/SpringConfigurator.java | 16 +++++++++++++++ .../egiz/bku/online/conf/accessControlConfig.xml | 12 +++++++++++ .../gv/egiz/bku/online/conf/defaultConf.properties | 18 ++++++++++++++++ .../bku/accesscontrol/config/AccessControl.java | 24 ++++++++++++++-------- .../gv/egiz/bku/accesscontrol/config/Action.java | 24 ++++++++++++++-------- .../at/gv/egiz/bku/accesscontrol/config/Chain.java | 23 ++++++++++++++------- .../gv/egiz/bku/accesscontrol/config/Chains.java | 24 ++++++++++++++-------- .../gv/egiz/bku/accesscontrol/config/Command.java | 24 ++++++++++++++-------- .../bku/accesscontrol/config/ObjectFactory.java | 23 ++++++++++++++------- .../at/gv/egiz/bku/accesscontrol/config/Param.java | 24 ++++++++++++++-------- .../at/gv/egiz/bku/accesscontrol/config/Rule.java | 23 ++++++++++++++------- .../at/gv/egiz/bku/accesscontrol/config/Rules.java | 24 ++++++++++++++-------- .../egiz/bku/accesscontroller/AccessChecker.java | 16 +++++++++++++++ .../bku/accesscontroller/AccessCheckerContext.java | 16 +++++++++++++++ .../accesscontroller/AccessControllerFactory.java | 16 +++++++++++++++ .../at/gv/egiz/bku/accesscontroller/Action.java | 16 +++++++++++++++ .../bku/accesscontroller/AuthenticationClass.java | 16 +++++++++++++++ .../accesscontroller/AuthenticationClassifier.java | 16 +++++++++++++++ .../gv/egiz/bku/accesscontroller/ChainChecker.java | 16 +++++++++++++++ .../gv/egiz/bku/accesscontroller/ChainResult.java | 16 +++++++++++++++ .../bku/accesscontroller/CommandParamChecker.java | 16 +++++++++++++++ .../bku/accesscontroller/InfoboxParamChecker.java | 16 +++++++++++++++ .../gv/egiz/bku/accesscontroller/RuleChecker.java | 16 +++++++++++++++ .../gv/egiz/bku/accesscontroller/RuleResult.java | 16 +++++++++++++++ .../accesscontroller/SecurityManagerFacade.java | 16 +++++++++++++++ .../gv/egiz/bku/accesscontroller/UserAction.java | 16 +++++++++++++++ 27 files changed, 430 insertions(+), 69 deletions(-) (limited to 'bkucommon/src/main') diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java index 404e254e..3d0df8c4 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java @@ -1,3 +1,19 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ package at.gv.egiz.bku.online.accesscontroller; import java.io.IOException; diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index 768bedea..545a69c9 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -1,3 +1,19 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ package at.gv.egiz.bku.online.conf; import java.io.File; diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml index e12d1abe..69b45d1b 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml @@ -1,4 +1,16 @@ + org.apache.maven.plugins maven-surefire-plugin - true + true \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java new file mode 100644 index 00000000..49d3c63f --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java @@ -0,0 +1,42 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package at.gv.egiz.bku.slcommands.impl; + +import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; +import at.gv.egiz.stal.HashDataInput; +import java.io.InputStream; + +/** + * + * @author clemens + */ +public class HashDataInputImpl implements HashDataInput { + + String refId; + String mimeType; + InputStream hashDataInput; + + public HashDataInputImpl(DataObject dataObject) { + refId = dataObject.getReference().getId(); + mimeType = dataObject.getMimeType(); + hashDataInput = dataObject.getReference().getDigestInputStream(); + } + + @Override + public String getReferenceId() { + return refId; + } + + @Override + public String getMimeType() { + return mimeType; + } + + @Override + public InputStream getHashDataInput() { + return hashDataInput; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java index 64c758c9..25e2d4e5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALPrivateKey.java @@ -14,109 +14,115 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.slcommands.impl.xsect; - -import java.security.PrivateKey; - -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.HashDataInputCallback; - -/** - * This class implements a private key used by the {@link STALSignature} class. - * - * @author mcentner - */ -public class STALPrivateKey implements PrivateKey { - - private static final long serialVersionUID = 1L; - - /** - * The STAL implementation. - */ - private STAL stal; - - /** - * The callback interface for obtaining the hash input data. - */ - private HashDataInputCallback hashDataInputCallback; - - /** - * The keybox identifier. - */ - private String keyboxIdentifier; - - /** - * The signature algorithm. - */ - private String algorithm; - - /** - * Creates a new instance of this STALPrivateKey with the given - * stal implementation, signature algorithm, - * keyboxIdentifier and hashDataInputCallback - * interface. - * - * @param stal - * the STAL implementation - * @param algorithm - * the signature algorithm - * @param keyboxIdentifier - * the keybox identifier - * @param hashDataInputCallback - * the interface for obtaining the has input data - */ - public STALPrivateKey(STAL stal, - String algorithm, String keyboxIdentifier, HashDataInputCallback hashDataInputCallback) { - super(); - this.keyboxIdentifier = keyboxIdentifier; - this.hashDataInputCallback = hashDataInputCallback; - this.stal = stal; - this.algorithm = algorithm; - } - - /* (non-Javadoc) - * @see java.security.Key#getAlgorithm() - */ - @Override - public String getAlgorithm() { - return algorithm; - } - - /* (non-Javadoc) - * @see java.security.Key#getEncoded() - */ - @Override - public byte[] getEncoded() { - throw new UnsupportedOperationException("STALPrivateKey does not support the getEncoded() method."); - } - - /* (non-Javadoc) - * @see java.security.Key#getFormat() - */ - @Override - public String getFormat() { - return null; - } - - /** - * @return the STAL implementation - */ - public STAL getStal() { - return stal; - } - - /** - * @return the interface for obtaining the hash data input - */ - public HashDataInputCallback getHashDataInputCallback() { - return hashDataInputCallback; - } - - /** - * @return the keybox identifier - */ - public String getKeyboxIdentifier() { - return keyboxIdentifier; - } - -} +package at.gv.egiz.bku.slcommands.impl.xsect; + +import at.gv.egiz.stal.HashDataInput; +import java.security.PrivateKey; + +import at.gv.egiz.stal.STAL; +//import at.gv.egiz.stal.HashDataInputCallback; +import java.util.List; + +/** + * This class implements a private key used by the {@link STALSignature} class. + * + * @author mcentner + */ +public class STALPrivateKey implements PrivateKey { + + private static final long serialVersionUID = 1L; + + /** + * The STAL implementation. + */ + private STAL stal; + + /** + * The callback interface for obtaining the hash input data. + */ +// private HashDataInputCallback hashDataInputCallback; + + + private List dataObjects; + + /** + * The keybox identifier. + */ + private String keyboxIdentifier; + + /** + * The signature algorithm. + */ + private String algorithm; + + /** + * Creates a new instance of this STALPrivateKey with the given + * stal implementation, signature algorithm, + * keyboxIdentifier and hashDataInputCallback + * interface. + * + * @param stal + * the STAL implementation + * @param algorithm + * the signature algorithm + * @param keyboxIdentifier + * the keybox identifier + * @param hashDataInputCallback + * the interface for obtaining the has input data + */ + public STALPrivateKey(STAL stal, + String algorithm, String keyboxIdentifier, List dataObjects) { + super(); + this.keyboxIdentifier = keyboxIdentifier; + this.dataObjects = dataObjects; + this.stal = stal; + this.algorithm = algorithm; + } + + /* (non-Javadoc) + * @see java.security.Key#getAlgorithm() + */ + @Override + public String getAlgorithm() { + return algorithm; + } + + /* (non-Javadoc) + * @see java.security.Key#getEncoded() + */ + @Override + public byte[] getEncoded() { + throw new UnsupportedOperationException("STALPrivateKey does not support the getEncoded() method."); + } + + /* (non-Javadoc) + * @see java.security.Key#getFormat() + */ + @Override + public String getFormat() { + return null; + } + + /** + * @return the STAL implementation + */ + public STAL getStal() { + return stal; + } + + /** + * @return the interface for obtaining the hash data input + */ + public List getDataObjects() { + + return dataObjects; + } + + /** + * @return the keybox identifier + */ + public String getKeyboxIdentifier() { + return keyboxIdentifier; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java index f0fcb891..eba1d96d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java @@ -14,152 +14,164 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.slcommands.impl.xsect; - -import java.io.ByteArrayOutputStream; -import java.security.InvalidKeyException; -import java.security.InvalidParameterException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SignatureException; -import java.security.SignatureSpi; -import java.util.Collections; -import java.util.List; - -import at.gv.egiz.stal.ErrorResponse; -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; -import at.gv.egiz.stal.SignRequest; -import at.gv.egiz.stal.SignResponse; -import at.gv.egiz.stal.HashDataInputCallback; - -/** - * A signature service provider implementation that uses STAL to sign. - * - * @author mcentner - */ -public class STALSignature extends SignatureSpi { - - /** - * The private key. - */ - protected STALPrivateKey privateKey; - - /** - * The to-be signed data. - */ - protected ByteArrayOutputStream data = new ByteArrayOutputStream(); - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineGetParameter(java.lang.String) - */ - @Override - protected Object engineGetParameter(String param) - throws InvalidParameterException { - throw new InvalidParameterException(); - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineInitSign(java.security.PrivateKey) - */ - @Override - protected void engineInitSign(PrivateKey privateKey) - throws InvalidKeyException { - - if (!(privateKey instanceof STALPrivateKey)) { - throw new InvalidKeyException("STALSignature supports STALKeys only."); - } - - this.privateKey = (STALPrivateKey) privateKey; - - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineInitVerify(java.security.PublicKey) - */ - @Override - protected void engineInitVerify(PublicKey publicKey) - throws InvalidKeyException { - - throw new UnsupportedOperationException("STALSignature does not support signature verification."); - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineSetParameter(java.lang.String, java.lang.Object) - */ - @Override - protected void engineSetParameter(String param, Object value) - throws InvalidParameterException { - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineSign() - */ - @Override - protected byte[] engineSign() throws SignatureException { - - STAL stal = privateKey.getStal(); - - if (stal == null) { - throw new SignatureException("STALSignature requires the STALPrivateKey " + - "to provide a STAL implementation reference."); - } - - HashDataInputCallback signRefDataSupplier = privateKey.getHashDataInputCallback(); - - String keyboxIdentifier = privateKey.getKeyboxIdentifier(); - - if (keyboxIdentifier == null) { - throw new SignatureException("STALSignature requires the STALPrivateKey " + - "to provide a KeyboxIdentifier."); - } - - SignRequest signRequest = new SignRequest(); - signRequest.setKeyIdentifier(keyboxIdentifier); - signRequest.setSignedInfo(data.toByteArray()); - signRequest.setHashDataInput(signRefDataSupplier); - - List responses = stal.handleRequest(Collections.singletonList((STALRequest) signRequest)); - - if (responses == null || responses.size() != 1) { - throw new SignatureException("Failed to access STAL."); - } - - STALResponse response = responses.get(0); - if (response instanceof SignResponse) { - return ((SignResponse) response).getSignatureValue(); - } else if (response instanceof ErrorResponse) { - throw new STALSignatureException(((ErrorResponse) response).getErrorCode()); - } else { - throw new SignatureException("Failed to access STAL."); - } - - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineUpdate(byte) - */ - @Override - protected void engineUpdate(byte b) throws SignatureException { - data.write(b); - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineUpdate(byte[], int, int) - */ - @Override - protected void engineUpdate(byte[] b, int off, int len) - throws SignatureException { - data.write(b, off, len); - } - - /* (non-Javadoc) - * @see java.security.SignatureSpi#engineVerify(byte[]) - */ - @Override - protected boolean engineVerify(byte[] sigBytes) throws SignatureException { - throw new UnsupportedOperationException("STALSignature des not support signature verification."); - } - -} +package at.gv.egiz.bku.slcommands.impl.xsect; + +import at.gv.egiz.bku.slcommands.impl.HashDataInputImpl; +import java.io.ByteArrayOutputStream; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.util.Collections; +import java.util.List; + +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignResponse; +//import at.gv.egiz.stal.HashDataInputCallback; +import java.util.ArrayList; + +/** + * A signature service provider implementation that uses STAL to sign. + * + * @author mcentner + */ +public class STALSignature extends SignatureSpi { + +// private static final Log log = LogFactory.getLog(STALSignature.class); + + /** + * The private key. + */ + protected STALPrivateKey privateKey; + + /** + * The to-be signed data. + */ + protected ByteArrayOutputStream data = new ByteArrayOutputStream(); + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineGetParameter(java.lang.String) + */ + @Override + protected Object engineGetParameter(String param) + throws InvalidParameterException { + throw new InvalidParameterException(); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineInitSign(java.security.PrivateKey) + */ + @Override + protected void engineInitSign(PrivateKey privateKey) + throws InvalidKeyException { + + if (!(privateKey instanceof STALPrivateKey)) { + throw new InvalidKeyException("STALSignature supports STALKeys only."); + } + + this.privateKey = (STALPrivateKey) privateKey; + + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineInitVerify(java.security.PublicKey) + */ + @Override + protected void engineInitVerify(PublicKey publicKey) + throws InvalidKeyException { + + throw new UnsupportedOperationException("STALSignature does not support signature verification."); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineSetParameter(java.lang.String, java.lang.Object) + */ + @Override + protected void engineSetParameter(String param, Object value) + throws InvalidParameterException { + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineSign() + */ + @Override + protected byte[] engineSign() throws SignatureException { + + STAL stal = privateKey.getStal(); + + if (stal == null) { + throw new SignatureException("STALSignature requires the STALPrivateKey " + + "to provide a STAL implementation reference."); + } + + String keyboxIdentifier = privateKey.getKeyboxIdentifier(); + + if (keyboxIdentifier == null) { + throw new SignatureException("STALSignature requires the STALPrivateKey " + + "to provide a KeyboxIdentifier."); + } + + // get hashDataInputs (DigestInputStreams) once slcommands.impl.xsect.Signature::sign() was called + List dataObjects = privateKey.getDataObjects(); +// log.debug("got " + dataObjects.size() + " DataObjects, passing HashDataInputs to STAL SignRequest"); + + List hashDataInputs = new ArrayList(); + for (DataObject dataObject : dataObjects) { + hashDataInputs.add(new HashDataInputImpl(dataObject)); + } + + SignRequest signRequest = new SignRequest(); + signRequest.setKeyIdentifier(keyboxIdentifier); + signRequest.setSignedInfo(data.toByteArray()); + signRequest.setHashDataInput(hashDataInputs); + + List responses = stal.handleRequest(Collections.singletonList((STALRequest) signRequest)); + + if (responses == null || responses.size() != 1) { + throw new SignatureException("Failed to access STAL."); + } + + STALResponse response = responses.get(0); + if (response instanceof SignResponse) { + return ((SignResponse) response).getSignatureValue(); + } else if (response instanceof ErrorResponse) { + throw new STALSignatureException(((ErrorResponse) response).getErrorCode()); + } else { + throw new SignatureException("Failed to access STAL."); + } + + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineUpdate(byte) + */ + @Override + protected void engineUpdate(byte b) throws SignatureException { + data.write(b); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineUpdate(byte[], int, int) + */ + @Override + protected void engineUpdate(byte[] b, int off, int len) + throws SignatureException { + data.write(b, off, len); + } + + /* (non-Javadoc) + * @see java.security.SignatureSpi#engineVerify(byte[]) + */ + @Override + protected boolean engineVerify(byte[] sigBytes) throws SignatureException { + throw new UnsupportedOperationException("STALSignature des not support signature verification."); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java index 94a4a066..191f8371 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java @@ -14,922 +14,939 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.slcommands.impl.xsect; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Collections; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.crypto.MarshalException; -import javax.xml.crypto.dom.DOMStructure; -import javax.xml.crypto.dsig.CanonicalizationMethod; -import javax.xml.crypto.dsig.DigestMethod; -import javax.xml.crypto.dsig.Reference; -import javax.xml.crypto.dsig.SignatureMethod; -import javax.xml.crypto.dsig.SignedInfo; -import javax.xml.crypto.dsig.XMLObject; -import javax.xml.crypto.dsig.XMLSignature; -import javax.xml.crypto.dsig.XMLSignatureException; -import javax.xml.crypto.dsig.XMLSignatureFactory; -import javax.xml.crypto.dsig.dom.DOMSignContext; -import javax.xml.crypto.dsig.keyinfo.KeyInfo; -import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; -import javax.xml.crypto.dsig.keyinfo.X509Data; -import javax.xml.stream.XMLStreamException; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.etsi.uri._01903.v1_1.DataObjectFormatType; -import org.etsi.uri._01903.v1_1.QualifyingPropertiesType; -import org.w3c.dom.DOMConfiguration; -import org.w3c.dom.DOMException; -import org.w3c.dom.Document; -import org.w3c.dom.DocumentFragment; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.ls.DOMImplementationLS; -import org.w3c.dom.ls.LSException; -import org.w3c.dom.ls.LSInput; -import org.w3c.dom.ls.LSOutput; -import org.w3c.dom.ls.LSParser; -import org.w3c.dom.ls.LSResourceResolver; -import org.w3c.dom.ls.LSSerializer; - -import at.buergerkarte.namespaces.securitylayer._1.Base64XMLLocRefReqRefContentType; -import at.buergerkarte.namespaces.securitylayer._1.Base64XMLOptRefContentType; -import at.buergerkarte.namespaces.securitylayer._1.DataObjectAssociationType; -import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; -import at.buergerkarte.namespaces.securitylayer._1.SignatureInfoCreationType; -import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLRequestException; -import at.gv.egiz.bku.utils.HexDump; -import at.gv.egiz.bku.utils.urldereferencer.StreamData; -import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; -import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; -import at.gv.egiz.dom.DOMUtils; -import at.gv.egiz.slbinding.impl.XMLContentType; -import at.gv.egiz.stal.HashDataInputCallback; -import at.gv.egiz.stal.STAL; -import at.gv.egiz.xades.QualifyingPropertiesException; -import at.gv.egiz.xades.QualifyingPropertiesFactory; - -/** - * This class represents an XML-Signature as to be created by the - * security layer command CreateXMLSignatureRequest. - * - * @author mcentner - */ -public class Signature implements HashDataInputCallback { - - /** - * Logging facility. - */ - private static Log log = LogFactory.getLog(Signature.class); - - /** - * The DOM implementation used. - */ - private DOMImplementationLS domImplLS; - - /** - * The SignatureContext for the XMLSignature. - */ - private SignatureContext ctx; - - /** - * The list of {@link DataObject}s for this signature. - */ - private List dataObjects = new ArrayList(); - - /** - * A mapping from the Id-attribute values of this signature's - * ds:References to the corresponding {@link DataObject}s. - */ - private Map dataObjectReferencIds = new HashMap(); - - /** - * The SignatureEnvironment for this signature. - */ - private SignatureLocation signatureLocation; - - /** - * The XML signature. - */ - private XMLSignature xmlSignature; - - /** - * A list of attributes of type xsd:ID to be registered in the {@link DOMSignContext}. - */ - private List idAttributes = new ArrayList(); - - /** - * The signer's X509 certificate. - */ - private X509Certificate signerCertificate; - - /** - * The signing time. - */ - private Date signingTime; - - /** - * Creates a new SLXMLSignature instance. - */ - public Signature(URLDereferencerContext dereferencerContext, - IdValueFactory idValueFactory, - AlgorithmMethodFactory algorithmMethodFactory) { - - domImplLS = DOMUtils.getDOMImplementationLS(); - - ctx = new SignatureContext(); - - ctx.setSignatureFactory(XMLSignatureFactory.getInstance()); - - ctx.setDereferencerContext(dereferencerContext); - ctx.setIdValueFactory(idValueFactory); - ctx.setAlgorithmMethodFactory(algorithmMethodFactory); - - } - - /** - * @return the Document containing this Signature - */ - public Document getDocument() { - return ctx.getDocument(); - } - - /** - * @return the parent Node for this Signature - */ - public Node getParent() { - return (signatureLocation != null) ? signatureLocation.getParent() : null; - } - - /** - * @return the next sibling Node for this Signature - */ - public Node getNextSibling() { - return (signatureLocation != null) ? signatureLocation.getNextSibling() : null; - } - - /** - * @return the XMLSignature - */ - public XMLSignature getXMLSignature() { - return xmlSignature; - } - - /** - * @return the list of {@link Reference}s of this Signature - */ - @SuppressWarnings("unchecked") - public List getReferences() { - return (xmlSignature != null) ? xmlSignature.getSignedInfo().getReferences() : null; - } - - /** - * @return the list of {@link XMLObject}s of this Signature - */ - @SuppressWarnings("unchecked") - public List getXMLObjects() { - return (xmlSignature != null) ? xmlSignature.getObjects() : null; - } - - /** - * Prepares the signature document with the information given by the - * signatureInfo provided. - * - * @param signatureInfo - * the SignatureInfo - * - * @throws SLCommandException - * if processing fails for any reason - * @throws IllegalStateException - * if the parent node has already been set - * @throws NullPointerException - * if signatureInfo is null - */ - public void setSignatureInfo(SignatureInfoCreationType signatureInfo) throws SLCommandException { - - if (signatureLocation != null) { - throw new IllegalStateException("SignatureEnvironment already set."); - } - - Base64XMLOptRefContentType signatureEnvironment = signatureInfo.getSignatureEnvironment(); - - if (signatureEnvironment == null) { - - // no SignatureEnvironment, so we use an empty document and the document as parent - ensureSignatureLocation(); - - } else { - - // parse SignatureEnvrionment and use as document - Document document = parseSignatureEnvironment(signatureEnvironment, signatureInfo.getSupplement()); - ctx.setDocument(document); - - signatureLocation = new SignatureLocation(ctx); - signatureLocation.setSignatureInfo(signatureInfo); - - } - - } - - /** - * Ensures a SignatureLocation for this Signature. - */ - private void ensureSignatureLocation() { - - if (signatureLocation == null) { - Document document = DOMUtils.createDocument(); - ctx.setDocument(document); - - signatureLocation = new SignatureLocation(ctx); - signatureLocation.setParent(document); - } - - } - - /** - * Adds a DataObject with the information given by the - * dataObjectInfo provided to this Signature. - * - * @param dataObjectInfo - * the DataObjectInfo element - * - * @throws SLCommandException - * if adding the DataObject fails - * @throws SLRequestException - * if the information provided by the given - * dataObjectInfo does not conform to the security - * layer specification - * @throws NullPointerException - * if dataObjectInfo is null - */ - public void addDataObject(DataObjectInfoType dataObjectInfo) throws SLCommandException, SLRequestException { - - ensureSignatureLocation(); - - DataObject dataObject = new DataObject(ctx); - dataObject.setDataObjectInfo(dataObjectInfo); - - dataObjects.add(dataObject); - - dataObjectReferencIds.put(dataObject.getReference().getId(), dataObject); - - } - - /** - * Sets the SigningTime qualifying property of this Signature. - * - * @param signingTime the signing time to set - */ - public void setSigningTime(Date signingTime) { - this.signingTime = signingTime; - } - - /** - * Sets the SignerCertificate qualifying property of this Signature. - * - * @param certificate the signer's certificate - */ - public void setSignerCeritifcate(X509Certificate certificate) { - this.signerCertificate = certificate; - } - - /** - * Builds the XMLSignature data structure of this Signature as configured by - * the various setter methods. - * - * @throws SLCommandException if building this signature fails - */ - public void buildXMLSignature() throws SLCommandException { - - List objects = new ArrayList(); - List references = new ArrayList(); - - // add all data objects - for (DataObject dataObject : dataObjects) { - if (dataObject.getXmlObject() != null) { - objects.add(dataObject.getXmlObject()); - } - if (dataObject.getReference() != null) { - references.add(dataObject.getReference()); - } - } - - addXAdESObjectAndReference(objects, references); - - XMLSignatureFactory signatureFactory = ctx.getSignatureFactory(); - AlgorithmMethodFactory algorithmMethodFactory = ctx.getAlgorithmMethodFactory(); - - CanonicalizationMethod cm; - SignatureMethod sm; - try { - cm = algorithmMethodFactory.createCanonicalizationMethod(ctx); - sm = algorithmMethodFactory.createSignatureMethod(ctx); - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get Canonicalization or Signature algorithm.", e); - throw new SLCommandException(4006); - } catch (InvalidAlgorithmParameterException e) { - log.error("Failed to get Canonicalization or Signature algorithm.", e); - throw new SLCommandException(4006); - } - - String siId = ctx.getIdValueFactory().createIdValue("SignedInfo"); - - SignedInfo si = signatureFactory.newSignedInfo(cm, sm, references, siId); - - KeyInfo ki = null; - if (signerCertificate != null) { - KeyInfoFactory kif = KeyInfoFactory.getInstance(); - X509Data x509Data = kif.newX509Data(Collections.singletonList(signerCertificate)); - ki = kif.newKeyInfo(Collections.singletonList(x509Data)); - } - - String signatureId = ctx.getIdValueFactory().createIdValue("Signature"); - String signatureValueId = ctx.getIdValueFactory().createIdValue("SignatureValue"); - - xmlSignature = signatureFactory.newXMLSignature(si, ki, objects, signatureId, signatureValueId); - - } - - /** - * Sign this Signature using the given signContext. - *

- * Call's {@link #buildXMLSignature()} if it has not been called yet. - *

- * - * @param signContext - * the signing context - * - * @throws MarshalException - * if marshalling the XMLSignature fails - * @throws XMLSignatureException - * if signing the XMLSignature fails - * @throws SLCommandException - * if building the XMLSignature fails - * @throws NullPointerException - * if signContext is null - */ - public void sign(DOMSignContext signContext) throws MarshalException, XMLSignatureException, SLCommandException { - - if (xmlSignature == null) { - buildXMLSignature(); - } - - for (IdAttribute idAttribute : idAttributes) { - signContext.setIdAttributeNS(idAttribute.element, idAttribute.namespaceURI, idAttribute.localName); - } - - // DO NOT USE: - // signContext.setProperty("iaik.xml.crypto.dsig.sign-over", Boolean.TRUE); - - signContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE); - - signContext.putNamespacePrefix(XMLSignature.XMLNS, "dsig"); - - signContext.setURIDereferencer(new URIDereferncerAdapter(ctx.getDereferencerContext())); - - try { - xmlSignature.sign(signContext); - } catch (XMLSignatureException e) { - Throwable cause = e.getCause(); - while (cause != null) { - if (cause instanceof STALSignatureException) { - int errorCode = ((STALSignatureException) cause).getErrorCode(); - SLCommandException commandException = new SLCommandException(errorCode); - log.info("Failed to sign signature.", commandException); - throw commandException; - } else { - cause = cause.getCause(); - } - } - throw e; - } - - // debug - if (log.isTraceEnabled()) { - for (DataObject dataObject : dataObjects) { - Reference reference = dataObject.getReference(); - InputStream digestInputStream = reference.getDigestInputStream(); - if (digestInputStream != null) { - String mimeType = dataObject.getMimeType(); - StringBuilder sb = new StringBuilder(); - sb.append("DigestInput for Reference with id='"); - sb.append(reference.getId()); - sb.append("' (MIME-Type="); - sb.append(dataObject.getMimeType()); - sb.append("):\n"); - try { - if (mimeType != null && ( - mimeType.startsWith("text") || - "application/xhtml+xml".equals(mimeType))) { - byte[] b = new byte[512]; - for (int l; (l = digestInputStream.read(b)) != -1;) { - sb.append(new String(b, 0, l)); - } - } else { - sb.append(HexDump.hexDump(digestInputStream)); - } - } catch (IOException e) { - log.error(e); - } - log.trace(sb.toString()); - } else { - log.trace("Reference caching is not enabled."); - } - } - } - - } - - /** - * Sign this Signature using the given stal implementation and - * keyboxIdentifier. - *

- * This method configures an appropriate {@link DOMSignContext} and calls - * {@link #sign(DOMSignContext)}. If {@link #buildXMLSignature()} has not been - * called yet, it is called by this method. - *

- * - * @param stal - * the STAL implementation to use - * @param keyboxIdentifier - * the KeyboxIdentifier to use - * - * @throws MarshalException - * if marshalling this Signature fails - * @throws XMLSignatureException - * if signing this Signature fails - * @throws SLCommandException - * if building this Signature fails - * @throws NullPointerException - * if stal or keyboxIdentifier is - * null - */ - public void sign(STAL stal, String keyboxIdentifier) throws MarshalException, XMLSignatureException, SLCommandException { - - if (stal == null) { - throw new NullPointerException("Argument 'stal' must not be null."); - } - - if (keyboxIdentifier == null) { - throw new NullPointerException("Argument 'keyboxIdentifier' must not be null."); - } - - if (xmlSignature == null) { - buildXMLSignature(); - } - - SignatureMethod signatureMethod = xmlSignature.getSignedInfo().getSignatureMethod(); - String algorithm = signatureMethod.getAlgorithm(); - - PrivateKey privateKey = new STALPrivateKey(stal, algorithm, keyboxIdentifier, this); - - DOMSignContext signContext; - if (getNextSibling() == null) { - signContext = new DOMSignContext(privateKey, getParent()); - } else { - signContext = new DOMSignContext(privateKey, getParent(), getNextSibling()); - } - - sign(signContext); - } - - @Override - public InputStream getHashDataInput(String referenceId) { - - DataObject dataObject = dataObjectReferencIds.get(referenceId); - if (dataObject != null) { - return dataObject.getReference().getDigestInputStream(); - } else { - return null; - } - } - - /** - * Adds the XAdES QualifyingProperties as an - * ds:Object and a corresponding ds:Reference to - * it's SignedProperties element to this Signature. - * - * @param objects - * the list of ds:Objects to add the created - * ds:Object to - * @param references - * the list of ds:References to add the created - * ds:Reference to - * - * @throws SLCommandException - * if creating and adding the XAdES - * QualifyingProperties fails - * @throws NullPointerException - * if objects or references is - * null - */ - private void addXAdESObjectAndReference(List objects, List references) throws SLCommandException { - - QualifyingPropertiesFactory factory = QualifyingPropertiesFactory.getInstance(); - - String idValue = ctx.getIdValueFactory().createIdValue("SignedProperties"); - - Date date = (signingTime != null) ? signingTime : new Date(); - - List signingCertificates; - if (signerCertificate != null) { - signingCertificates = Collections.singletonList(signerCertificate); - } else { - signingCertificates = Collections.emptyList(); - } - - // TODO: report MOA-SP bug - // - // The security layer specification mandates the use of version 1.2.2. of the - // XAdES QualifyingProperties. However MOA-SP supports only version 1.1.1. Therefore, - // the version 1.1.1 is used in order to be compatible with current MOA-SP versions. - - List dataObjectFormats = new ArrayList(); - for (DataObject dataObject : dataObjects) { - if (dataObject.getMimeType() != null && dataObject.getReference() != null) { - Reference reference = dataObject.getReference(); - if (reference.getId() != null) { - String objectReference = "#" + reference.getId(); - dataObjectFormats.add(factory.createDataObjectFormatType( - objectReference, dataObject.getMimeType(), dataObject - .getDescription())); - } - } - } - - JAXBElement qualifyingProperties; - try { - qualifyingProperties = factory.createQualifyingProperties111(date, signingCertificates, idValue, dataObjectFormats); - } catch (QualifyingPropertiesException e) { - log.error("Failed to create QualifyingProperties.", e); - throw new SLCommandException(4000); - } - - DocumentFragment fragment = ctx.getDocument().createDocumentFragment(); - - try { - factory.marshallQualifyingProperties(qualifyingProperties, fragment); - } catch (JAXBException e) { - log.error("Failed to marshal QualifyingProperties.", e); - throw new SLCommandException(4000); - } - - List content = Collections.singletonList(new DOMStructure(fragment.getFirstChild())); - - String objectIdValue = ctx.getIdValueFactory().createIdValue("Object"); - - XMLObject object = ctx.getSignatureFactory().newXMLObject(content, objectIdValue, null, null); - - objects.add(object); - - // TODO: Report MOA-SP Bug - // - // Direct referencing of the SignedPorperties Id-attribute is not supported by MOA-SP - // because the QualifyingProperties are parsed without the XAdES schema. Therefore, - // the shorthand XPointer could not be resolved. - // - // The following workaround uses an XPointer to select the SignedProperties in order - // to allow the signature to be verified with MOA-SP. - - String referenceURI = "#xmlns(xades=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('" - + objectIdValue - + "')/child::xades:QualifyingProperties/child::xades:SignedProperties)"; - DigestMethod dm; - try { - dm = ctx.getAlgorithmMethodFactory().createDigestMethod(ctx); - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get DigestMethod algorithm.", e); - throw new SLCommandException(4006); - } catch (InvalidAlgorithmParameterException e) { - log.error("Failed to get DigestMethod algorithm.", e); - throw new SLCommandException(4006); - } - - String referenceIdValue = ctx.getIdValueFactory().createIdValue("Reference"); - String referenceType = QualifyingPropertiesFactory.SIGNED_PROPERTIES_REFERENCE_TYPE_V1_1_1; - - Reference reference = ctx.getSignatureFactory().newReference(referenceURI, dm, null, referenceType, referenceIdValue); - - references.add(reference); - - Node child = fragment.getFirstChild(); - if (child instanceof Element) { - NodeList nodes = ((Element) child).getElementsByTagNameNS(QualifyingPropertiesFactory.NS_URI_V1_1_1, "SignedProperties"); - if (nodes.getLength() > 0) { - IdAttribute idAttribute = new IdAttribute(); - idAttribute.element = (Element) nodes.item(0); - idAttribute.namespaceURI = null; - idAttribute.localName = "Id"; - idAttributes.add(idAttribute); - } - } - - } - - /** - * Parse the SignatureEnvironment. - * - * @param signatureEnvironment - * the SignatureEnvironment element - * @param supplements - * an optional list of Supplements (may be - * null) - * - * @return the parsed SignatureEnvironment document - * - * @throws SLCommandException - * if parsing the SignatureEnvironment fails - * @throws NullPointerException - * if signatureEnvironment is null - */ - private Document parseSignatureEnvironment( - Base64XMLOptRefContentType signatureEnvironment, - List supplements) throws SLCommandException { - - if (signatureEnvironment == null) { - throw new NullPointerException("Argument 'signatureEnvironment' must not be null."); - } - - LSInput input; - try { - if (signatureEnvironment.getReference() != null) { - log.debug("SignatureEnvironment contains Reference " + signatureEnvironment.getReference() + "."); - input = createLSInput(signatureEnvironment.getReference()); - } else if (signatureEnvironment.getBase64Content() != null) { - log.debug("SignatureEnvironment contains Base64Content."); - input = createLSInput(signatureEnvironment.getBase64Content()); - } else if (signatureEnvironment.getXMLContent() != null) { - log.debug("SignatureEnvironment contains XMLContent."); - input = createLSInput((XMLContentType) signatureEnvironment.getXMLContent()); - } else { - // the schema does not allow us to reach this point - throw new SLCommandException(4000); - } - } catch (IOException e) { - log.info("XML document in which the signature is to be integrated cannot be resolved.", e); - throw new SLCommandException(4100); - } catch (XMLStreamException e) { - log.info("XML document in which the signature is to be integrated cannot be resolved.", e); - throw new SLCommandException(4100); - } - - LSParser parser = domImplLS.createLSParser(DOMImplementationLS.MODE_SYNCHRONOUS, null); - DOMConfiguration domConfig = parser.getDomConfig(); - SimpleDOMErrorHandler errorHandler = new SimpleDOMErrorHandler(); - domConfig.setParameter("error-handler", errorHandler); - LSResourceResolverAdapter resourceResolver = new LSResourceResolverAdapter(supplements); - domConfig.setParameter("resource-resolver", resourceResolver); - domConfig.setParameter("validate", Boolean.TRUE); - - Document doc; - try { - doc = parser.parse(input); - } catch (DOMException e) { - log.info("XML document in which the signature is to be integrated cannot be parsed.", e); - throw new SLCommandException(4101); - } catch (LSException e) { - log.info("XML document in which the signature is to be integrated cannot be parsed.", e); - throw new SLCommandException(4101); - } - - if (resourceResolver.getError() != null) { - log.info("Failed to resolve resource while parsing SignatureEnvironment document.", resourceResolver.getError()); - // we don't stop here, as we only _try_ to parse validating - } - - if (errorHandler.hasFatalErrors()) { - // log fatal errors - if (log.isInfoEnabled()) { - List errorMessages = errorHandler.getErrorMessages(); - StringBuffer sb = new StringBuffer(); - for (String errorMessage : errorMessages) { - sb.append(" "); - sb.append(errorMessage); - } - log.info("XML document in which the signature is to be integrated cannot be parsed." + sb.toString()); - } - throw new SLCommandException(4101); - } - - // log parsed document - if (log.isTraceEnabled()) { - - StringWriter writer = new StringWriter(); - - writer.write("SignatureEnvironment:\n"); - - LSOutput output = domImplLS.createLSOutput(); - output.setCharacterStream(writer); - output.setEncoding("UTF-8"); - LSSerializer serializer = domImplLS.createLSSerializer(); - serializer.write(doc, output); - - log.trace(writer.toString()); - } - - return doc; - - } - - /** - * Creates an LSInput from the given reference URI. - * - * @param reference - * the reference URL - * - * @return an LSInput from the given reference URI - * - * @throws IOException - * if dereferencing the given reference fails - */ - private LSInput createLSInput(String reference) throws IOException { - - URLDereferencer urlDereferencer = URLDereferencer.getInstance(); - StreamData streamData = urlDereferencer.dereference(reference, ctx.getDereferencerContext()); - - String contentType = streamData.getContentType(); - String charset = HttpUtil.getCharset(contentType, true); - InputStreamReader streamReader; - try { - streamReader = new InputStreamReader(streamData.getStream(), charset); - } catch (UnsupportedEncodingException e) { - log.info("Charset " + charset + " not supported. Using default."); - streamReader = new InputStreamReader(streamData.getStream()); - } - - LSInput input = domImplLS.createLSInput(); - input = domImplLS.createLSInput(); - input.setCharacterStream(streamReader); - - return input; - - } - - /** - * Creates an LSInput from the given content bytes. - * - * @param content - * the content bytes - * - * @return an LSInput from the givne content bytes - */ - private LSInput createLSInput(byte[] content) { - - ByteArrayInputStream inputStream = new ByteArrayInputStream(content); - LSInput input = domImplLS.createLSInput(); - input.setByteStream(inputStream); - - return input; - - } - - /** - * Creates an LSInput from the given XML content. - * - * @param content - * the XML content - * @return an LSInput from the given XML content - * - * @throws XMLStreamException - * if reading the XMLStream from the given XML content fails - */ - private LSInput createLSInput(XMLContentType content) throws XMLStreamException { - - ByteArrayOutputStream redirectedStream = content.getRedirectedStream(); - if (redirectedStream != null) { - LSInput input = domImplLS.createLSInput(); - input.setByteStream(new ByteArrayInputStream(redirectedStream.toByteArray())); - return input; - } else { - return null; - } - - } - - /** - * Represents an xsd:Id-attribute value. - * - * @author mcentner - */ - private class IdAttribute { - - private Element element; - - private String namespaceURI; - - private String localName; - - } - - /** - * An implementation of the LSResourceResolver that uses a list of supplements - * to resolve resources. - * - * @author mcentner - */ - private class LSResourceResolverAdapter implements LSResourceResolver { - - List supplements; - - private LSResourceResolverAdapter( - List supplements) { - this.supplements = supplements; - } - - private Exception error; - - /** - * @return the error - */ - public Exception getError() { - return error; - } - - @Override - public LSInput resolveResource(String type, String namespaceURI, - String publicId, String systemId, String baseURI) { - - if (log.isTraceEnabled()) { - log.trace("Resolve resource :" + - "\n type=" + type + - "\n namespaceURI=" + namespaceURI + - "\n publicId=" + publicId + - "\n systemId=" + systemId + - "\n baseURI=" + baseURI); - } - - if (systemId != null) { - - log.debug("Resolve resource '" + systemId + "'."); - - for (DataObjectAssociationType supplement : supplements) { - - Base64XMLLocRefReqRefContentType content = supplement.getContent(); - if (content != null) { - - String reference = content.getReference(); - if (systemId.equals(reference)) { - - try { - if (content.getLocRefContent() != null) { - log.trace("Resolved resource '" + reference + "' to supplement with LocRefContent."); - return createLSInput(content.getLocRefContent()); - } else if (content.getBase64Content() != null) { - log.trace("Resolved resource '" + reference + "' to supplement with Base64Content."); - return createLSInput(content.getBase64Content()); - } else if (content.getXMLContent() != null) { - log.trace("Resolved resource '" + reference + "' to supplement with XMLContent."); - return createLSInput((XMLContentType) content.getXMLContent()); - } else { - return null; - } - } catch (IOException e) { - log.info("Failed to resolve resource '" + systemId + "' to supplement.", e); - error = e; - return null; - } catch (XMLStreamException e) { - log.info("Failed to resolve resource '" + systemId + "' to supplement.", e); - error = e; - return null; - } - - } - - } - - } - - log.info("Failed to resolve resource '" + systemId + "' to supplement. No such supplement."); - - } - - return null; - - } - - - } - -} +package at.gv.egiz.bku.slcommands.impl.xsect; + +import at.gv.egiz.stal.HashDataInput; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.dom.DOMStructure; +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.DigestMethod; +import javax.xml.crypto.dsig.Reference; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.SignedInfo; +import javax.xml.crypto.dsig.XMLObject; +import javax.xml.crypto.dsig.XMLSignature; +import javax.xml.crypto.dsig.XMLSignatureException; +import javax.xml.crypto.dsig.XMLSignatureFactory; +import javax.xml.crypto.dsig.dom.DOMSignContext; +import javax.xml.crypto.dsig.keyinfo.KeyInfo; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; +import javax.xml.crypto.dsig.keyinfo.X509Data; +import javax.xml.stream.XMLStreamException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.etsi.uri._01903.v1_1.DataObjectFormatType; +import org.etsi.uri._01903.v1_1.QualifyingPropertiesType; +import org.w3c.dom.DOMConfiguration; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.ls.DOMImplementationLS; +import org.w3c.dom.ls.LSException; +import org.w3c.dom.ls.LSInput; +import org.w3c.dom.ls.LSOutput; +import org.w3c.dom.ls.LSParser; +import org.w3c.dom.ls.LSResourceResolver; +import org.w3c.dom.ls.LSSerializer; + +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLLocRefReqRefContentType; +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLOptRefContentType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectAssociationType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; +import at.buergerkarte.namespaces.securitylayer._1.SignatureInfoCreationType; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.utils.HexDump; +import at.gv.egiz.bku.utils.urldereferencer.StreamData; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; +import at.gv.egiz.dom.DOMUtils; +import at.gv.egiz.slbinding.impl.XMLContentType; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.xades.QualifyingPropertiesException; +import at.gv.egiz.xades.QualifyingPropertiesFactory; + +/** + * This class represents an XML-Signature as to be created by the + * security layer command CreateXMLSignatureRequest. + * + * @author mcentner + */ +public class Signature { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(Signature.class); + + /** + * The DOM implementation used. + */ + private DOMImplementationLS domImplLS; + + /** + * The SignatureContext for the XMLSignature. + */ + private SignatureContext ctx; + + /** + * The list of {@link DataObject}s for this signature. + */ + private List dataObjects = new ArrayList(); + + /** + * A mapping from the Id-attribute values of this signature's + * ds:References to the corresponding {@link DataObject}s. + */ +// private Map dataObjectReferencIds = new HashMap(); + + /** + * The SignatureEnvironment for this signature. + */ + private SignatureLocation signatureLocation; + + /** + * The XML signature. + */ + private XMLSignature xmlSignature; + + /** + * A list of attributes of type xsd:ID to be registered in the {@link DOMSignContext}. + */ + private List idAttributes = new ArrayList(); + + /** + * The signer's X509 certificate. + */ + private X509Certificate signerCertificate; + + /** + * The signing time. + */ + private Date signingTime; + + /** + * Creates a new SLXMLSignature instance. + */ + public Signature(URLDereferencerContext dereferencerContext, + IdValueFactory idValueFactory, + AlgorithmMethodFactory algorithmMethodFactory) { + + domImplLS = DOMUtils.getDOMImplementationLS(); + + ctx = new SignatureContext(); + + ctx.setSignatureFactory(XMLSignatureFactory.getInstance()); + + ctx.setDereferencerContext(dereferencerContext); + ctx.setIdValueFactory(idValueFactory); + ctx.setAlgorithmMethodFactory(algorithmMethodFactory); + + } + + /** + * @return the Document containing this Signature + */ + public Document getDocument() { + return ctx.getDocument(); + } + + /** + * @return the parent Node for this Signature + */ + public Node getParent() { + return (signatureLocation != null) ? signatureLocation.getParent() : null; + } + + /** + * @return the next sibling Node for this Signature + */ + public Node getNextSibling() { + return (signatureLocation != null) ? signatureLocation.getNextSibling() : null; + } + + /** + * @return the XMLSignature + */ + public XMLSignature getXMLSignature() { + return xmlSignature; + } + + /** + * @return the list of {@link Reference}s of this Signature + */ + @SuppressWarnings("unchecked") + public List getReferences() { + return (xmlSignature != null) ? xmlSignature.getSignedInfo().getReferences() : null; + } + + /** + * @return the list of {@link XMLObject}s of this Signature + */ + @SuppressWarnings("unchecked") + public List getXMLObjects() { + return (xmlSignature != null) ? xmlSignature.getObjects() : null; + } + + /** + * Prepares the signature document with the information given by the + * signatureInfo provided. + * + * @param signatureInfo + * the SignatureInfo + * + * @throws SLCommandException + * if processing fails for any reason + * @throws IllegalStateException + * if the parent node has already been set + * @throws NullPointerException + * if signatureInfo is null + */ + public void setSignatureInfo(SignatureInfoCreationType signatureInfo) throws SLCommandException { + + if (signatureLocation != null) { + throw new IllegalStateException("SignatureEnvironment already set."); + } + + Base64XMLOptRefContentType signatureEnvironment = signatureInfo.getSignatureEnvironment(); + + if (signatureEnvironment == null) { + + // no SignatureEnvironment, so we use an empty document and the document as parent + ensureSignatureLocation(); + + } else { + + // parse SignatureEnvrionment and use as document + Document document = parseSignatureEnvironment(signatureEnvironment, signatureInfo.getSupplement()); + ctx.setDocument(document); + + signatureLocation = new SignatureLocation(ctx); + signatureLocation.setSignatureInfo(signatureInfo); + + } + + } + + /** + * Ensures a SignatureLocation for this Signature. + */ + private void ensureSignatureLocation() { + + if (signatureLocation == null) { + Document document = DOMUtils.createDocument(); + ctx.setDocument(document); + + signatureLocation = new SignatureLocation(ctx); + signatureLocation.setParent(document); + } + + } + + /** + * Adds a DataObject with the information given by the + * dataObjectInfo provided to this Signature. + * + * @param dataObjectInfo + * the DataObjectInfo element + * + * @throws SLCommandException + * if adding the DataObject fails + * @throws SLRequestException + * if the information provided by the given + * dataObjectInfo does not conform to the security + * layer specification + * @throws NullPointerException + * if dataObjectInfo is null + */ + public void addDataObject(DataObjectInfoType dataObjectInfo) throws SLCommandException, SLRequestException { + + ensureSignatureLocation(); + + DataObject dataObject = new DataObject(ctx); + dataObject.setDataObjectInfo(dataObjectInfo); + + dataObjects.add(dataObject); + +// dataObjectReferencIds.put(dataObject.getReference().getId(), dataObject); + + } + + /** + * Sets the SigningTime qualifying property of this Signature. + * + * @param signingTime the signing time to set + */ + public void setSigningTime(Date signingTime) { + this.signingTime = signingTime; + } + + /** + * Sets the SignerCertificate qualifying property of this Signature. + * + * @param certificate the signer's certificate + */ + public void setSignerCeritifcate(X509Certificate certificate) { + this.signerCertificate = certificate; + } + + /** + * Builds the XMLSignature data structure of this Signature as configured by + * the various setter methods. + * + * @throws SLCommandException if building this signature fails + */ + public void buildXMLSignature() throws SLCommandException { + + List objects = new ArrayList(); + List references = new ArrayList(); + + // add all data objects + for (DataObject dataObject : dataObjects) { + if (dataObject.getXmlObject() != null) { + objects.add(dataObject.getXmlObject()); + } + if (dataObject.getReference() != null) { + references.add(dataObject.getReference()); + } + } + + addXAdESObjectAndReference(objects, references); + + XMLSignatureFactory signatureFactory = ctx.getSignatureFactory(); + AlgorithmMethodFactory algorithmMethodFactory = ctx.getAlgorithmMethodFactory(); + + CanonicalizationMethod cm; + SignatureMethod sm; + try { + cm = algorithmMethodFactory.createCanonicalizationMethod(ctx); + sm = algorithmMethodFactory.createSignatureMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get Canonicalization or Signature algorithm.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get Canonicalization or Signature algorithm.", e); + throw new SLCommandException(4006); + } + + String siId = ctx.getIdValueFactory().createIdValue("SignedInfo"); + + SignedInfo si = signatureFactory.newSignedInfo(cm, sm, references, siId); + + KeyInfo ki = null; + if (signerCertificate != null) { + KeyInfoFactory kif = KeyInfoFactory.getInstance(); + X509Data x509Data = kif.newX509Data(Collections.singletonList(signerCertificate)); + ki = kif.newKeyInfo(Collections.singletonList(x509Data)); + } + + String signatureId = ctx.getIdValueFactory().createIdValue("Signature"); + String signatureValueId = ctx.getIdValueFactory().createIdValue("SignatureValue"); + + xmlSignature = signatureFactory.newXMLSignature(si, ki, objects, signatureId, signatureValueId); + + } + + /** + * Sign this Signature using the given signContext. + *

+ * Call's {@link #buildXMLSignature()} if it has not been called yet. + *

+ * + * @param signContext + * the signing context + * + * @throws MarshalException + * if marshalling the XMLSignature fails + * @throws XMLSignatureException + * if signing the XMLSignature fails + * @throws SLCommandException + * if building the XMLSignature fails + * @throws NullPointerException + * if signContext is null + */ + public void sign(DOMSignContext signContext) throws MarshalException, XMLSignatureException, SLCommandException { + + if (xmlSignature == null) { + buildXMLSignature(); + } + + for (IdAttribute idAttribute : idAttributes) { + signContext.setIdAttributeNS(idAttribute.element, idAttribute.namespaceURI, idAttribute.localName); + } + + // DO NOT USE: + // signContext.setProperty("iaik.xml.crypto.dsig.sign-over", Boolean.TRUE); + + signContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE); + + signContext.putNamespacePrefix(XMLSignature.XMLNS, "dsig"); + + signContext.setURIDereferencer(new URIDereferncerAdapter(ctx.getDereferencerContext())); + + try { + xmlSignature.sign(signContext); + } catch (XMLSignatureException e) { + Throwable cause = e.getCause(); + while (cause != null) { + if (cause instanceof STALSignatureException) { + int errorCode = ((STALSignatureException) cause).getErrorCode(); + SLCommandException commandException = new SLCommandException(errorCode); + log.info("Failed to sign signature.", commandException); + throw commandException; + } else { + cause = cause.getCause(); + } + } + throw e; + } + + // debug + if (log.isTraceEnabled()) { + for (DataObject dataObject : dataObjects) { + Reference reference = dataObject.getReference(); + InputStream digestInputStream = reference.getDigestInputStream(); + if (digestInputStream != null) { + String mimeType = dataObject.getMimeType(); + StringBuilder sb = new StringBuilder(); + sb.append("DigestInput for Reference with id='"); + sb.append(reference.getId()); + sb.append("' (MIME-Type="); + sb.append(dataObject.getMimeType()); + sb.append("):\n"); + try { + if (mimeType != null && ( + mimeType.startsWith("text") || + "application/xhtml+xml".equals(mimeType))) { + byte[] b = new byte[512]; + for (int l; (l = digestInputStream.read(b)) != -1;) { + sb.append(new String(b, 0, l)); + } + } else { + sb.append(HexDump.hexDump(digestInputStream)); + } + } catch (IOException e) { + log.error(e); + } + log.trace(sb.toString()); + } else { + log.trace("Reference caching is not enabled."); + } + } + } + + } + + /** + * Sign this Signature using the given stal implementation and + * keyboxIdentifier. + *

+ * This method configures an appropriate {@link DOMSignContext} and calls + * {@link #sign(DOMSignContext)}. If {@link #buildXMLSignature()} has not been + * called yet, it is called by this method. + *

+ * + * @param stal + * the STAL implementation to use + * @param keyboxIdentifier + * the KeyboxIdentifier to use + * + * @throws MarshalException + * if marshalling this Signature fails + * @throws XMLSignatureException + * if signing this Signature fails + * @throws SLCommandException + * if building this Signature fails + * @throws NullPointerException + * if stal or keyboxIdentifier is + * null + */ + public void sign(STAL stal, String keyboxIdentifier) throws MarshalException, XMLSignatureException, SLCommandException { + + if (stal == null) { + throw new NullPointerException("Argument 'stal' must not be null."); + } + + if (keyboxIdentifier == null) { + throw new NullPointerException("Argument 'keyboxIdentifier' must not be null."); + } + + if (xmlSignature == null) { + buildXMLSignature(); + } + + SignatureMethod signatureMethod = xmlSignature.getSignedInfo().getSignatureMethod(); + String algorithm = signatureMethod.getAlgorithm(); + + //don't get hashDataInputs (digestInputStreams) now, only once Signature.sign() was called (cf STALSignature.engineSign) + PrivateKey privateKey = new STALPrivateKey(stal, algorithm, keyboxIdentifier, dataObjects); // hashDataInputs); + + DOMSignContext signContext; + if (getNextSibling() == null) { + signContext = new DOMSignContext(privateKey, getParent()); + } else { + signContext = new DOMSignContext(privateKey, getParent(), getNextSibling()); + } + + sign(signContext); + } + +// @Override +// public HashDataInput getHashDataInput(final String referenceId) { +// final DataObject dataObject = dataObjectReferencIds.get(referenceId); +// if (dataObject != null) { +// return new HashDataInput() { +// +// InputStream hashDataInput = dataObject.getReference().getDigestInputStream(); +// +// @Override +// public String getReferenceId() { +// return referenceId; +// } +// +// @Override +// public String getMimeType() { +// return dataObject.getMimeType(); +// } +// +// @Override +// public InputStream getHashDataInput() { +// return hashDataInput; +// } +// }; +// } +// return null; +// } + + /** + * Adds the XAdES QualifyingProperties as an + * ds:Object and a corresponding ds:Reference to + * it's SignedProperties element to this Signature. + * + * @param objects + * the list of ds:Objects to add the created + * ds:Object to + * @param references + * the list of ds:References to add the created + * ds:Reference to + * + * @throws SLCommandException + * if creating and adding the XAdES + * QualifyingProperties fails + * @throws NullPointerException + * if objects or references is + * null + */ + private void addXAdESObjectAndReference(List objects, List references) throws SLCommandException { + + QualifyingPropertiesFactory factory = QualifyingPropertiesFactory.getInstance(); + + String idValue = ctx.getIdValueFactory().createIdValue("SignedProperties"); + + Date date = (signingTime != null) ? signingTime : new Date(); + + List signingCertificates; + if (signerCertificate != null) { + signingCertificates = Collections.singletonList(signerCertificate); + } else { + signingCertificates = Collections.emptyList(); + } + + // TODO: report MOA-SP bug + // + // The security layer specification mandates the use of version 1.2.2. of the + // XAdES QualifyingProperties. However MOA-SP supports only version 1.1.1. Therefore, + // the version 1.1.1 is used in order to be compatible with current MOA-SP versions. + + List dataObjectFormats = new ArrayList(); + for (DataObject dataObject : dataObjects) { + if (dataObject.getMimeType() != null && dataObject.getReference() != null) { + Reference reference = dataObject.getReference(); + if (reference.getId() != null) { + String objectReference = "#" + reference.getId(); + dataObjectFormats.add(factory.createDataObjectFormatType( + objectReference, dataObject.getMimeType(), dataObject + .getDescription())); + } + } + } + + JAXBElement qualifyingProperties; + try { + qualifyingProperties = factory.createQualifyingProperties111(date, signingCertificates, idValue, dataObjectFormats); + } catch (QualifyingPropertiesException e) { + log.error("Failed to create QualifyingProperties.", e); + throw new SLCommandException(4000); + } + + DocumentFragment fragment = ctx.getDocument().createDocumentFragment(); + + try { + factory.marshallQualifyingProperties(qualifyingProperties, fragment); + } catch (JAXBException e) { + log.error("Failed to marshal QualifyingProperties.", e); + throw new SLCommandException(4000); + } + + List content = Collections.singletonList(new DOMStructure(fragment.getFirstChild())); + + String objectIdValue = ctx.getIdValueFactory().createIdValue("Object"); + + XMLObject object = ctx.getSignatureFactory().newXMLObject(content, objectIdValue, null, null); + + objects.add(object); + + // TODO: Report MOA-SP Bug + // + // Direct referencing of the SignedPorperties Id-attribute is not supported by MOA-SP + // because the QualifyingProperties are parsed without the XAdES schema. Therefore, + // the shorthand XPointer could not be resolved. + // + // The following workaround uses an XPointer to select the SignedProperties in order + // to allow the signature to be verified with MOA-SP. + + String referenceURI = "#xmlns(xades=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('" + + objectIdValue + + "')/child::xades:QualifyingProperties/child::xades:SignedProperties)"; + DigestMethod dm; + try { + dm = ctx.getAlgorithmMethodFactory().createDigestMethod(ctx); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod algorithm.", e); + throw new SLCommandException(4006); + } catch (InvalidAlgorithmParameterException e) { + log.error("Failed to get DigestMethod algorithm.", e); + throw new SLCommandException(4006); + } + + String referenceIdValue = ctx.getIdValueFactory().createIdValue("Reference"); + String referenceType = QualifyingPropertiesFactory.SIGNED_PROPERTIES_REFERENCE_TYPE_V1_1_1; + + Reference reference = ctx.getSignatureFactory().newReference(referenceURI, dm, null, referenceType, referenceIdValue); + + references.add(reference); + + Node child = fragment.getFirstChild(); + if (child instanceof Element) { + NodeList nodes = ((Element) child).getElementsByTagNameNS(QualifyingPropertiesFactory.NS_URI_V1_1_1, "SignedProperties"); + if (nodes.getLength() > 0) { + IdAttribute idAttribute = new IdAttribute(); + idAttribute.element = (Element) nodes.item(0); + idAttribute.namespaceURI = null; + idAttribute.localName = "Id"; + idAttributes.add(idAttribute); + } + } + + } + + /** + * Parse the SignatureEnvironment. + * + * @param signatureEnvironment + * the SignatureEnvironment element + * @param supplements + * an optional list of Supplements (may be + * null) + * + * @return the parsed SignatureEnvironment document + * + * @throws SLCommandException + * if parsing the SignatureEnvironment fails + * @throws NullPointerException + * if signatureEnvironment is null + */ + private Document parseSignatureEnvironment( + Base64XMLOptRefContentType signatureEnvironment, + List supplements) throws SLCommandException { + + if (signatureEnvironment == null) { + throw new NullPointerException("Argument 'signatureEnvironment' must not be null."); + } + + LSInput input; + try { + if (signatureEnvironment.getReference() != null) { + log.debug("SignatureEnvironment contains Reference " + signatureEnvironment.getReference() + "."); + input = createLSInput(signatureEnvironment.getReference()); + } else if (signatureEnvironment.getBase64Content() != null) { + log.debug("SignatureEnvironment contains Base64Content."); + input = createLSInput(signatureEnvironment.getBase64Content()); + } else if (signatureEnvironment.getXMLContent() != null) { + log.debug("SignatureEnvironment contains XMLContent."); + input = createLSInput((XMLContentType) signatureEnvironment.getXMLContent()); + } else { + // the schema does not allow us to reach this point + throw new SLCommandException(4000); + } + } catch (IOException e) { + log.info("XML document in which the signature is to be integrated cannot be resolved.", e); + throw new SLCommandException(4100); + } catch (XMLStreamException e) { + log.info("XML document in which the signature is to be integrated cannot be resolved.", e); + throw new SLCommandException(4100); + } + + LSParser parser = domImplLS.createLSParser(DOMImplementationLS.MODE_SYNCHRONOUS, null); + DOMConfiguration domConfig = parser.getDomConfig(); + SimpleDOMErrorHandler errorHandler = new SimpleDOMErrorHandler(); + domConfig.setParameter("error-handler", errorHandler); + LSResourceResolverAdapter resourceResolver = new LSResourceResolverAdapter(supplements); + domConfig.setParameter("resource-resolver", resourceResolver); + domConfig.setParameter("validate", Boolean.TRUE); + + Document doc; + try { + doc = parser.parse(input); + } catch (DOMException e) { + log.info("XML document in which the signature is to be integrated cannot be parsed.", e); + throw new SLCommandException(4101); + } catch (LSException e) { + log.info("XML document in which the signature is to be integrated cannot be parsed.", e); + throw new SLCommandException(4101); + } + + if (resourceResolver.getError() != null) { + log.info("Failed to resolve resource while parsing SignatureEnvironment document.", resourceResolver.getError()); + // we don't stop here, as we only _try_ to parse validating + } + + if (errorHandler.hasFatalErrors()) { + // log fatal errors + if (log.isInfoEnabled()) { + List errorMessages = errorHandler.getErrorMessages(); + StringBuffer sb = new StringBuffer(); + for (String errorMessage : errorMessages) { + sb.append(" "); + sb.append(errorMessage); + } + log.info("XML document in which the signature is to be integrated cannot be parsed." + sb.toString()); + } + throw new SLCommandException(4101); + } + + // log parsed document + if (log.isTraceEnabled()) { + + StringWriter writer = new StringWriter(); + + writer.write("SignatureEnvironment:\n"); + + LSOutput output = domImplLS.createLSOutput(); + output.setCharacterStream(writer); + output.setEncoding("UTF-8"); + LSSerializer serializer = domImplLS.createLSSerializer(); + serializer.write(doc, output); + + log.trace(writer.toString()); + } + + return doc; + + } + + /** + * Creates an LSInput from the given reference URI. + * + * @param reference + * the reference URL + * + * @return an LSInput from the given reference URI + * + * @throws IOException + * if dereferencing the given reference fails + */ + private LSInput createLSInput(String reference) throws IOException { + + URLDereferencer urlDereferencer = URLDereferencer.getInstance(); + StreamData streamData = urlDereferencer.dereference(reference, ctx.getDereferencerContext()); + + String contentType = streamData.getContentType(); + String charset = HttpUtil.getCharset(contentType, true); + InputStreamReader streamReader; + try { + streamReader = new InputStreamReader(streamData.getStream(), charset); + } catch (UnsupportedEncodingException e) { + log.info("Charset " + charset + " not supported. Using default."); + streamReader = new InputStreamReader(streamData.getStream()); + } + + LSInput input = domImplLS.createLSInput(); + input = domImplLS.createLSInput(); + input.setCharacterStream(streamReader); + + return input; + + } + + /** + * Creates an LSInput from the given content bytes. + * + * @param content + * the content bytes + * + * @return an LSInput from the givne content bytes + */ + private LSInput createLSInput(byte[] content) { + + ByteArrayInputStream inputStream = new ByteArrayInputStream(content); + LSInput input = domImplLS.createLSInput(); + input.setByteStream(inputStream); + + return input; + + } + + /** + * Creates an LSInput from the given XML content. + * + * @param content + * the XML content + * @return an LSInput from the given XML content + * + * @throws XMLStreamException + * if reading the XMLStream from the given XML content fails + */ + private LSInput createLSInput(XMLContentType content) throws XMLStreamException { + + ByteArrayOutputStream redirectedStream = content.getRedirectedStream(); + if (redirectedStream != null) { + LSInput input = domImplLS.createLSInput(); + input.setByteStream(new ByteArrayInputStream(redirectedStream.toByteArray())); + return input; + } else { + return null; + } + + } + + /** + * Represents an xsd:Id-attribute value. + * + * @author mcentner + */ + private class IdAttribute { + + private Element element; + + private String namespaceURI; + + private String localName; + + } + + /** + * An implementation of the LSResourceResolver that uses a list of supplements + * to resolve resources. + * + * @author mcentner + */ + private class LSResourceResolverAdapter implements LSResourceResolver { + + List supplements; + + private LSResourceResolverAdapter( + List supplements) { + this.supplements = supplements; + } + + private Exception error; + + /** + * @return the error + */ + public Exception getError() { + return error; + } + + @Override + public LSInput resolveResource(String type, String namespaceURI, + String publicId, String systemId, String baseURI) { + + if (log.isTraceEnabled()) { + log.trace("Resolve resource :" + + "\n type=" + type + + "\n namespaceURI=" + namespaceURI + + "\n publicId=" + publicId + + "\n systemId=" + systemId + + "\n baseURI=" + baseURI); + } + + if (systemId != null) { + + log.debug("Resolve resource '" + systemId + "'."); + + for (DataObjectAssociationType supplement : supplements) { + + Base64XMLLocRefReqRefContentType content = supplement.getContent(); + if (content != null) { + + String reference = content.getReference(); + if (systemId.equals(reference)) { + + try { + if (content.getLocRefContent() != null) { + log.trace("Resolved resource '" + reference + "' to supplement with LocRefContent."); + return createLSInput(content.getLocRefContent()); + } else if (content.getBase64Content() != null) { + log.trace("Resolved resource '" + reference + "' to supplement with Base64Content."); + return createLSInput(content.getBase64Content()); + } else if (content.getXMLContent() != null) { + log.trace("Resolved resource '" + reference + "' to supplement with XMLContent."); + return createLSInput((XMLContentType) content.getXMLContent()); + } else { + return null; + } + } catch (IOException e) { + log.info("Failed to resolve resource '" + systemId + "' to supplement.", e); + error = e; + return null; + } catch (XMLStreamException e) { + log.info("Failed to resolve resource '" + systemId + "' to supplement.", e); + error = e; + return null; + } + + } + + } + + } + + log.info("Failed to resolve resource '" + systemId + "' to supplement. No such supplement."); + + } + + return null; + + } + + + } + +} diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/accesscontrol/config/AccessControl.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/accesscontrol/config/AccessControl.xsd new file mode 100644 index 00000000..9031ea78 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/accesscontrol/config/AccessControl.xsd @@ -0,0 +1,128 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3 From a3361b40aa8f92849c50db27e349e17b87bebb1e Mon Sep 17 00:00:00 2001 From: wbauer Date: Tue, 9 Sep 2008 12:40:52 +0000 Subject: improved security handling and added shutdown handler git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@27 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../online/applet/InternalSSLSocketFactory.java | 4 +- .../at/gv/egiz/bku/online/conf/Configurator.java | 8 +-- .../gv/egiz/bku/online/webapp/ResultServlet.java | 3 +- .../gv/egiz/bku/online/webapp/ShutdownHandler.java | 31 ++++++++ .../egiz/bku/online/conf/accessControlConfig.xml | 3 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 6 +- .../accesscontroller/AuthenticationClassifier.java | 82 +++++++++++++++------- .../egiz/bku/binding/BindingProcessorManager.java | 4 +- .../bku/binding/BindingProcessorManagerImpl.java | 11 ++- .../AuthenticationClassifierTest.java | 28 ++++++++ .../egiz/bku/accesscontroller/www.a-trust.at.crt | 28 ++++++++ 11 files changed, 169 insertions(+), 39 deletions(-) create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifierTest.java create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/www.a-trust.at.crt (limited to 'bkucommon/src/main') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java index 79c369a2..fa3587e4 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java @@ -40,13 +40,13 @@ import org.apache.commons.logging.LogFactory; public class InternalSSLSocketFactory extends SSLSocketFactory { + private final static String GOV_DOMAIN = ".gv.at"; + private static InternalSSLSocketFactory instance = new InternalSSLSocketFactory(); private final static Log log = LogFactory .getLog(InternalSSLSocketFactory.class); - private final static String GOV_DOMAIN = ".gv.at"; - private SSLSocket sslSocket; private SSLSocketFactory proxy; diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java index a0a268e4..de577139 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java @@ -52,9 +52,9 @@ public class Configurator { protected void configureProviders() { log.debug("Registering security providers"); - Security.insertProviderAt(new IAIK(), 1); - Security.insertProviderAt(new ECCProvider(false), 2); - Security.addProvider(new STALProvider()); + Security.insertProviderAt(new IAIK(), 1); + Security.insertProviderAt(new ECCProvider(false), 2); + Security.addProvider(new STALProvider()); XSecProvider.addAsProvider(false); StringBuilder sb = new StringBuilder(); sb.append("Registered providers: "); @@ -65,7 +65,7 @@ public class Configurator { log.debug(sb.toString()); } - public void configure() { + public void configure() { configureProviders(); configUrlConnections(); } diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index 6c1a4c3a..bc3edf18 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -115,6 +115,7 @@ public class ResultServlet extends SpringBKUServlet { resp.setContentType(bp.getResultContentType()); resp.setCharacterEncoding(encoding); bp.writeResultTo(resp.getOutputStream(), encoding); - session.invalidate(); + session.invalidate(); + getBindingProcessorManager().removeBindingProcessor(bp.getId()); } } diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java new file mode 100644 index 00000000..86da6c06 --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java @@ -0,0 +1,31 @@ +package at.gv.egiz.bku.online.webapp; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ApplicationEvent; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextClosedEvent; + +import at.gv.egiz.bku.binding.BindingProcessorManager; + +public class ShutdownHandler implements ApplicationListener { + + private static Log log = LogFactory.getLog(ShutdownHandler.class); + + private BindingProcessorManager bindingProcessorManager; + + public void setBindingProcessorManager( + BindingProcessorManager bindingProcessorManager) { + this.bindingProcessorManager = bindingProcessorManager; + } + + @Override + public void onApplicationEvent(ApplicationEvent event) { + if (event instanceof ContextClosedEvent) { + log.info("Shutting down BKU"); + bindingProcessorManager.shutdownNow(); + } + + } + +} diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml index 69b45d1b..f8d1411c 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml @@ -54,8 +54,7 @@ certified - - + IdentityLink derived diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index 4bb5e8e2..f87d09f5 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -49,5 +49,9 @@ scope="singleton" init-method="configure"> - + + + + + \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java index ace8a75a..ed4b9bda 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java @@ -1,30 +1,31 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package at.gv.egiz.bku.accesscontroller; import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.ANONYMOUS; import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.CERTIFIED; -import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.PSEUDO_ANONYMOUS; import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.CERTIFIED_GOV_AGENCY; +import static at.gv.egiz.bku.accesscontroller.AuthenticationClass.PSEUDO_ANONYMOUS; -import java.net.InetAddress; import java.net.URL; -import java.net.UnknownHostException; +import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; +import java.util.Collection; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -37,6 +38,39 @@ public class AuthenticationClassifier { private AuthenticationClassifier() { } + public static boolean isGovAgency(X509Certificate cert) { + String[] rdns = (cert.getSubjectX500Principal().getName()).split(","); + for (String rdn : rdns) { + if (rdn.startsWith("CN=")) { + String dns = rdn.split("=")[1]; + log.trace("Analyzing cn dn: " + dns); + if (dns.endsWith(GOV_DOMAIN)) { + return true; + } + } + } + try { + Collection> sanList = cert.getSubjectAlternativeNames(); + if (sanList != null) { + for (List san : sanList) { + log.trace("Analyzing subj. alt name: " + san); + if ((Integer) san.get(0) == 2) { + String dns = (String) san.get(1); + if (dns.endsWith(GOV_DOMAIN)) { + return true; + } + } + } + } + } catch (CertificateParsingException e) { + log.error(e); + } + if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) { + return true; + } + return false; + } + /** * Client Certificates are currently not supported * @@ -45,13 +79,8 @@ public class AuthenticationClassifier { URL url, X509Certificate cert) { if (isDataUrl) { if (url.getProtocol().equalsIgnoreCase("https")) { - try { - if (InetAddress.getByName(url.getHost()).getCanonicalHostName() - .endsWith(GOV_DOMAIN)) { - return CERTIFIED_GOV_AGENCY; - } - } catch (UnknownHostException e) { - log.error("Cannot determine host name", e); + if (isGovAgency(cert)) { + return CERTIFIED_GOV_AGENCY; } if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) { return CERTIFIED_GOV_AGENCY; @@ -68,7 +97,8 @@ public class AuthenticationClassifier { /** * * @param isDataUrl - * @param url if the url's protocol is https a cert parameter must be provided. + * @param url + * if the url's protocol is https a cert parameter must be provided. * @param cert * @return */ diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java index ed37f08f..aaf81e51 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java @@ -99,5 +99,7 @@ public interface BindingProcessorManager { */ public Set getManagedIds(); - public void shutdown(); + public void shutdown(); + + public void shutdownNow(); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 6f5ca2d2..0082de26 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -149,6 +149,11 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { public void shutdown() { log.info("Shutting down the BindingProcessorManager"); executorService.shutdown(); + } + + public void shutdownNow() { + log.info("Shutting down the BindingProcessorManager NOW!"); + executorService.shutdownNow(); } /** @@ -223,7 +228,8 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { throw new SLRuntimeException( "Clashing ids, cannot process bindingprocessor with id:" + aBindingProcessor.getId()); - } + } + log.debug("processing bindingprocessor: "+aBindingProcessor.getId()); Future f = executorService.submit(aBindingProcessor); bindingProcessorMap.put(aBindingProcessor.getId(), new MapEntityWrapper(f, aBindingProcessor)); @@ -235,7 +241,8 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { } @Override - public void removeBindingProcessor(Id sessionId) { + public void removeBindingProcessor(Id sessionId) { + log.debug("Removing binding processor: "+sessionId); MapEntityWrapper wrapper = bindingProcessorMap .get(sessionId); if (wrapper == null) { diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifierTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifierTest.java new file mode 100644 index 00000000..c339704e --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifierTest.java @@ -0,0 +1,28 @@ +package at.gv.egiz.bku.accesscontroller; + +import static org.junit.Assert.assertTrue; + +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; + +import org.junit.Before; +import org.junit.Test; + +public class AuthenticationClassifierTest { + + private X509Certificate atrust; + + @Before + public void setUp() throws Exception { + atrust = (X509Certificate) CertificateFactory.getInstance("X509") + .generateCertificate( + getClass().getClassLoader().getResourceAsStream( + "at/gv/egiz/bku/accesscontroller/www.a-trust.at.crt")); + } + + @Test + public void testATrust() { + assertTrue(AuthenticationClassifier.isGovAgency(atrust)); + } + +} diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/www.a-trust.at.crt b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/www.a-trust.at.crt new file mode 100644 index 00000000..11cde026 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/www.a-trust.at.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEyjCCA7KgAwIBAgIDA4LFMA0GCSqGSIb3DQEBBQUAMIGHMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRYwFAYDVQQLDA1hLXNpZ24tU1NM +LTAzMRYwFAYDVQQDDA1hLXNpZ24tU1NMLTAzMB4XDTA3MTIxMTExMTQ0NFoXDTEy +MTIxMTExMTQ0NFowYTELMAkGA1UEBhMCQVQxEDAOBgNVBAoMB0EtVHJ1c3QxEDAO +BgNVBAsMB0EtVHJ1c3QxFzAVBgNVBAMMDnd3dy5hLXRydXN0LmF0MRUwEwYDVQQF +Eww2NDk2ODY0MDkzMzkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK2oRtJ4 +R9ipr/NUH5F4p86cjWtzT1g+ytpjg1lwh4HNY+lTjdUcx/VKBrtf0N8qnMK1UHhA +LLvvZeKTFi3L15i5or1WjZRi4RfH/4vcL0o1w/91liwMOKH3D30omnVceuxmQp2j +V9QrGPbz0/IsP51cnBWCBTWGqgfBebB8v1FLAgMBAAGjggHmMIIB4jATBgNVHSME +DDAKgAhAPqHTYrQD3TByBggrBgEFBQcBAQRmMGQwJwYIKwYBBQUHMAGGG2h0dHA6 +Ly9vY3NwLmEtdHJ1c3QuYXQvb2NzcDA5BggrBgEFBQcwAoYtaHR0cDovL3d3dy5h +LXRydXN0LmF0L2NlcnRzL2Etc2lnbi1zc2wtMDMuY3J0MEsGA1UdIAREMEIwQAYG +KigAEQEUMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2Nz +L2NwL2Etc2lnbi1zc2wwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge2xkYXA6Ly9sZGFw +LmEtdHJ1c3QuYXQvb3U9YS1zaWduLVNTTC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0 +aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlm +aWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQIRu1a/pOZZpMwDgYDVR0PAQH/BAQD +AgWgMEoGA1UdEQRDMEGBEW9mZmljZUBhLXRydXN0LmF0gg53d3cuYS10cnVzdC5h +dIIcemRhLnNvemlhbHZlcnNpY2hlcnVuZy5ndi5hdDAJBgNVHRMEAjAAMA0GCSqG +SIb3DQEBBQUAA4IBAQCQGheDpci0lnSEoKw/N3tbJqn/KG49/OWZcsw6XZiAEHsx +Rx9TlNJhL2d/SqFXBmmqfR496gdzTb4823WJsmXtyBY2t5ZnmD9tY5oJi5bHKchO +50QCd1x24HzH1mxPReCJzRxzLEM/znojEMdYqQ5Y+BZuj7n9BY+l2nY0Qnhn09FE +dxXAfNcuZnZavLJgk7vTBg8OFkAh6DJ21ACxf/y+rN53gKFK4Jh+PodRu0J2tK8B +wAZg7HlnT8U7tcEsf1JnsBhlzAWCHgZc6whgBbDHFs6WSFWuobKN+maU91g/Tvgk +Obos/EhVNti54Zhu1PO9RSKpKkwzTJT4kmGtaOJN +-----END CERTIFICATE----- -- cgit v1.2.3 From 66cfb865fbfa7af514e803003f928d77f1156e46 Mon Sep 17 00:00:00 2001 From: mcentner Date: Thu, 11 Sep 2008 12:16:35 +0000 Subject: Added to be signed data validation. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@32 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUViewer/.classpath | 10 + BKUViewer/.project | 23 + BKUViewer/.settings/org.eclipse.jdt.core.prefs | 5 + BKUViewer/.settings/org.maven.ide.eclipse.prefs | 8 + BKUViewer/pom.xml | 44 ++ .../at/gv/egiz/bku/slxhtml/SLXHTMLValidator.java | 251 ++++++++ .../egiz/bku/slxhtml/css/CSSValidatorSLXHTML.java | 95 +++ .../bku/slxhtml/css/CssBackgroundColorSLXHTML.java | 57 ++ .../egiz/bku/slxhtml/css/CssBackgroundSLXHTML.java | 93 +++ .../slxhtml/css/CssBorderBottomColorSLXHTML.java | 57 ++ .../bku/slxhtml/css/CssBorderColorSLXHTML.java | 81 +++ .../bku/slxhtml/css/CssBorderLeftColorSLXHTML.java | 57 ++ .../slxhtml/css/CssBorderRightColorSLXHTML.java | 57 ++ .../gv/egiz/bku/slxhtml/css/CssBorderSLXHTML.java | 85 +++ .../bku/slxhtml/css/CssBorderTopColorSLXHTML.java | 57 ++ .../gv/egiz/bku/slxhtml/css/CssColorSLXHTML.java | 99 ++++ .../at/gv/egiz/bku/slxhtml/css/CssFontSLXHTML.java | 59 ++ .../bku/slxhtml/css/CssLetterSpacingSLXHTML.java | 54 ++ .../bku/slxhtml/css/CssMarginBottomSLXHTML.java | 60 ++ .../egiz/bku/slxhtml/css/CssMarginLeftSLXHTML.java | 61 ++ .../bku/slxhtml/css/CssMarginRightSLXHTML.java | 60 ++ .../gv/egiz/bku/slxhtml/css/CssMarginSLXHTML.java | 101 ++++ .../egiz/bku/slxhtml/css/CssMarginTopSLXHTML.java | 61 ++ .../bku/slxhtml/css/CssPaddingBottomSLXHTML.java | 60 ++ .../bku/slxhtml/css/CssPaddingLeftSLXHTML.java | 60 ++ .../bku/slxhtml/css/CssPaddingRightSLXHTML.java | 60 ++ .../gv/egiz/bku/slxhtml/css/CssPaddingSLXHTML.java | 102 ++++ .../egiz/bku/slxhtml/css/CssPaddingTopSLXHTML.java | 61 ++ .../bku/slxhtml/css/CssTextDecorationSLXHTML.java | 51 ++ .../bku/slxhtml/css/CssWordSpacingSLXHTML.java | 54 ++ .../slxhtml/css/SLXHTMLInvalidParamException.java | 71 +++ .../at/gv/egiz/bku/slxhtml/css/SLXHTMLStyle.java | 22 + .../egiz/bku/slxhtml/css/TableLayoutSLXHTML.java | 45 ++ .../java/at/gv/egiz/bku/text/TextValidator.java | 32 + .../services/at.gv.egiz.bku.viewer.Validator | 2 + .../at/gv/egiz/bku/slxhtml/slxhtml-model-1.xsd | 469 +++++++++++++++ .../at/gv/egiz/bku/slxhtml/slxhtml-modules-1.xsd | 248 ++++++++ .../resources/at/gv/egiz/bku/slxhtml/slxhtml.xsd | 70 +++ .../at/gv/egiz/bku/slxhtml/xhtml-attribs-1.xsd | 72 +++ .../at/gv/egiz/bku/slxhtml/xhtml-blkphras-1.xsd | 161 ++++++ .../at/gv/egiz/bku/slxhtml/xhtml-blkpres-1.xsd | 37 ++ .../at/gv/egiz/bku/slxhtml/xhtml-blkstruct-1.xsd | 49 ++ .../at/gv/egiz/bku/slxhtml/xhtml-datatypes-1.xsd | 175 ++++++ .../at/gv/egiz/bku/slxhtml/xhtml-framework-1.xsd | 66 +++ .../at/gv/egiz/bku/slxhtml/xhtml-image-1.xsd | 45 ++ .../at/gv/egiz/bku/slxhtml/xhtml-inlphras-1.xsd | 163 ++++++ .../at/gv/egiz/bku/slxhtml/xhtml-inlpres-1.xsd | 39 ++ .../at/gv/egiz/bku/slxhtml/xhtml-inlstruct-1.xsd | 50 ++ .../at/gv/egiz/bku/slxhtml/xhtml-list-1.xsd | 99 ++++ .../at/gv/egiz/bku/slxhtml/xhtml-pres-1.xsd | 51 ++ .../at/gv/egiz/bku/slxhtml/xhtml-struct-1.xsd | 116 ++++ .../at/gv/egiz/bku/slxhtml/xhtml-style-1.xsd | 53 ++ .../at/gv/egiz/bku/slxhtml/xhtml-table-1.xsd | 272 +++++++++ .../at/gv/egiz/bku/slxhtml/xhtml-text-1.xsd | 67 +++ .../main/resources/at/gv/egiz/bku/slxhtml/xml.xsd | 145 +++++ .../org/w3c/css/properties/Config.properties | 32 + .../css/properties/ProfilesProperties.properties | 30 + .../css/properties/SLXHTMLProperties.properties | 641 +++++++++++++++++++++ .../java/at/gv/egiz/bku/slxhtml/ValidatorTest.java | 66 +++ .../gv/egiz/bku/slxhtml/css/CssValidatorTest.java | 75 +++ .../resources/at/gv/egiz/bku/slxhtml/test.xhtml | 10 + .../src/test/resources/commons-logging.properties | 1 + BKUViewer/src/test/resources/log4j.properties | 19 + bkucommon/pom.xml | 9 +- .../binding/multipart/InputStreamPartSource.java | 5 - .../egiz/bku/binding/multipart/SLResultPart.java | 5 - .../impl/CreateXMLSignatureCommandImpl.java | 13 +- .../egiz/bku/slcommands/impl/xsect/DataObject.java | 119 +++- .../bku/slcommands/impl/xsect/STALSignature.java | 11 +- .../egiz/bku/slcommands/impl/xsect/Signature.java | 10 +- .../egiz/bku/slexceptions/SLViewerException.java | 7 +- .../at/gv/egiz/bku/viewer/ValidationException.java | 38 ++ .../main/java/at/gv/egiz/bku/viewer/Validator.java | 25 + .../at/gv/egiz/bku/viewer/ValidatorFactory.java | 165 ++++++ .../bku/slcommands/impl/xsect/SignatureTest.java | 21 +- pom.xml | 33 +- 76 files changed, 5885 insertions(+), 52 deletions(-) create mode 100644 BKUViewer/.classpath create mode 100644 BKUViewer/.project create mode 100644 BKUViewer/.settings/org.eclipse.jdt.core.prefs create mode 100644 BKUViewer/.settings/org.maven.ide.eclipse.prefs create mode 100644 BKUViewer/pom.xml create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/SLXHTMLValidator.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CSSValidatorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderBottomColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderLeftColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderRightColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderTopColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssColorSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssFontSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssLetterSpacingSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginBottomSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginLeftSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginRightSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginTopSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingBottomSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingLeftSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingRightSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingTopSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssTextDecorationSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssWordSpacingSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLInvalidParamException.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLStyle.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/TableLayoutSLXHTML.java create mode 100644 BKUViewer/src/main/java/at/gv/egiz/bku/text/TextValidator.java create mode 100644 BKUViewer/src/main/resources/META-INF/services/at.gv.egiz.bku.viewer.Validator create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-model-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-modules-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-attribs-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkphras-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkpres-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkstruct-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-datatypes-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-framework-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-image-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlphras-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlpres-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlstruct-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-list-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-pres-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-struct-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-style-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-table-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-text-1.xsd create mode 100644 BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xml.xsd create mode 100644 BKUViewer/src/main/resources/org/w3c/css/properties/Config.properties create mode 100644 BKUViewer/src/main/resources/org/w3c/css/properties/ProfilesProperties.properties create mode 100644 BKUViewer/src/main/resources/org/w3c/css/properties/SLXHTMLProperties.properties create mode 100644 BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java create mode 100644 BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/css/CssValidatorTest.java create mode 100644 BKUViewer/src/test/resources/at/gv/egiz/bku/slxhtml/test.xhtml create mode 100644 BKUViewer/src/test/resources/commons-logging.properties create mode 100644 BKUViewer/src/test/resources/log4j.properties create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidationException.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/viewer/Validator.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidatorFactory.java (limited to 'bkucommon/src/main') diff --git a/BKUViewer/.classpath b/BKUViewer/.classpath new file mode 100644 index 00000000..1041acfa --- /dev/null +++ b/BKUViewer/.classpath @@ -0,0 +1,10 @@ + + + + + + + + + + diff --git a/BKUViewer/.project b/BKUViewer/.project new file mode 100644 index 00000000..c18f3f10 --- /dev/null +++ b/BKUViewer/.project @@ -0,0 +1,23 @@ + + + BKUViewer + + + + + + org.eclipse.jdt.core.javabuilder + + + + + org.maven.ide.eclipse.maven2Builder + + + + + + org.eclipse.jdt.core.javanature + org.maven.ide.eclipse.maven2Nature + + diff --git a/BKUViewer/.settings/org.eclipse.jdt.core.prefs b/BKUViewer/.settings/org.eclipse.jdt.core.prefs new file mode 100644 index 00000000..59690d7b --- /dev/null +++ b/BKUViewer/.settings/org.eclipse.jdt.core.prefs @@ -0,0 +1,5 @@ +#Tue Sep 09 16:54:39 CEST 2008 +eclipse.preferences.version=1 +org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6 +org.eclipse.jdt.core.compiler.compliance=1.6 +org.eclipse.jdt.core.compiler.source=1.6 diff --git a/BKUViewer/.settings/org.maven.ide.eclipse.prefs b/BKUViewer/.settings/org.maven.ide.eclipse.prefs new file mode 100644 index 00000000..feb34e97 --- /dev/null +++ b/BKUViewer/.settings/org.maven.ide.eclipse.prefs @@ -0,0 +1,8 @@ +#Tue Sep 09 16:54:38 CEST 2008 +activeProfiles= +eclipse.preferences.version=1 +fullBuildGoals=process-test-resources +includeModules=false +resolveWorkspaceProjects=true +resourceFilterGoals=process-resources resources\:testResources +version=1 diff --git a/BKUViewer/pom.xml b/BKUViewer/pom.xml new file mode 100644 index 00000000..d7dbe0aa --- /dev/null +++ b/BKUViewer/pom.xml @@ -0,0 +1,44 @@ + + + bku + at.gv.egiz + 1.0-SNAPSHOT + + 4.0.0 + at.gv.egiz + BKUViewer + BKU viewer components + 1.0-SNAPSHOT + + + + at.gv.egiz + bkucommon + 1.0-SNAPSHOT + + + commons-logging + commons-logging + + + xerces + xercesImpl + + + org.w3c + css-validator + 2.1-mocca + + + org.w3c + jigsaw + + + tagsoup + tagsoup + + + + + \ No newline at end of file diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/SLXHTMLValidator.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/SLXHTMLValidator.java new file mode 100644 index 00000000..7ce5fdbe --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/SLXHTMLValidator.java @@ -0,0 +1,251 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.net.URL; +import java.nio.charset.Charset; +import java.nio.charset.IllegalCharsetNameException; +import java.nio.charset.UnsupportedCharsetException; +import java.util.Locale; + +import javax.xml.XMLConstants; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.parsers.SAXParser; +import javax.xml.parsers.SAXParserFactory; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import javax.xml.validation.ValidatorHandler; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.xml.sax.Attributes; +import org.xml.sax.ContentHandler; +import org.xml.sax.InputSource; +import org.xml.sax.Locator; +import org.xml.sax.SAXException; +import org.xml.sax.helpers.DefaultHandler; + +import at.gv.egiz.bku.slxhtml.css.CSSValidatorSLXHTML; +import at.gv.egiz.bku.viewer.ValidationException; + +public class SLXHTMLValidator implements at.gv.egiz.bku.viewer.Validator { + + /** + * The schema file for the SLXHTML schema. + */ + private static final String SLXHTML_SCHEMA_FILE = "at/gv/egiz/bku/slxhtml/slxhtml.xsd"; + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(SLXHTMLValidator.class); + + private static Schema slSchema; + + /** + * Initialize the security layer schema. + */ + private synchronized static void ensureSchema() { + if (slSchema == null) { + try { + SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); + ClassLoader cl = SLXHTMLValidator.class.getClassLoader(); + URL schemaURL = cl.getResource(SLXHTML_SCHEMA_FILE); + log.debug("Trying to create SLXHTML schema from URL '" + schemaURL + "'."); + long t0 = System.currentTimeMillis(); + slSchema = schemaFactory.newSchema(schemaURL); + long t1 = System.currentTimeMillis(); + log.debug("SLXHTML schema successfully created in " + (t1 - t0) + "ms."); + } catch (SAXException e) { + log.error("Failed to load security layer XHTML schema.", e); + throw new RuntimeException("Failed to load security layer XHTML schema.", e); + } + + } + } + + public SLXHTMLValidator() { + ensureSchema(); + } + + public void validate(InputStream is, String charset) + throws ValidationException { + if (charset == null) { + validate(is, (Charset) null); + } else { + try { + validate(is, Charset.forName(charset)); + } catch (IllegalCharsetNameException e) { + throw new ValidationException(e); + } catch (UnsupportedCharsetException e) { + throw new ValidationException(e); + } + } + } + + public void validate(InputStream is, Charset charset) throws ValidationException { + + SAXParserFactory spf = SAXParserFactory.newInstance(); + spf.setNamespaceAware(true); + spf.setSchema(slSchema); + spf.setValidating(true); + spf.setXIncludeAware(false); + + SAXParser parser; + try { + parser = spf.newSAXParser(); + } catch (ParserConfigurationException e) { + log.error("Failed to create SLXHTML parser.", e); + throw new RuntimeException("Failed to create SLXHTML parser.", e); + } catch (SAXException e) { + log.error("Failed to create SLXHTML parser.", e); + throw new RuntimeException("Failed to create SLXHTML parser.", e); + } + + InputSource source; + if (charset != null) { + source = new InputSource(new InputStreamReader(is, charset)); + } else { + source = new InputSource(is); + } + + + ValidatorHandler validatorHandler = slSchema.newValidatorHandler(); + + DefaultHandler defaultHandler = new ValidationHandler(validatorHandler); + try { + parser.parse(source, defaultHandler); + } catch (SAXException e) { + if (e.getException() instanceof ValidationException) { + throw (ValidationException) e.getException(); + } else { + throw new ValidationException(e); + } + } catch (IOException e) { + throw new ValidationException(e); + } + + } + + private void validateCss(InputStream is) throws ValidationException { + CSSValidatorSLXHTML cssValidator = new CSSValidatorSLXHTML(); + // TODO: use the right locale + cssValidator.validate(is, Locale.getDefault(), "SLXHTML", 0); + } + + private class ValidationHandler extends DefaultHandler implements ContentHandler { + + private ValidatorHandler validatorHandler; + + private boolean insideStyle = false; + + private StringBuffer style = new StringBuffer(); + + private ValidationHandler(ValidatorHandler contentHandler) { + this.validatorHandler = contentHandler; + } + + @Override + public void endDocument() throws SAXException { + validatorHandler.endDocument(); + } + + @Override + public void endPrefixMapping(String prefix) throws SAXException { + validatorHandler.endPrefixMapping(prefix); + } + + @Override + public void ignorableWhitespace(char[] ch, int start, int length) + throws SAXException { + validatorHandler.ignorableWhitespace(ch, start, length); + } + + @Override + public void processingInstruction(String target, String data) + throws SAXException { + validatorHandler.processingInstruction(target, data); + } + + @Override + public void setDocumentLocator(Locator locator) { + validatorHandler.setDocumentLocator(locator); + } + + @Override + public void skippedEntity(String name) throws SAXException { + validatorHandler.skippedEntity(name); + } + + @Override + public void startDocument() throws SAXException { + validatorHandler.startDocument(); + } + + @Override + public void startPrefixMapping(String prefix, String uri) + throws SAXException { + validatorHandler.startPrefixMapping(prefix, uri); + } + + @Override + public void startElement(String uri, String localName, String name, + Attributes attributes) throws SAXException { + validatorHandler.startElement(uri, localName, name, attributes); + + System.out.println(uri + ":" + localName); + + if ("http://www.w3.org/1999/xhtml".equals(uri) && + "style".equals(localName)) { + insideStyle = true; + } + } + + @Override + public void characters(char[] ch, int start, int length) + throws SAXException { + validatorHandler.characters(ch, start, length); + + if (insideStyle) { + style.append(ch, start, length); + } + + } + + @Override + public void endElement(String uri, String localName, String name) + throws SAXException { + validatorHandler.endElement(uri, localName, name); + + if (insideStyle) { + insideStyle = false; + try { + validateCss(new ByteArrayInputStream(style.toString().getBytes(Charset.forName("UTF-8")))); + } catch (ValidationException e) { + throw new SAXException(e); + } + } + } + + } + + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CSSValidatorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CSSValidatorSLXHTML.java new file mode 100644 index 00000000..7abe4741 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CSSValidatorSLXHTML.java @@ -0,0 +1,95 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Locale; + +import org.w3c.css.css.CssParser; +import org.w3c.css.css.StyleSheet; +import org.w3c.css.css.StyleSheetParser; +import org.w3c.css.parser.CssError; +import org.w3c.css.parser.Errors; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.Util; +import org.w3c.css.util.Warning; +import org.w3c.css.util.Warnings; + +import at.gv.egiz.bku.viewer.ValidationException; + +public class CSSValidatorSLXHTML { + + public void validate(InputStream input, Locale locale, String title, int lineno) throws ValidationException { + + // disable imports + Util.importSecurity = true; + + CssParser cssParser = new StyleSheetParser(); + + ApplContext ac = new ApplContext(locale.getLanguage()); + ac.setCssVersion("slxhtml"); + ac.setMedium("all"); + + URL url; + try { + url = new URL("http://test.xyz"); + } catch (MalformedURLException e) { + throw new RuntimeException(e); + } + + cssParser.parseStyleElement(ac, input, title, "all", url, lineno); + + StyleSheet styleSheet = cssParser.getStyleSheet(); + + // find conflicts + styleSheet.findConflicts(ac); + + boolean valid = true; + StringBuilder sb = new StringBuilder().append("CSS:"); + + // look for errors + Errors errors = styleSheet.getErrors(); + if (errors.getErrorCount() != 0) { + valid = false; + CssError[] cssErrors = errors.getErrors(); + for (CssError cssError : cssErrors) { + Exception exception = cssError.getException(); + sb.append(" "); + sb.append(exception.getMessage()); + } + } + + // look for warnings + Warnings warnings = styleSheet.getWarnings(); + if (warnings.getWarningCount() != 0) { + valid = false; + Warning[] cssWarnings = warnings.getWarnings(); + for (Warning warning : cssWarnings) { + sb.append(" "); + sb.append(warning.getWarningMessage()); + } + } + + if (!valid) { + throw new ValidationException(sb.toString()); + } + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundColorSLXHTML.java new file mode 100644 index 00000000..53191d17 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundColorSLXHTML.java @@ -0,0 +1,57 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBackgroundColorCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssBackgroundColorSLXHTML extends CssBackgroundColorCSS2 { + + public CssBackgroundColorSLXHTML() { + } + + public CssBackgroundColorSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + } + + public CssBackgroundColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + super(ac, expression); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundSLXHTML.java new file mode 100644 index 00000000..724c8c6a --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBackgroundSLXHTML.java @@ -0,0 +1,93 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +/** + * + */ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBackgroundCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +/** + * @author mcentner + * + */ +public class CssBackgroundSLXHTML extends CssBackgroundCSS2 { + + public CssBackgroundSLXHTML() { + } + + public CssBackgroundSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + // The properties for selecting and controlling an image as background + // (background-image, background-repeat, background-position, + // background-attachment; cf. [CSS 2], section 14.2.1) must not be contained + // in an instance document to prevent content from overlapping. Otherwise + // the instance document must be rejected by the Citizen Card Environment. + // + // The property for the shorthand version of the background properties + // (background) should be supported by a Citizen Card Environment. The + // recommended values result from the explanations for the background-color + // property above (cf. [CSS 2], section 14.2.1). If the property contains + // values for selecting and controlling an image as background, the instance + // document must be rejected by the Citizen Card Environment. + + if (getImage() != null) { + throw new SLXHTMLInvalidParamException("background", "background-image", ac); + } + + if (getRepeat() != null) { + throw new SLXHTMLInvalidParamException("background", "background-repeat", ac); + } + + if (getPosition() != null) { + throw new SLXHTMLInvalidParamException("background", "background-position", ac); + } + + if (getAttachment() != null) { + throw new SLXHTMLInvalidParamException("background", "background-attachment", ac); + } + + } + + public CssBackgroundSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderBottomColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderBottomColorSLXHTML.java new file mode 100644 index 00000000..4f5798b0 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderBottomColorSLXHTML.java @@ -0,0 +1,57 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBorderBottomColorCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssBorderBottomColorSLXHTML extends CssBorderBottomColorCSS2 { + + public CssBorderBottomColorSLXHTML() { + } + + public CssBorderBottomColorSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + } + + public CssBorderBottomColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderColorSLXHTML.java new file mode 100644 index 00000000..3f5a7319 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderColorSLXHTML.java @@ -0,0 +1,81 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBorderBottomColorCSS2; +import org.w3c.css.properties.css1.CssBorderColorCSS2; +import org.w3c.css.properties.css1.CssBorderLeftColorCSS2; +import org.w3c.css.properties.css1.CssBorderRightColorCSS2; +import org.w3c.css.properties.css1.CssBorderTopColorCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssBorderColorSLXHTML extends CssBorderColorCSS2 { + + public CssBorderColorSLXHTML() { + } + + public CssBorderColorSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssBorderTopColorCSS2 top = getTop(); + if (!isSoftlyInherited() && top != null) { + if (CssColorSLXHTML.isDisallowedColor(top.getColor())) { + throw new SLXHTMLInvalidParamException("color", top.getColor(), getPropertyName(), ac); + } + } + + CssBorderLeftColorCSS2 left = getLeft(); + if (!isSoftlyInherited() && left != null) { + if (CssColorSLXHTML.isDisallowedColor(left.getColor())) { + throw new SLXHTMLInvalidParamException("color", left.getColor(), getPropertyName(), ac); + } + } + + CssBorderRightColorCSS2 right = getRight(); + if (!isSoftlyInherited() && right != null) { + if (CssColorSLXHTML.isDisallowedColor(right.getColor())) { + throw new SLXHTMLInvalidParamException("color", right.getColor(), getPropertyName(), ac); + } + } + + CssBorderBottomColorCSS2 bottom = getBottom(); + if (!isSoftlyInherited() && bottom != null) { + if (CssColorSLXHTML.isDisallowedColor(bottom.getColor())) { + throw new SLXHTMLInvalidParamException("color", bottom.getColor(), getPropertyName(), ac); + } + } + + } + + public CssBorderColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderLeftColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderLeftColorSLXHTML.java new file mode 100644 index 00000000..e2378e99 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderLeftColorSLXHTML.java @@ -0,0 +1,57 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBorderLeftColorCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssBorderLeftColorSLXHTML extends CssBorderLeftColorCSS2 { + + public CssBorderLeftColorSLXHTML() { + } + + public CssBorderLeftColorSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + } + + public CssBorderLeftColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderRightColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderRightColorSLXHTML.java new file mode 100644 index 00000000..99d6bae5 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderRightColorSLXHTML.java @@ -0,0 +1,57 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBorderRightColorCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssBorderRightColorSLXHTML extends CssBorderRightColorCSS2 { + + public CssBorderRightColorSLXHTML() { + } + + public CssBorderRightColorSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + } + + public CssBorderRightColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderSLXHTML.java new file mode 100644 index 00000000..ac32670e --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderSLXHTML.java @@ -0,0 +1,85 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBorderCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssBorderSLXHTML extends CssBorderCSS2 { + + public CssBorderSLXHTML() { + } + + public CssBorderSLXHTML(ApplContext ac, CssExpression value, boolean check) + throws InvalidParamException { + super(ac, value, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + if (getTop() != null) { + CssValue top = getTop().getColor(); + if (!isSoftlyInherited() && top != null) { + if (CssColorSLXHTML.isDisallowedColor(top)) { + throw new SLXHTMLInvalidParamException("color", top, getPropertyName(), ac); + } + } + } + + if (getLeft() != null) { + CssValue left = getLeft().getColor(); + if (!isSoftlyInherited() && left != null) { + if (CssColorSLXHTML.isDisallowedColor(left)) { + throw new SLXHTMLInvalidParamException("color", left, getPropertyName(), ac); + } + } + } + + if (getRight() != null) { + CssValue right = getRight().getColor(); + if (!isSoftlyInherited() && right != null) { + if (CssColorSLXHTML.isDisallowedColor(right)) { + throw new SLXHTMLInvalidParamException("color", right, getPropertyName(), ac); + } + } + } + + if (getBottom() != null) { + CssValue bottom = getBottom().getColor(); + if (!isSoftlyInherited() && bottom != null) { + if (CssColorSLXHTML.isDisallowedColor(bottom)) { + throw new SLXHTMLInvalidParamException("color", bottom, getPropertyName(), ac); + } + } + } + } + + public CssBorderSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderTopColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderTopColorSLXHTML.java new file mode 100644 index 00000000..42926479 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssBorderTopColorSLXHTML.java @@ -0,0 +1,57 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssBorderTopColorCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssBorderTopColorSLXHTML extends CssBorderTopColorCSS2 { + + public CssBorderTopColorSLXHTML() { + } + + public CssBorderTopColorSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + } + + public CssBorderTopColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssColorSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssColorSLXHTML.java new file mode 100644 index 00000000..a640eb3a --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssColorSLXHTML.java @@ -0,0 +1,99 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import java.util.HashSet; +import java.util.Set; + +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssColorSLXHTML extends org.w3c.css.properties.css1.CssColorCSS2 { + + private static Set SLXHTML_DISSALLOWED_COLORS = new HashSet(); + + static { + + SLXHTML_DISSALLOWED_COLORS.add("activeborder"); + SLXHTML_DISSALLOWED_COLORS.add("activecaption"); + SLXHTML_DISSALLOWED_COLORS.add("appworkspace"); + SLXHTML_DISSALLOWED_COLORS.add("background"); + SLXHTML_DISSALLOWED_COLORS.add("buttonface"); + SLXHTML_DISSALLOWED_COLORS.add("buttonhighlight"); + SLXHTML_DISSALLOWED_COLORS.add("buttonshadow"); + SLXHTML_DISSALLOWED_COLORS.add("buttontext"); + SLXHTML_DISSALLOWED_COLORS.add("captiontext"); + SLXHTML_DISSALLOWED_COLORS.add("graytext"); + SLXHTML_DISSALLOWED_COLORS.add("highlight"); + SLXHTML_DISSALLOWED_COLORS.add("highlighttext"); + SLXHTML_DISSALLOWED_COLORS.add("inactiveborder"); + SLXHTML_DISSALLOWED_COLORS.add("inactivecaption"); + SLXHTML_DISSALLOWED_COLORS.add("inactivecaptiontext"); + SLXHTML_DISSALLOWED_COLORS.add("infobackground"); + SLXHTML_DISSALLOWED_COLORS.add("infotext"); + SLXHTML_DISSALLOWED_COLORS.add("menu"); + SLXHTML_DISSALLOWED_COLORS.add("menutext"); + SLXHTML_DISSALLOWED_COLORS.add("scrollbar"); + SLXHTML_DISSALLOWED_COLORS.add("threeddarkshadow"); + SLXHTML_DISSALLOWED_COLORS.add("threedface"); + SLXHTML_DISSALLOWED_COLORS.add("threedhighlight"); + SLXHTML_DISSALLOWED_COLORS.add("threedlightshadow"); + SLXHTML_DISSALLOWED_COLORS.add("threedshadow"); + SLXHTML_DISSALLOWED_COLORS.add("window"); + SLXHTML_DISSALLOWED_COLORS.add("windowframe"); + SLXHTML_DISSALLOWED_COLORS.add("windowtext"); + + } + + public static boolean isDisallowedColor(CssValue cssValue) { + return SLXHTML_DISSALLOWED_COLORS.contains(cssValue.toString().toLowerCase()); + } + + public CssColorSLXHTML() { + } + + public CssColorSLXHTML(ApplContext ac, CssExpression expression, boolean check) + throws InvalidParamException { + + super(ac, expression, check); + + // A Citizen Card Environment must support all the options for specifying a + // colour listed in [CSS 2], section 4.3.6 for a CSS property, if such an + // option is available for this property according to [CSS 2]. + + // The exceptions are the system colours (cf. [CSS 2], section 18.2); these + // must not be used in an instance document so as to prevent dependencies on + // the system environment. Otherwise the instance document must be rejected + // by the Citizen Card Environment. + + CssValue color = getColor(); + if (!isSoftlyInherited() && color != null) { + if (CssColorSLXHTML.isDisallowedColor(color)) { + throw new SLXHTMLInvalidParamException("color", color, getPropertyName(), ac); + } + } + + } + + public CssColorSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssFontSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssFontSLXHTML.java new file mode 100644 index 00000000..8e5298ec --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssFontSLXHTML.java @@ -0,0 +1,59 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssFontCSS2; +import org.w3c.css.properties.css1.CssFontConstantCSS2; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssIdent; +import org.w3c.css.values.CssValue; + +public class CssFontSLXHTML extends CssFontCSS2 { + + public CssFontSLXHTML() { + } + + public CssFontSLXHTML(ApplContext ac, CssExpression expression, boolean check) + throws InvalidParamException { + super(ac, checkExpression(expression, ac), check); + } + + public CssFontSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + + protected static CssExpression checkExpression(CssExpression expression, + ApplContext ac) throws InvalidParamException { + + CssValue value = expression.getValue(); + + if (value instanceof CssIdent) { + for (String font : CssFontConstantCSS2.FONT) { + if (font.equalsIgnoreCase(value.toString())) { + throw new SLXHTMLInvalidParamException("font", value.toString(), ac); + } + } + } + + return expression; + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssLetterSpacingSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssLetterSpacingSLXHTML.java new file mode 100644 index 00000000..326a731f --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssLetterSpacingSLXHTML.java @@ -0,0 +1,54 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssLetterSpacing; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssLength; +import org.w3c.css.values.CssNumber; + +public class CssLetterSpacingSLXHTML extends CssLetterSpacing { + + public CssLetterSpacingSLXHTML() { + } + + public CssLetterSpacingSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + Object value = get(); + if (value instanceof CssLength) { + Object length = ((CssLength) value).get(); + if (length instanceof Float && ((Float) length).floatValue() < 0) { + throw new SLXHTMLInvalidParamException("spacing", length, getPropertyName(), ac); + } + } else if (value instanceof CssNumber) { + if (((CssNumber) value).getValue() < 0) { + throw new SLXHTMLInvalidParamException("spacing", value, getPropertyName(), ac); + } + } + + } + + public CssLetterSpacingSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginBottomSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginBottomSLXHTML.java new file mode 100644 index 00000000..cac97d06 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginBottomSLXHTML.java @@ -0,0 +1,60 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssMarginBottom; +import org.w3c.css.properties.css1.CssMarginSide; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssMarginBottomSLXHTML extends CssMarginBottom { + + public CssMarginBottomSLXHTML() { + } + + public CssMarginBottomSLXHTML(CssMarginSide another) { + super(another); + } + + public CssMarginBottomSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + + public CssMarginBottomSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The margin-top, margin-bottom, margin-left and margin-right properties + // must be supported by a Citizen Card Environment. Values specified as + // percentages (cf. section 3.5.1.2) should be supported. + + // The margin property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssMarginSLXHTML.isDisallowedMargin(getValue())) { + throw new SLXHTMLInvalidParamException("margin", getValue(), + getPropertyName(), ac); + } + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginLeftSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginLeftSLXHTML.java new file mode 100644 index 00000000..c456af43 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginLeftSLXHTML.java @@ -0,0 +1,61 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssMarginLeft; +import org.w3c.css.properties.css1.CssMarginSide; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssMarginLeftSLXHTML extends CssMarginLeft { + + public CssMarginLeftSLXHTML() { + } + + public CssMarginLeftSLXHTML(CssMarginSide another) { + super(another); + } + + public CssMarginLeftSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + + public CssMarginLeftSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // TODO Auto-generated constructor stub + // The margin-top, margin-bottom, margin-left and margin-right properties + // must be supported by a Citizen Card Environment. Values specified as + // percentages (cf. section 3.5.1.2) should be supported. + + // The margin property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssMarginSLXHTML.isDisallowedMargin(getValue())) { + throw new SLXHTMLInvalidParamException("margin", getValue(), + getPropertyName(), ac); + } + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginRightSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginRightSLXHTML.java new file mode 100644 index 00000000..7f16830d --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginRightSLXHTML.java @@ -0,0 +1,60 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssMarginRight; +import org.w3c.css.properties.css1.CssMarginSide; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssMarginRightSLXHTML extends CssMarginRight { + + public CssMarginRightSLXHTML() { + } + + public CssMarginRightSLXHTML(CssMarginSide another) { + super(another); + } + + public CssMarginRightSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + + public CssMarginRightSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The margin-top, margin-bottom, margin-left and margin-right properties + // must be supported by a Citizen Card Environment. Values specified as + // percentages (cf. section 3.5.1.2) should be supported. + + // The margin property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssMarginSLXHTML.isDisallowedMargin(getValue())) { + throw new SLXHTMLInvalidParamException("margin", getValue(), + getPropertyName(), ac); + } + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginSLXHTML.java new file mode 100644 index 00000000..f478b96a --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginSLXHTML.java @@ -0,0 +1,101 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssMargin; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssLength; +import org.w3c.css.values.CssNumber; +import org.w3c.css.values.CssPercentage; +import org.w3c.css.values.CssValue; + +public class CssMarginSLXHTML extends CssMargin { + + public CssMarginSLXHTML() { + } + + public CssMarginSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + if (getTop() != null) { + if (isDisallowedMargin(getTop().getValue())) { + throw new SLXHTMLInvalidParamException("margin", getTop().getValue(), + getPropertyName(), ac); + } + } + + if (getRight() != null) { + if (isDisallowedMargin(getRight().getValue())) { + throw new SLXHTMLInvalidParamException("margin", getRight().getValue(), + getPropertyName(), ac); + } + } + + if (getLeft() != null) { + if (isDisallowedMargin(getLeft().getValue())) { + throw new SLXHTMLInvalidParamException("margin", getLeft().getValue(), + getPropertyName(), ac); + } + } + + if (getBottom() != null) { + if (isDisallowedMargin(getBottom().getValue())) { + throw new SLXHTMLInvalidParamException("margin", getBottom().getValue(), + getPropertyName(), ac); + } + } + + } + + public CssMarginSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + + public static boolean isDisallowedMargin(CssValue margin) { + + // The margin-top, margin-bottom, margin-left and margin-right properties + // must be supported by a Citizen Card Environment. Values specified as + // percentages (cf. section 3.5.1.2) should be supported. + + // The margin property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (margin instanceof CssLength) { + Object value = ((CssLength) margin).get(); + if (value instanceof Float) { + return ((Float) value).floatValue() < 0; + } + } else if (margin instanceof CssPercentage) { + Object value = ((CssPercentage) margin).get(); + if (value instanceof Float) { + return ((Float) value).floatValue() < 0; + } + } else if (margin instanceof CssNumber) { + return ((CssNumber) margin).getValue() < 0; + } + + return false; + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginTopSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginTopSLXHTML.java new file mode 100644 index 00000000..06b30c4f --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssMarginTopSLXHTML.java @@ -0,0 +1,61 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssMarginSide; +import org.w3c.css.properties.css1.CssMarginTop; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssMarginTopSLXHTML extends CssMarginTop { + + public CssMarginTopSLXHTML() { + } + + public CssMarginTopSLXHTML(CssMarginSide another) { + super(another); + } + + public CssMarginTopSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + + } + + public CssMarginTopSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The margin-top, margin-bottom, margin-left and margin-right properties + // must be supported by a Citizen Card Environment. Values specified as + // percentages (cf. section 3.5.1.2) should be supported. + + // The margin property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssMarginSLXHTML.isDisallowedMargin(getValue())) { + throw new SLXHTMLInvalidParamException("margin", getValue(), + getPropertyName(), ac); + } + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingBottomSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingBottomSLXHTML.java new file mode 100644 index 00000000..4bcb0065 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingBottomSLXHTML.java @@ -0,0 +1,60 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssPaddingBottom; +import org.w3c.css.properties.css1.CssPaddingSide; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssPaddingBottomSLXHTML extends CssPaddingBottom { + + public CssPaddingBottomSLXHTML() { + } + + public CssPaddingBottomSLXHTML(CssPaddingSide another) { + super(another); + } + + public CssPaddingBottomSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The padding-top, padding-bottom, padding-left and padding-right + // properties must be supported by a Citizen Card Environment. Values + // specified as percentages (cf. section 3.5.1.2) should be supported. + + // The padding property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssPaddingSLXHTML.isDisallowedValue(getValue())) { + throw new SLXHTMLInvalidParamException("padding", getValue(), + getPropertyName(), ac); + } + + } + + public CssPaddingBottomSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingLeftSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingLeftSLXHTML.java new file mode 100644 index 00000000..350a5c15 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingLeftSLXHTML.java @@ -0,0 +1,60 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssPaddingLeft; +import org.w3c.css.properties.css1.CssPaddingSide; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssPaddingLeftSLXHTML extends CssPaddingLeft { + + public CssPaddingLeftSLXHTML() { + } + + public CssPaddingLeftSLXHTML(CssPaddingSide another) { + super(another); + } + + public CssPaddingLeftSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The padding-top, padding-bottom, padding-left and padding-right + // properties must be supported by a Citizen Card Environment. Values + // specified as percentages (cf. section 3.5.1.2) should be supported. + + // The padding property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssPaddingSLXHTML.isDisallowedValue(getValue())) { + throw new SLXHTMLInvalidParamException("padding", getValue(), + getPropertyName(), ac); + } + + } + + public CssPaddingLeftSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingRightSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingRightSLXHTML.java new file mode 100644 index 00000000..d2d62748 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingRightSLXHTML.java @@ -0,0 +1,60 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssPaddingRight; +import org.w3c.css.properties.css1.CssPaddingSide; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssPaddingRightSLXHTML extends CssPaddingRight { + + public CssPaddingRightSLXHTML() { + } + + public CssPaddingRightSLXHTML(CssPaddingSide another) { + super(another); + } + + public CssPaddingRightSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The padding-top, padding-bottom, padding-left and padding-right + // properties must be supported by a Citizen Card Environment. Values + // specified as percentages (cf. section 3.5.1.2) should be supported. + + // The padding property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssPaddingSLXHTML.isDisallowedValue(getValue())) { + throw new SLXHTMLInvalidParamException("padding", getValue(), + getPropertyName(), ac); + } + + } + + public CssPaddingRightSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingSLXHTML.java new file mode 100644 index 00000000..57d7cf77 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingSLXHTML.java @@ -0,0 +1,102 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssPadding; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssLength; +import org.w3c.css.values.CssNumber; +import org.w3c.css.values.CssPercentage; +import org.w3c.css.values.CssValue; + +public class CssPaddingSLXHTML extends CssPadding { + + public CssPaddingSLXHTML() { + } + + public CssPaddingSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + if (getTop() != null) { + if (isDisallowedValue(getTop().getValue())) { + throw new SLXHTMLInvalidParamException("padding", getTop().getValue(), + getPropertyName(), ac); + } + } + + if (getRight() != null) { + if (isDisallowedValue(getRight().getValue())) { + throw new SLXHTMLInvalidParamException("padding", getRight().getValue(), + getPropertyName(), ac); + } + } + + if (getLeft() != null) { + if (isDisallowedValue(getLeft().getValue())) { + throw new SLXHTMLInvalidParamException("padding", getLeft().getValue(), + getPropertyName(), ac); + } + } + + if (getBottom() != null) { + if (isDisallowedValue(getBottom().getValue())) { + throw new SLXHTMLInvalidParamException("padding", getBottom().getValue(), + getPropertyName(), ac); + } + } + + } + + public CssPaddingSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + + public static boolean isDisallowedValue(CssValue padding) { + + // The padding-top, padding-bottom, padding-left and padding-right + // properties must be supported by a Citizen Card Environment. Values + // specified as percentages (cf. section 3.5.1.2) should be supported. + + // The padding property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (padding instanceof CssLength) { + Object value = ((CssLength) padding).get(); + if (value instanceof Float) { + return ((Float) value).floatValue() < 0; + } + } else if (padding instanceof CssPercentage) { + Object value = ((CssPercentage) padding).get(); + if (value instanceof Float) { + return ((Float) value).floatValue() < 0; + } + } else if (padding instanceof CssNumber) { + return ((CssNumber) padding).getValue() < 0; + } + + return false; + + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingTopSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingTopSLXHTML.java new file mode 100644 index 00000000..bc113bfe --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssPaddingTopSLXHTML.java @@ -0,0 +1,61 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssPaddingSide; +import org.w3c.css.properties.css1.CssPaddingTop; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; + +public class CssPaddingTopSLXHTML extends CssPaddingTop { + + public CssPaddingTopSLXHTML() { + } + + public CssPaddingTopSLXHTML(CssPaddingSide another) { + super(another); + } + + public CssPaddingTopSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + // The padding-top, padding-bottom, padding-left and padding-right + // properties must be supported by a Citizen Card Environment. Values + // specified as percentages (cf. section 3.5.1.2) should be supported. + + // The padding property may be supported by a Citizen Card Environment. + + // An instance document must not contain a negative value in the properties + // mentioned above. Otherwise it must be rejected by the Citizen Card + // Environment. + + if (CssPaddingSLXHTML.isDisallowedValue(getValue())) { + throw new SLXHTMLInvalidParamException("padding", getValue(), + getPropertyName(), ac); + } + + } + + public CssPaddingTopSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + super(ac, expression); + // TODO Auto-generated constructor stub + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssTextDecorationSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssTextDecorationSLXHTML.java new file mode 100644 index 00000000..16b9780a --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssTextDecorationSLXHTML.java @@ -0,0 +1,51 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssTextDecoration; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssValue; + +public class CssTextDecorationSLXHTML extends CssTextDecoration { + + public CssTextDecorationSLXHTML() { + } + + public CssTextDecorationSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + if (get() instanceof CssValue) { + if ("blink".equalsIgnoreCase(((CssValue) get()).toString())) { + throw new SLXHTMLInvalidParamException("text-decoration", "blink", ac); + } + } else if (get() instanceof String) { + if ("blink".equalsIgnoreCase((String) get())) { + throw new SLXHTMLInvalidParamException("text-decoration", "blink", ac); + } + } + + } + + public CssTextDecorationSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssWordSpacingSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssWordSpacingSLXHTML.java new file mode 100644 index 00000000..a497f4e3 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/CssWordSpacingSLXHTML.java @@ -0,0 +1,54 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css1.CssWordSpacing; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssLength; +import org.w3c.css.values.CssNumber; + +public class CssWordSpacingSLXHTML extends CssWordSpacing { + + public CssWordSpacingSLXHTML() { + } + + public CssWordSpacingSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + Object value = get(); + if (value instanceof CssLength) { + Object length = ((CssLength) value).get(); + if (length instanceof Float && ((Float) length).floatValue() < 0) { + throw new SLXHTMLInvalidParamException("spacing", length, getPropertyName(), ac); + } + } else if (value instanceof CssNumber) { + if (((CssNumber) value).getValue() < 0) { + throw new SLXHTMLInvalidParamException("spacing", value, getPropertyName(), ac); + } + } + + } + + public CssWordSpacingSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLInvalidParamException.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLInvalidParamException.java new file mode 100644 index 00000000..edac03f4 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLInvalidParamException.java @@ -0,0 +1,71 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import java.text.MessageFormat; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.ResourceBundle; + +import org.w3c.css.util.ApplContext; + +public class SLXHTMLInvalidParamException extends + org.w3c.css.util.InvalidParamException { + + private static final long serialVersionUID = 1L; + + protected String message; + + public SLXHTMLInvalidParamException() { + } + + public SLXHTMLInvalidParamException(String error, ApplContext ac) { + setMessage(error, null, ac); + } + + public SLXHTMLInvalidParamException(String error, Object message, ApplContext ac) { + setMessage(error, new Object[] {message}, ac); + } + + public SLXHTMLInvalidParamException(String error, Object message1, Object message2, + ApplContext ac) { + setMessage(error, new Object[] {message1, message2}, ac); + } + + @Override + public String getMessage() { + return getLocalizedMessage(); + } + + @Override + public String getLocalizedMessage() { + return message; + } + + protected void setMessage(String error, Object[] arguments, ApplContext ac) { + Locale locale = new Locale(ac.getContentLanguage()); + ResourceBundle bundle = ResourceBundle.getBundle("at/gv/egiz/bku/slxhtml/css/Messages", locale); + String pattern; + try { + pattern = bundle.getString(error); + } catch (MissingResourceException e) { + pattern = "Can't find error message for : " + error; + } + message = MessageFormat.format(pattern, arguments); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLStyle.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLStyle.java new file mode 100644 index 00000000..99448ec4 --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/SLXHTMLStyle.java @@ -0,0 +1,22 @@ +// +// $Id: Css2Style.java,v 1.2 2005-09-08 12:24:01 ylafon Exp $ +// From Philippe Le Hegaret (Philippe.Le_Hegaret@sophia.inria.fr) +// +// (c) COPYRIGHT MIT and INRIA, 1997. +// Please first read the full copyright statement in file COPYRIGHT.html +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.aural.ACssStyle; +import org.w3c.css.parser.CssPrinterStyle; + +/** + * @version $Revision: 1.2 $ + */ +public class SLXHTMLStyle extends ACssStyle { + + public void print(CssPrinterStyle printer) { + super.print(printer); + } + + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/TableLayoutSLXHTML.java b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/TableLayoutSLXHTML.java new file mode 100644 index 00000000..50f30cce --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/slxhtml/css/TableLayoutSLXHTML.java @@ -0,0 +1,45 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import org.w3c.css.properties.css2.table.TableLayout; +import org.w3c.css.util.ApplContext; +import org.w3c.css.util.InvalidParamException; +import org.w3c.css.values.CssExpression; +import org.w3c.css.values.CssIdent; + +public class TableLayoutSLXHTML extends TableLayout { + + public TableLayoutSLXHTML() { + } + + public TableLayoutSLXHTML(ApplContext ac, CssExpression expression, + boolean check) throws InvalidParamException { + super(ac, expression, check); + + if (new CssIdent("fixed").equals(get())) { + throw new SLXHTMLInvalidParamException("table-layout", "fixed", getPropertyName(), ac); + } + + } + + public TableLayoutSLXHTML(ApplContext ac, CssExpression expression) + throws InvalidParamException { + this(ac, expression, false); + } + +} diff --git a/BKUViewer/src/main/java/at/gv/egiz/bku/text/TextValidator.java b/BKUViewer/src/main/java/at/gv/egiz/bku/text/TextValidator.java new file mode 100644 index 00000000..5108140d --- /dev/null +++ b/BKUViewer/src/main/java/at/gv/egiz/bku/text/TextValidator.java @@ -0,0 +1,32 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.text; + +import java.io.InputStream; + +import at.gv.egiz.bku.viewer.ValidationException; +import at.gv.egiz.bku.viewer.Validator; + +public class TextValidator implements Validator { + + @Override + public void validate(InputStream is, String charset) + throws ValidationException { + // TODO: implement character validation + } + +} diff --git a/BKUViewer/src/main/resources/META-INF/services/at.gv.egiz.bku.viewer.Validator b/BKUViewer/src/main/resources/META-INF/services/at.gv.egiz.bku.viewer.Validator new file mode 100644 index 00000000..0004949b --- /dev/null +++ b/BKUViewer/src/main/resources/META-INF/services/at.gv.egiz.bku.viewer.Validator @@ -0,0 +1,2 @@ +application/xhtml+xml at.gv.egiz.bku.slxhtml.SLXHTMLValidator +text/plain at.gv.egiz.bku.text.TextValidator \ No newline at end of file diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-model-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-model-1.xsd new file mode 100644 index 00000000..89e91faa --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-model-1.xsd @@ -0,0 +1,469 @@ + + + + + + This is the XML Schema module of common content models for SLXHTML. + SLXHTML is a profile of XHTML (see W3C copyright notice below). + + @author: Gregor Karlinger gregor.karlinger@cio.gv.at + $Id: slxhtml-model-1.xsd,v 1.4 2004/05/12 11:35:31 karlinger Exp $ + + + + + + XHTML Document Model + This module describes the groupings of elements/attributes + that make up common content models for XHTML elements. + XHTML has following basic content models: + xhtml.Inline.mix; character-level elements + xhtml.Block.mix; block-like elements, e.g., paragraphs and lists + xhtml.Flow.mix; any block or inline elements + xhtml.HeadOpts.mix; Head Elements + xhtml.InlinePre.mix; Special class for pre content model + xhtml.InlineNoAnchor.mix; Content model for Anchor + + Any groups declared in this module may be used to create + element content models, but the above are considered 'global' + (insofar as that term applies here). XHTML has the + following Attribute Groups + xhtml.Core.extra.attrib + xhtml.I18n.extra.attrib + xhtml.Common.extra + + The above attribute Groups are considered Global + + + + + + + SLXHTML 1.2: attributeGroup "dir.attrib" removed. + + + + + + + + SLXHTML 1.2: attributeGroup "style.attrib" removed. + + + + + + + + + + Extended Global Core Attributes + + + + + Extended Global I18n attributes + + + + + Extended Global Common Attributes + + + + + + + SLXHTML 1.2: elements "script", "meta", "link", "object" removed. + + + + + + + + + + + SLXHTML 1.2: Only a single instance of element "style" is + allowed apart from the obligatory "title" element. + + + + + + + + + + + + SLXHTML 1.2: elements "ins", "del" removed. + + + + + + + + + SLXHTML 1.2: elements "script", "noscript" removed. + + + + + + + + + + + + + + + + + + + + + + + + + + SLXHTML 1.2: elements "dfn", "samp", "kbd", "var", "q" , "abbr" and + "acronym" removed. + + + + + + + + + + + + + SLXHTML 1.2: elements "tt", "i", "b", "big", "small", "sub", "sup" removed. + + + + + + + + SLXHTML 1.2: element "bdo" removed. + + + + + + + + SLXHTML 1.2: element "a" removed. + + + + + + + + SLXHTML 1.2: elements "map", "object" removed. + + + + + + + + + + SLXHTML 1.2: elements "input", "select", "textara", "lable", "button" removed. + + + + + + + + + + + SLXHTML 1.2: element "ruby" removed. + + + + + + + + + + + + + + + + + + + + + + SLXHTML 1.2: elements "tt", "i", "b", "script", "map" removed. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + SLXHTML 1.2: element "form" removed. + + + + + + + + + SLXHTML 1.2: element "fieldset" removed. + + + + + + + + + + + + + + + + SLXHTML 1.2: element "address" removed. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-modules-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-modules-1.xsd new file mode 100644 index 00000000..016833be --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml-modules-1.xsd @@ -0,0 +1,248 @@ + + + + + + + This XML Schema declares changes to the content models + of modules included in SLXHTML 1.2 + + + + + + + Module Content Model Redefinitions + + This schema describes the changes (Redefinitions) to the + content model of individual modules as they are instantiated as part of + SLXHTML 1.2 Document + + + + + + + + + + + + + Redefinition by SLXHTML 1.2: Removed xml:lang attrib. + + + + + + + + + Redefinition by SLXHTML 1.2: Removed title attrib. + + + + + + + + + + + + + + + + + + Redefinition by SLXHTML 1.2: Removed cite attrib. + + + + + + + + + + + + + + + + + + + + + Redefinition by SLXHTML 1.2: Change value of the version attrib. + + + + + + + + + Redefinition by SLXHTML 1.2: Removed profile attrib. + + + + + + + + + + + + + + + + + Redefinition by SLXHTML 1.2: Removed attributes "longdesc", "height", "width". + + + + + + + + + + + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute group "title" + Removed attribute "xml:space" + Fixed value of attribute "type" + Fixed value of attribute "media" + + + + + + + + + + + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "scope.attrib", "CellHAlign.attrib", "CellVAlign.attrib" + Removed attributes "abbr", "axis", "headers" + + + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "scope.attrib", "CellHAlign.attrib", "CellVAlign.attrib" + Removed attributes "abbr", "axis", "headers" + + + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "CellHAlign.attrib", "CellVAlign.attrib" + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "CellHAlign.attrib", "CellVAlign.attrib" + Removed attributes "span", "width" + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "CellHAlign.attrib", "CellVAlign.attrib" + Removed attributes "span", "width" + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "CellHAlign.attrib", "CellVAlign.attrib" + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "CellHAlign.attrib", "CellVAlign.attrib" + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "CellHAlign.attrib", "CellVAlign.attrib" + + + + + + + + + Redefinition by SLXHTML 1.2: + Removed attribute groups "frame.attrib", "rules.attrib" + Removed attributes "summary", "width", "border", "cellspacing", "cellpadding" + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml.xsd new file mode 100644 index 00000000..555edb52 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/slxhtml.xsd @@ -0,0 +1,70 @@ + + + + + This is the XML Schema driver for SLXHTML 1.2. + SLXHTML is a profile of XHTML (see W3C copyright notice below). + + @author: Gregor Karlinger gregor.karlinger@cio.gv.at + $Id: slxhtml.xsd,v 1.3 2004/05/12 11:35:31 karlinger Exp $ + + + + + This is the Schema Driver file for SLXHTML 1.2 + Document Type + + This schema includes + + modules for SLXHTML 1.2 Document Type. + + + schema that defines all the named model for + the SLXHTML 1.2 Document Type + + + schema that redefines the content model of + individual elements defined in the Module + implementations. + + SLXHTML 1.2 Document Type includes the following Modules + + XHTML Core modules + + text + + lists + + structure + + Other XHTML modules + + Style + + Image + + Tables + + + + + + + + This import brings in the XML namespace attributes + The XML attributes are used by various modules + + + + + + + + This schema redefines the content model defined by + the individual modules for SLXHTML 1.2 Document Type + + + + + + + + Document Model module for the SLXHTML 1.2 Document Type. + This schema file defines all named models used by XHTML + Modularization Framework for SLXHTML 1.2 Document Type + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-attribs-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-attribs-1.xsd new file mode 100644 index 00000000..df5ce483 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-attribs-1.xsd @@ -0,0 +1,72 @@ + + + + + + + This is the XML Schema common attributes module for XHTML + $Id: xhtml-attribs-1.xsd,v 1.6 2005/09/26 23:37:47 ahby Exp $ + + + + + + + + This import brings in the XML namespace attributes + The module itself does not provide the schemaLocation + and expects the driver schema to provide the + actual SchemaLocation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkphras-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkphras-1.xsd new file mode 100644 index 00000000..da15e4c1 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkphras-1.xsd @@ -0,0 +1,161 @@ + + + + + + + + + This is the XML Schema Block Phrasal support module for XHTML + $Id: xhtml-blkphras-1.xsd,v 1.6 2006/09/11 10:27:50 ahby Exp $ + + + + + + Block Phrasal + This module declares the elements and their attributes used to + support block-level phrasal markup. + This is the XML Schema block phrasal elements module for XHTML + + * address, blockquote, pre, h1, h2, h3, h4, h5, h6 + + + + + + + This import brings in the XML namespace attributes + The module itself does not provide the schemaLocation + and expects the driver schema to provide the + actual SchemaLocation. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkpres-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkpres-1.xsd new file mode 100644 index 00000000..cf42303a --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkpres-1.xsd @@ -0,0 +1,37 @@ + + + + + + This is the XML SchemaBlock presentation element module for XHTML + $Id: xhtml-blkpres-1.xsd,v 1.2 2005/09/26 22:54:53 ahby Exp $ + + + + + Block Presentational Elements + + * hr + + This module declares the elements and their attributes used to + support block-level presentational markup. + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkstruct-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkstruct-1.xsd new file mode 100644 index 00000000..1e658580 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-blkstruct-1.xsd @@ -0,0 +1,49 @@ + + + + + + Block Structural + + * div, p + + This module declares the elements and their attributes used to + support block-level structural markup. + + This is the XML Schema Block Structural module for XHTML + $Id: xhtml-blkstruct-1.xsd,v 1.3 2005/09/26 22:54:53 ahby Exp $ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-datatypes-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-datatypes-1.xsd new file mode 100644 index 00000000..5943cf35 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-datatypes-1.xsd @@ -0,0 +1,175 @@ + + + + + XHTML Datatypes + This is the XML Schema datatypes module for XHTML + + Defines containers for the XHTML datatypes, many of + these imported from other specifications and standards. + + $Id: xhtml-datatypes-1.xsd,v 1.9 2008/06/04 20:58:09 ahby Exp $ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-framework-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-framework-1.xsd new file mode 100644 index 00000000..05b906d4 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-framework-1.xsd @@ -0,0 +1,66 @@ + + + + + This is the XML Schema Modular Framework support module for XHTML + $Id: xhtml-framework-1.xsd,v 1.5 2005/09/26 23:37:47 ahby Exp $ + + + + + + XHTML Modular Framework + This required module instantiates the necessary modules + needed to support the XHTML modularization framework. + + The Schema modules instantiated are: + + notations + + datatypes + + common attributes + + character entities + + + + + + + + This module defines XHTML Attribute DataTypes + + + + + + + + This module defines Common attributes for XHTML + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-image-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-image-1.xsd new file mode 100644 index 00000000..cd16bc9b --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-image-1.xsd @@ -0,0 +1,45 @@ + + + + + + + Images + This is the XML Schema Images module for XHTML + + * img + + This module provides markup to support basic image embedding. + + To avoid problems with text-only UAs as well as to make + image content understandable and navigable to users of + non-visual UAs, you need to provide a description with + the 'alt' attribute, and avoid server-side image maps. + + + $Id: xhtml-image-1.xsd,v 1.2 2005/09/26 22:54:53 ahby Exp $ + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlphras-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlphras-1.xsd new file mode 100644 index 00000000..919c59de --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlphras-1.xsd @@ -0,0 +1,163 @@ + + + + + + + This is the XML Schema Inline Phrasal support module for XHTML + $Id: xhtml-inlphras-1.xsd,v 1.4 2005/09/26 22:54:53 ahby Exp $ + + + + + + Inline Phrasal. + This module declares the elements and their attributes used to + support inline-level phrasal markup. + This is the XML Schema Inline Phrasal module for XHTML + + * abbr, acronym, cite, code, dfn, em, kbd, q, samp, strong, var + + $Id: xhtml-inlphras-1.xsd,v 1.4 2005/09/26 22:54:53 ahby Exp $ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlpres-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlpres-1.xsd new file mode 100644 index 00000000..a053447c --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlpres-1.xsd @@ -0,0 +1,39 @@ + + + + + + This is the XML Schema Inline Presentation element module for XHTML + $Id: xhtml-inlpres-1.xsd,v 1.2 2005/09/26 22:54:53 ahby Exp $ + + + + + + Inline Presentational Elements + + * b, big, i, small, sub, sup, tt + + This module declares the elements and their attributes used to + support inline-level presentational markup. + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlstruct-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlstruct-1.xsd new file mode 100644 index 00000000..635eb5f1 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-inlstruct-1.xsd @@ -0,0 +1,50 @@ + + + + + + This is the XML Schema Inline Structural support module for XHTML + $Id: xhtml-inlstruct-1.xsd,v 1.4 2005/09/26 22:54:53 ahby Exp $ + + + + + + Inline Structural. + This module declares the elements and their attributes + used to support inline-level structural markup. + This is the XML Schema Inline Structural element module for XHTML + + * br, span + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-list-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-list-1.xsd new file mode 100644 index 00000000..cc22ba88 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-list-1.xsd @@ -0,0 +1,99 @@ + + + + + + List Module + This is the XML Schema Lists module for XHTML + List Module Elements + + * dl, dt, dd, ol, ul, li + + This module declares the list-oriented element types + and their attributes. + $Id: xhtml-list-1.xsd,v 1.2 2005/09/26 22:54:53 ahby Exp $ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-pres-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-pres-1.xsd new file mode 100644 index 00000000..bc36fc48 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-pres-1.xsd @@ -0,0 +1,51 @@ + + + + + + This is the XML Schema Presentation module for XHTML + This is a REQUIRED module. + $Id: xhtml-pres-1.xsd,v 1.2 2005/09/26 22:54:53 ahby Exp $ + + + + + + Presentational Elements + + This module defines elements and their attributes for + simple presentation-related markup. + + Elements defined here: + + * hr + * b, big, i, small, sub, sup, tt + + + + + + + Block Presentational module + Elements defined here: + + * hr + + + + + + + Inline Presentational module + Elements defined here: + + * b, big, i, small, sub, sup, tt + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-struct-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-struct-1.xsd new file mode 100644 index 00000000..60cbcbf5 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-struct-1.xsd @@ -0,0 +1,116 @@ + + + + + + This is the XML Schema Document Structure module for XHTML + Document Structure + + * title, head, body, html + + The Structure Module defines the major structural elements and + their attributes. + + $Id: xhtml-struct-1.xsd,v 1.8 2006/09/11 10:27:50 ahby Exp $ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-style-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-style-1.xsd new file mode 100644 index 00000000..1b3e7d3b --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-style-1.xsd @@ -0,0 +1,53 @@ + + + + + + + This is the XML Schema Stylesheets module for XHTML + $Id: xhtml-style-1.xsd,v 1.5 2006/09/11 10:14:57 ahby Exp $ + + + + + + Stylesheets + + * style + + This module declares the style element type and its attributes, + used to embed stylesheet information in the document head element. + + + + + + + This import brings in the XML namespace attributes + The module itself does not provide the schemaLocation + and expects the driver schema to provide the + actual SchemaLocation. + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-table-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-table-1.xsd new file mode 100644 index 00000000..ec76db3c --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-table-1.xsd @@ -0,0 +1,272 @@ + + + + + + + This is the XML Schema Tables module for XHTML + $Id: xhtml-table-1.xsd,v 1.3 2005/09/26 22:54:53 ahby Exp $ + + + + + + Tables + + * table, caption, thead, tfoot, tbody, colgroup, col, tr, th, td + + This module declares element types and attributes used to provide + table markup similar to HTML 4.0, including features that enable + better accessibility for non-visual user agents. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-text-1.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-text-1.xsd new file mode 100644 index 00000000..432bdad7 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xhtml-text-1.xsd @@ -0,0 +1,67 @@ + + + + + + Textual Content + This is the XML Schema Text module for XHTML + + The Text module includes declarations for all core + text container elements and their attributes. + + + block phrasal + + block structural + + inline phrasal + + inline structural + + $Id: xhtml-text-1.xsd,v 1.2 2005/09/26 22:54:53 ahby Exp $ + + + + + + + + Block Phrasal module + Elements defined here: + + * address, blockquote, pre, h1, h2, h3, h4, h5, h6 + + + + + + + Block Structural module + Elements defined here: + + * div, p + + + + + + + Inline Phrasal module + Elements defined here: + + * abbr, acronym, cite, code, dfn, em, kbd, q, samp, strong, var + + + + + + + Inline Structural module + Elements defined here: + + * br,span + + + + diff --git a/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xml.xsd b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xml.xsd new file mode 100644 index 00000000..eeb9db56 --- /dev/null +++ b/BKUViewer/src/main/resources/at/gv/egiz/bku/slxhtml/xml.xsd @@ -0,0 +1,145 @@ + + + + + + See http://www.w3.org/XML/1998/namespace.html and + http://www.w3.org/TR/REC-xml for information about this namespace. + + This schema document describes the XML namespace, in a form + suitable for import by other schema documents. + + Note that local names in this namespace are intended to be defined + only by the World Wide Web Consortium or its subgroups. The + following names are currently defined in this namespace and should + not be used with conflicting semantics by any Working Group, + specification, or document instance: + + base (as an attribute name): denotes an attribute whose value + provides a URI to be used as the base for interpreting any + relative URIs in the scope of the element on which it + appears; its value is inherited. This name is reserved + by virtue of its definition in the XML Base specification. + + id (as an attribute name): denotes an attribute whose value + should be interpreted as if declared to be of type ID. + This name is reserved by virtue of its definition in the + xml:id specification. + + lang (as an attribute name): denotes an attribute whose value + is a language code for the natural language of the content of + any element; its value is inherited. This name is reserved + by virtue of its definition in the XML specification. + + space (as an attribute name): denotes an attribute whose + value is a keyword indicating what whitespace processing + discipline is intended for the content of the element; its + value is inherited. This name is reserved by virtue of its + definition in the XML specification. + + Father (in any context at all): denotes Jon Bosak, the chair of + the original XML Working Group. This name is reserved by + the following decision of the W3C XML Plenary and + XML Coordination groups: + + In appreciation for his vision, leadership and dedication + the W3C XML Plenary on this 10th day of February, 2000 + reserves for Jon Bosak in perpetuity the XML name + xml:Father + + + + + This schema defines attributes and an attribute group + suitable for use by + schemas wishing to allow xml:base, xml:lang, xml:space or xml:id + attributes on elements they define. + + To enable this, such a schema must import this schema + for the XML namespace, e.g. as follows: + <schema . . .> + . . . + <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/xml.xsd"/> + + Subsequently, qualified reference to any of the attributes + or the group defined below will have the desired effect, e.g. + + <type . . .> + . . . + <attributeGroup ref="xml:specialAttrs"/> + + will define a type which will schema-validate an instance + element with any of those attributes + + + + In keeping with the XML Schema WG's standard versioning + policy, this schema document will persist at + http://www.w3.org/2007/08/xml.xsd. + At the date of issue it can also be found at + http://www.w3.org/2001/xml.xsd. + The schema document at that URI may however change in the future, + in order to remain compatible with the latest version of XML Schema + itself, or with the XML namespace itself. In other words, if the XML + Schema or XML namespaces change, the version of this document at + http://www.w3.org/2001/xml.xsd will change + accordingly; the version at + http://www.w3.org/2007/08/xml.xsd will not change. + + + + + + Attempting to install the relevant ISO 2- and 3-letter + codes as the enumerated possible values is probably never + going to be a realistic possibility. See + RFC 3066 at http://www.ietf.org/rfc/rfc3066.txt and the IANA registry + at http://www.iana.org/assignments/lang-tag-apps.htm for + further information. + + The union allows for the 'un-declaration' of xml:lang with + the empty string. + + + + + + + + + + + + + + + + + + + + + + + + See http://www.w3.org/TR/xmlbase/ for + information about this attribute. + + + + + + See http://www.w3.org/TR/xml-id/ for + information about this attribute. + + + + + + + + + + + diff --git a/BKUViewer/src/main/resources/org/w3c/css/properties/Config.properties b/BKUViewer/src/main/resources/org/w3c/css/properties/Config.properties new file mode 100644 index 00000000..0ece8cda --- /dev/null +++ b/BKUViewer/src/main/resources/org/w3c/css/properties/Config.properties @@ -0,0 +1,32 @@ +# configuration file for org.w3c.css.parser.CssFouffa +# Properties should be in the style directory + +# Is the parser should run in CSS2 ? +extended-parser: true + +# the CssStyle to use +#style for CSS1 +css1: org.w3c.css.properties.css1.Css1Style +#style for CSS2 (and mobile profile and TV profile) +css2: org.w3c.css.properties.css2.font.Css2Style +#style for CSS2.1 +css21: org.w3c.css.properties.css21.Css21Style +#style for CSS3 +css3: org.w3c.css.properties.css3.Css3Style +#SVG styles +svg : org.w3c.css.properties.svg.SVGStyle +svgbasic : org.w3c.css.properties.svg.SVGBasicStyle +svgtiny : org.w3c.css.properties.svg.SVGTinyStyle +#ATSC style +atsc-tv: org.w3c.css.properties.atsc.ATSCStyle +#SLXHMTL +slxhtml: at.gv.egiz.bku.slxhtml.css.SLXHTMLStyle + +#media +media: Media.properties + +# file containing the properties files for each profile +profilesProperties: ProfilesProperties.properties + +#default profile +defaultProfile: css21 diff --git a/BKUViewer/src/main/resources/org/w3c/css/properties/ProfilesProperties.properties b/BKUViewer/src/main/resources/org/w3c/css/properties/ProfilesProperties.properties new file mode 100644 index 00000000..8c2aded8 --- /dev/null +++ b/BKUViewer/src/main/resources/org/w3c/css/properties/ProfilesProperties.properties @@ -0,0 +1,30 @@ +# The list of properties to use + +# properties for CSS1 +css1 : CSS1Properties.properties + +# properties for CSS2 +css2 : CSS2Properties.properties + +# properties for CSS2.1 +css21 : CSS21Properties.properties + +# properties for CSS3 +css3 : CSS3Properties.properties + +# properties for mobile profile +mobile : MobileProperties.properties + +# properties for ATSC TV profile +atsc-tv : ATSCProperties.properties + +# properties for TV profile +tv : TVProperties.properties + +# properties for SVG profiles +svg : SVGProperties.properties +svgbasic : SVGBasicProperties.properties +svgtiny : SVGTinyProperties.properties + +# properties for SLXHTML profile +slxhtml : SLXHTMLProperties.properties diff --git a/BKUViewer/src/main/resources/org/w3c/css/properties/SLXHTMLProperties.properties b/BKUViewer/src/main/resources/org/w3c/css/properties/SLXHTMLProperties.properties new file mode 100644 index 00000000..dec68c11 --- /dev/null +++ b/BKUViewer/src/main/resources/org/w3c/css/properties/SLXHTMLProperties.properties @@ -0,0 +1,641 @@ +# All properties for all media + +# CSS2 Properties + +# Margin spacing +# +# The margin-top, margin-bottom, margin-left and margin-right properties +# must be supported by a Citizen Card Environment. Values specified as percentages +# (cf. section 3.5.1.2) should be supported. +# +# The margin property may be supported by a Citizen Card Environment. +# +# An instance document must not contain a negative value in the properties mentioned +# above. Otherwise it must be rejected by the Citizen Card Environment. + +margin-top: at.gv.egiz.bku.slxhtml.css.CssMarginTopSLXHTML +margin-bottom: at.gv.egiz.bku.slxhtml.css.CssMarginBottomSLXHTML +margin-left: at.gv.egiz.bku.slxhtml.css.CssMarginLeftSLXHTML +margin-right: at.gv.egiz.bku.slxhtml.css.CssMarginRightSLXHTML +margin: at.gv.egiz.bku.slxhtml.css.CssMarginSLXHTML + +# Padding spacing +# +# The padding-top, padding-bottom, padding-left and padding-right properties must be +# supported by a Citizen Card Environment. Values specified as percentages (cf. section +# 3.5.1.2) should be supported. +# +# The padding property may be supported by a Citizen Card Environment. +# +# An instance document must not contain a negative value in the properties +# mentioned above. Otherwise it must be rejected by the Citizen Card Environment. + +padding-top: at.gv.egiz.bku.slxhtml.css.CssPaddingTopSLXHTML +padding-bottom: at.gv.egiz.bku.slxhtml.css.CssPaddingBottomSLXHTML +padding-left: at.gv.egiz.bku.slxhtml.css.CssPaddingLeftSLXHTML +padding-right: at.gv.egiz.bku.slxhtml.css.CssPaddingRightSLXHTML +padding: at.gv.egiz.bku.slxhtml.css.CssPaddingSLXHTML + +# +# Borders +# + +# Border width +# +# The border-top-width, border-bottom-width, border-left-width, border-right-width +# and border-width properties should be supported by a Citizen Card Environment. If +# the properties are supported, the predefined values thin, medium and thick should +# also be supported (cf. [CSS 2], section 8.5.1). + +border-top-width: org.w3c.css.properties.css1.CssBorderTopWidthCSS2 +border-right-width: org.w3c.css.properties.css1.CssBorderRightWidthCSS2 +border-left-width: org.w3c.css.properties.css1.CssBorderLeftWidthCSS2 +border-bottom-width: org.w3c.css.properties.css1.CssBorderBottomWidthCSS2 + +# Border colour +# +# The border-top-color, border-bottom-color, border-left-color, border-right-color +# and border-color properties should be supported by a Citizen Card Environment. The +# predefined value transparent for the border-color property may be supported (cf. +# [CSS 2], section 8.5.2). + +border-top-color: at.gv.egiz.bku.slxhtml.css.CssBorderTopColorSLXHTML +border-right-color: at.gv.egiz.bku.slxhtml.css.CssBorderRightColorSLXHTML +border-left-color: at.gv.egiz.bku.slxhtml.css.CssBorderLeftColorSLXHTML +border-bottom-color: at.gv.egiz.bku.slxhtml.css.CssBorderBottomColorSLXHTML + +# Border style +# +# The border-top-style, border-bottom-style, border-left-style, border-right-style and +# border-style properties should be supported by a Citizen Card Environment. If the properties +# are supported, the predefined values none, dashed, dotted, solid and double should also +# be supported; all other values may be supported (cf. [CSS 2], section 8.5.3). + +border-top-style: org.w3c.css.properties.css1.CssBorderTopStyleCSS2 +border-right-style: org.w3c.css.properties.css1.CssBorderRightStyleCSS2 +border-left-style: org.w3c.css.properties.css1.CssBorderLeftStyleCSS2 +border-bottom-style: org.w3c.css.properties.css1.CssBorderBottomStyleCSS2 + +# Shorthand +# +# The properties for the shorthand version of the border properties (border-top, +# border-bottom, border-left, border-right and border (cf. [CSS 2], section 8.5.4) +# should be supported by a Citizen Card Environment. The recommended values result +# from the three previous sections. + +border-width: org.w3c.css.properties.css1.CssBorderWidthCSS2 +border-color: at.gv.egiz.bku.slxhtml.css.CssBorderColorSLXHTML +border-style: org.w3c.css.properties.css1.CssBorderStyleCSS2 +border-top: org.w3c.css.properties.css1.CssBorderTopCSS2 +border-right: org.w3c.css.properties.css1.CssBorderRightCSS2 +border-left: org.w3c.css.properties.css1.CssBorderLeftCSS2 +border-bottom: org.w3c.css.properties.css1.CssBorderBottomCSS2 +border: at.gv.egiz.bku.slxhtml.css.CssBorderSLXHTML + +# +# Positioning of boxes +# + +# Box type +# +# The property for controlling the box type (display) may be supported by a Citizen +# Card Environment (cf. [CSS 2], section 9.2). + +display: org.w3c.css.properties.css1.CssDisplayCSS2 + +# Positioning scheme +# +# The property for defining the positioning scheme for a box (position, cf. [CSS 2], +# section 9.3) must not be contained in an instance document to prevent content +# from overlapping. Otherwise the instance document must be rejected by the Citizen +# Card Environment. + +#! position: org.w3c.css.properties.css1.CssPosition + +# Box spacing +# +# The property for defining the positioning scheme for a box (top, bottom, left, right; +# cf. [CSS 2], section 9.3) must not be contained in an instance document to prevent +# content from overlapping. Otherwise the instance document must be rejected by the +# Citizen Card Environment. + +#! top: org.w3c.css.properties.css1.CssTop +#! right: org.w3c.css.properties.css1.CssRight +#! left: org.w3c.css.properties.css1.CssLeft +#! bottom: org.w3c.css.properties.css1.CssBottom + +# Flow around boxes +# +# The properties for defining the flow around boxes (float, clear) may be supported by +# a Citizen Card Environment (cf. [CSS 2], section 9.5). + +float: org.w3c.css.properties.css1.CssFloat +clear: org.w3c.css.properties.css1.CssClear + +# Positioning of boxes on the z-axis +# +# The property for defining the positioning of boxes on the z-axis (z-index, cf. [CSS 2], +# section 9.9) must not be contained in an instance document to prevent content from +# overlapping. Otherwise the instance document must be rejected by the Citizen Card Environment. + +#! z-index: org.w3c.css.properties.css1.CssZIndex + +# Text direction +# +# The properties for controlling the text direction (direction, unicode-bidi) may be +# supported by a Citizen Card Environment (cf. [CSS 2], section 9.10). + +direction: org.w3c.css.properties.css1.CssDirection +unicode-bidi: org.w3c.css.properties.css1.CssUnicodeBidi + +# +# Displaying boxes +# + +# Width and height +# +# The properties for specifying the width and height of a box (width, height, cf. [CSS 2], +# sections 10.2 and 10.5) must not be supported by a Citizen Card Environment to prevent +# content from overlapping. Otherwise the instance document must be rejected by the +# Citizen Card Environment. +# +# The properties for specifying the minimum width and height of a box (min-width, min-height) +# may be supported by a Citizen Card Environment (cf. [CSS 2], sections 10.4 and 10.7). +# +# The properties for specifying the maximum width and height of a box (max-width, max-height, +# cf. [CSS 2], sections 10.4 and 10.7) must not be supported by a Citizen Card Environment +# to prevent content from overlapping. Otherwise the instance document must be rejected by +# the Citizen Card Environment. + +#! width: org.w3c.css.properties.css1.CssWidth +min-width: org.w3c.css.properties.css1.CssMinWidth +#! max-width: org.w3c.css.properties.css1.CssMaxWidth +min-height: org.w3c.css.properties.css1.CssMinHeight +#! max-height: org.w3c.css.properties.css1.CssMaxHeight +#! height: org.w3c.css.properties.css1.CssHeight + +# Line height +# +# The properties for specifying the line height (line-height, vertical-align) should be +# supported by a Citizen Card (cf. [CSS 2], section 10.8). The only exception is the +# vertical-align property: In this case a Citizen Card Environment must be able to interpret +# the values sub and super. + +line-height: org.w3c.css.properties.css1.CssLineHeightCSS2 +vertical-align: org.w3c.css.properties.css1.CssVerticalAlign + +# +# Visible area in boxes +# + +# The property for specifying the visibility of a box (visibility) may be supported by a +# Citizen Card Environment (cf. [CSS 2], section 11). +# +# The properties for controlling the visible area of a box (overflow, clip; cf. [CSS 2], +# section 11) must not be contained in an instance document to prevent hidden content. Otherwise +# the instance document must be rejected by the Citizen Card Environment. + +#! overflow: org.w3c.css.properties.css1.CssOverflow +#! clip: org.w3c.css.properties.css1.CssClip +visibility: org.w3c.css.properties.css1.CssVisibility + +# +# Generated content, numbering, lists +# + +# Generated content +# +# The property for generating content (content) may be supported by a Citizen Card Environment +# (cf. [CSS 2], section 12.2). + +content: org.w3c.css.properties.css1.CssContentCSS2 + +# Displaying quotation marks +# +# The property for displaying quotation marks (quotes) may be supported by a Citizen Card +# Environment (cf. [CSS 2], section 12.3). + +quotes: org.w3c.css.properties.css1.CssQuotes + +# Numbering +# +# The properties for automatic numbering (counter-reset, counter-increment) may be supported +# by a Citizen Card Environment (cf. [CSS 2], section 12.5). + +counter-reset: org.w3c.css.properties.css1.CssCounterReset +counter-increment: org.w3c.css.properties.css1.CssCounterIncrement + +# +# Markers and lists +# + +# Marker spacing +# +# The property for defining the space between a marker and the associated box +# (marker-offset) may be supported by a Citizen Card Environment (cf. [CSS 2], +# section 12.6.1). + +marker-offset: org.w3c.css.properties.css1.CssMarkerOffset + +# List symbols +# +# For the property for selecting the list symbol (list-style-type) a Citizen +# Card Environment must support the values none, disc, circle, square, decimal, +# decimal-leading-zero, lower-roman, upper-roman, lower-alpha, lower-latin, +# upper-alpha and upper-latin. The other values may be supported (cf. [CSS 2], +# section 12.6.2). + +list-style-type: org.w3c.css.properties.css1.CssListStyleTypeCSS2 + +# Position of the list symbol +# +# The property for positioning the list symbol in relation to the associated box +# (list-style-position) should be supported by a Citizen Card Environment (cf. [CSS 2], +# section 12.6.2). + +list-style-position: org.w3c.css.properties.css1.CssListStylePositionCSS2 + +# Image as a list symbol +# +# The property for selecting an image as a list symbol (list-style-image) may be supported +# by a Citizen Card Environment (cf. [CSS 2], section 12.6.2). If the Citizen Card Environment +# supports this property, then it must proceed in respect of the integration of the image +# in the signature as described in section 2.1.7. + +# optional, not supported: +#! list-style-image: org.w3c.css.properties.css1.CssListStyleImageCSS2 + +# Shorthand +# +# The property for the shorthand version of the list properties (list-style) should be supported +# by a Citizen Card Environment. The recommended values result from the explanations for the +# list-style-type, list-style-position and list-style-image properties above (cf. [CSS 2], +# section 12.6.2). + +list-style: org.w3c.css.properties.css1.CssListStyleCSS2 + +# Page-based media +# +# The properties for page-based media may be supported by a Citizen Card Environment (size, marks, +# page-break-before, page-break-inside, page-break-after, page, orphans and widows (cf. [CSS 2], +# section 13). + +page-break-before: org.w3c.css.properties.paged.PageBreakBefore +page-break-after: org.w3c.css.properties.paged.PageBreakAfter +page-break-inside: org.w3c.css.properties.paged.PageBreakInside +page: org.w3c.css.properties.paged.Page +orphans: org.w3c.css.properties.paged.Orphans +widows: org.w3c.css.properties.paged.Widows + +@page.size: org.w3c.css.properties.paged.Size +@page.marks: org.w3c.css.properties.paged.Marks +@page.page-break-before: org.w3c.css.properties.paged.PageBreakBefore +@page.page-break-after: org.w3c.css.properties.paged.PageBreakAfter +@page.page-break-inside: org.w3c.css.properties.paged.PageBreakInside +@page.page: org.w3c.css.properties.paged.Page +@page.orphans: org.w3c.css.properties.paged.Orphans +@page.widows: org.w3c.css.properties.paged.Widows + + +# +# Colours and background +# + +# A Citizen Card Environment must support all the options for specifying a colour listed in [CSS 2], +# section 4.3.6 for a CSS property, if such an option is available for this property according to [CSS 2]. +# +# The exceptions are the system colours (cf. [CSS 2], section 18.2); these must not be used in an +# instance document so as to prevent dependencies on the system environment. Otherwise the instance +# document must be rejected by the Citizen Card Environment. + +# Colour + +# The property for defining the foreground colour of the content of an element (color) must be +# supported by a Citizen Card Environment (cf. [CSS 2], section 14.1). + +color: at.gv.egiz.bku.slxhtml.css.CssColorSLXHTML + +# Background +# +# The property for defining the background colour of the content of an element (background-color) +# must be supported by a Citizen Card Environment (cf. [CSS 2], section 14.2.1). +# +# The properties for selecting and controlling an image as background (background-image, background-repeat, +# background-position, background-attachment; cf. [CSS 2], section 14.2.1) must not be contained in an +# instance document to prevent content from overlapping. Otherwise the instance document must be +# rejected by the Citizen Card Environment. + +# The property for the shorthand version of the background properties (background) should be supported +# by a Citizen Card Environment. The recommended values result from the explanations for the background-color +# property above (cf. [CSS 2], section 14.2.1). If the property contains values for selecting and controlling +# an image as background, the instance document must be rejected by the Citizen Card Environment. + +background-color: at.gv.egiz.bku.slxhtml.css.CssBackgroundColorSLXHTML +#! background-image: org.w3c.css.properties.css1.CssBackgroundImageCSS2 +#! background-repeat: org.w3c.css.properties.css1.CssBackgroundRepeatCSS2 +#! background-attachment: org.w3c.css.properties.css1.CssBackgroundAttachmentCSS2 +#! background-position: org.w3c.css.properties.css1.CssBackgroundPositionCSS2 +background: at.gv.egiz.bku.slxhtml.css.CssBackgroundSLXHTML + +# +# Fonts +# +# +# For the property for selecting a font family (font-family), a Citizen Card Environment must +# support the predefined values serif, sans-serif and monospaced for the general font families. +# All other values may be supported by a Citizen Card Environment (cf. [CSS 2], section 15.2.2). +# +# If a preferred font family is specified in the instance document that cannot be displayed by the +# Citizen Card Environment, then the Citizen Card Environment may still display the instance +# document if another displayable font family has been specified as an alternative. For example, +# if the specification in the instance document is font-family: "Times New Roman", serif, then the +# Citizen Card Environment may display the instance document in the secure viewer even if it does +# not know the Times New Roman font family (as it must always support serif). + +font-family: org.w3c.css.properties.css1.CssFontFamilyCSS2 + +# Font style +# +# The properties for defining the font style (font-style) and font weight (font-weight) +# must be supported by a Citizen Card Environment. The values normal and italic must be supported, +# while the value oblique should be supported. +# +# The property for defining the font variant (font-variant) should be supported by a Citizen Card +# Environment, while the property for defining the font stretch (font-stretch) may be supported +# by a Citizen Card Environment (cf. [CSS 2], section 15.2.3). + +font-style: org.w3c.css.properties.css1.CssFontStyleCSS2 +font-weight: org.w3c.css.properties.css1.CssFontWeightCSS2 +font-variant: org.w3c.css.properties.css1.CssFontVariantCSS2 +font-stretch: org.w3c.css.properties.css1.CssFontStretchCSS2 + +# Font size +# +# The property for specifying the font size (font-size) must be supported by a Citizen +# Card Environment. The property for specifying the stretch ratio (font-size-adjust) may +# be supported by a Citizen Card Environment (cf. [CSS 2], section 15.2.4). + +font-size: org.w3c.css.properties.css1.CssFontSizeCSS2 +font-size-adjust: org.w3c.css.properties.css1.CssFontSizeAdjustCSS2 + +# Shorthand +# +# The property for the shorthand version of the font properties (font) should be supported by +# a Citizen Card Environment (cf. [CSS 2], section 15.2.5). The recommended values result from +# the explanations above for the font-style, font-variant, font-weight, font-size and font-family +# properties and the explanations for the line-height property in section 3.5.4.2. +# +# The additional, predefined values relating to the system fonts used (caption, icon, etc.) must +# not be contained in an instance document so as to prevent dependencies on the system environment. +# Otherwise the instance document must be rejected by the Citizen Card Environment. + +font: at.gv.egiz.bku.slxhtml.css.CssFontSLXHTML + +# +# Displaying text +# + +# Non-displayable characters +# +# If the text of an instance document contains a character that cannot be displayed by the +# Citizen Card Environment, then the instance document must be rejected by the Citizen Card +# Environment. The character must not be represented by a placeholder. + +# FIXME: How to implement?! + +# Indent +# +# The property for indenting the first line of a text block (text-indent) should be supported +# by a Citizen Card Environment (cf. [CSS 2], section 16.1). + +text-indent: org.w3c.css.properties.css1.CssTextIndent + +# Alignment +# +# For the property for aligning the content of a text block (text-align) a Citizen Card Environment +# must support the values left, right and center. The value justified should be supported, +# while the specification of a string value may be supported (cf. [CSS 2], section 16.2). + +text-align: org.w3c.css.properties.css1.CssTextAlign + +# Text decoration +# +# For the property for decorating a text (text-decoration; cf. [CSS 2], section 16.3.1) a +# Citizen Card Environment must support the values none, underline and line-through. +# +# The value blink must not be contained in an instance document. Otherwise the instance +# document must be rejected by the Citizen Card Environment. +# +# The other values may be supported by a Citizen Card Environment. + +text-decoration: at.gv.egiz.bku.slxhtml.css.CssTextDecorationSLXHTML + +# Shadows +# +# The property for specifying a text shadow (text-shadow) may be supported by a Citizen Card +# Environment (cf. [CSS 2], section 16.3.2). + +text-shadow: org.w3c.css.properties.css1.CssTextShadow + +# Word and letter spacing +# +# The word-spacing and letter-spacing should be supported by a Citizen Card Environment +# (cf. [CSS 2], section 16.4). +# +# An instance document must not contain negative values in order to prevent content from +# overlapping. Otherwise the instance document must be rejected by the Citizen Card Environment. + +word-spacing: at.gv.egiz.bku.slxhtml.css.CssWordSpacingSLXHTML +letter-spacing: at.gv.egiz.bku.slxhtml.css.CssLetterSpacingSLXHTML + +# Capitalisation +# +# The property for specifying the capitalisation of the text of an element (text-transform) +# may be supported by a Citizen Card Environment (cf. [CSS 2], section 16.5). + +text-transform: org.w3c.css.properties.css1.CssTextTransform + +# White space +# +# The property for the handling of white space within the text of an element (white-space) should +# be supported by a Citizen Card Environment (cf. [CSS 2], section 16.6). + +white-space: org.w3c.css.properties.css1.CssWhiteSpace + +# +# Tables +# + +# Position of caption +# +# A Citizen Card Environment should support the top and bottom properties for the property for +# specifying the position when labelling a table (caption-side); the properties left and right +# may be supported (cf. [CSS 2], section 17.4.1). + +caption-side: org.w3c.css.properties.css2.table.CaptionSide + +# Layout algorithm +# +# The property for defining the layout algorithm for a table (table-layout) may be supported by +# a Citizen Card Environment (cf. [CSS 2], section 17.5.2). +# +# However, the fixed value must not be supported because the layout algorithm selected with it can +# cause content to overlap. +# +# In general, the viewer component of the Citizen Card Environment must use a layout algorithm for a +# table that does not generate an overflow, in other words with which the content of every table +# element can be rendered so that it does not extend beyond the confines of the table element. +# There is an example of such an algorithm in [CSS 2], section 17.5.2, subsection Automatic table layout. + +table-layout: at.gv.egiz.bku.slxhtml.css.TableLayoutSLXHTML +row-span: org.w3c.css.properties.css2.table.RowSpan +column-span: org.w3c.css.properties.css2.table.ColumnSpan + +# Borders +# +# The properties for displaying borders in tables (border-collapse, border-spacing, empty-cells) may +# be supported by a Citizen Card Environment (cf. [CSS 2], section 17.6). + +border-collapse: org.w3c.css.properties.css2.table.BorderCollapse +border-spacing: org.w3c.css.properties.css2.table.BorderSpacing +empty-cells: org.w3c.css.properties.css2.table.EmptyCells + +# Voice output +# +# The property for controlling the voice output of the column headers in a table (speak-header) may +# be supported by a Citizen Card Environment (cf. [CSS 2], section 17.7.1). + +speak-header: org.w3c.css.properties.css2.table.SpeakHeader + +# +# User interface +# + +# Cursor format +# +# The property for controlling the cursor format (cursor; cf. [CSS 2], section 18.1) must not be +# contained in an instance document. Otherwise the instance document must be rejected by the Citizen +# Card Environment. + +#! cursor: org.w3c.css.properties.css2.user.CursorCSS2 + +# Contours +# +# The properties for defining element contours (outline-width, outline-style, outline-color and +# outline; cf. [CSS 2], section 18.4) must not be contained in an instance document. Otherwise the +# instance document must be rejected by the Citizen Card Environment. + +#! outline: org.w3c.css.properties.css2.user.Outline +#! outline-width: org.w3c.css.properties.css2.user.OutlineWidth +#! outline-style: org.w3c.css.properties.css2.user.OutlineStyle +#! outline-color: org.w3c.css.properties.css2.user.OutlineColor + +# +# Aural Properties +# +# The properties for the voice output of a document (cf. [CSS 2], section 19) may be supported +# by a Citizen Card Environment. + +volume: org.w3c.css.properties.aural.ACssVolume +pause-before: org.w3c.css.properties.aural.ACssPauseBefore +pause-after: org.w3c.css.properties.aural.ACssPauseAfter +pause: org.w3c.css.properties.aural.ACssPause +cue-before: org.w3c.css.properties.aural.ACssCueBefore +cue-after: org.w3c.css.properties.aural.ACssCueAfter +cue: org.w3c.css.properties.aural.ACssCue +play-during: org.w3c.css.properties.aural.ACssPlayDuring +voice-family: org.w3c.css.properties.aural.ACssVoiceFamily +elevation: org.w3c.css.properties.aural.ACssElevation +speech-rate: org.w3c.css.properties.aural.ACssSpeechRate +pitch: org.w3c.css.properties.aural.ACssPitch +pitch-range: org.w3c.css.properties.aural.ACssPitchRange +stress: org.w3c.css.properties.aural.ACssStress +richness: org.w3c.css.properties.aural.ACssRichness +speak-punctuation: org.w3c.css.properties.aural.ACssSpeakPunctuation +speak-date: org.w3c.css.properties.aural.ACssSpeakDate +speak-numeral: org.w3c.css.properties.aural.ACssSpeakNumeral +speak-time: org.w3c.css.properties.aural.ACssSpeakTime +speak: org.w3c.css.properties.aural.ACssSpeak +azimuth: org.w3c.css.properties.aural.ACssAzimuth + +# +# @page +# +# The @page rule for defining the page properties for page-based output media may be +# supported by a Citizen Card Environment (cf. [CSS 2], section 13, and section 3.5.7 +# of this document). +# + +@page.margin-top: org.w3c.css.properties.css1.CssMarginTop +@page.margin-bottom: org.w3c.css.properties.css1.CssMarginBottom +@page.margin-left: org.w3c.css.properties.css1.CssMarginLeft +@page.margin-right: org.w3c.css.properties.css1.CssMarginRight +@page.margin: org.w3c.css.properties.css1.CssMargin +@page.padding-top: org.w3c.css.properties.css1.CssPaddingTop +@page.padding-bottom: org.w3c.css.properties.css1.CssPaddingBottom +@page.padding-left: org.w3c.css.properties.css1.CssPaddingLeft +@page.padding-right: org.w3c.css.properties.css1.CssPaddingRight +@page.padding: org.w3c.css.properties.css1.CssPadding +@page.border-top-width: org.w3c.css.properties.css1.CssBorderTopWidthCSS2 +@page.border-right-width: org.w3c.css.properties.css1.CssBorderRightWidthCSS2 +@page.border-left-width: org.w3c.css.properties.css1.CssBorderLeftWidthCSS2 +@page.border-bottom-width: org.w3c.css.properties.css1.CssBorderBottomWidthCSS2 +@page.border-top-color: org.w3c.css.properties.css1.CssBorderTopColorCSS2 +@page.border-right-color: org.w3c.css.properties.css1.CssBorderRightColorCSS2 +@page.border-left-color: org.w3c.css.properties.css1.CssBorderLeftColorCSS2 +@page.border-bottom-color: org.w3c.css.properties.css1.CssBorderBottomColorCSS2 +@page.border-top-style: org.w3c.css.properties.css1.CssBorderTopStyleCSS2 +@page.border-right-style: org.w3c.css.properties.css1.CssBorderRightStyleCSS2 +@page.border-left-style: org.w3c.css.properties.css1.CssBorderLeftStyleCSS2 +@page.border-bottom-style: org.w3c.css.properties.css1.CssBorderBottomStyleCSS2 +@page.border-width: org.w3c.css.properties.css1.CssBorderWidthCSS2 +@page.border-color: org.w3c.css.properties.css1.CssBorderColorCSS2 +@page.border-style: org.w3c.css.properties.css1.CssBorderStyleCSS2 +@page.border-top: org.w3c.css.properties.css1.CssBorderTopCSS2 +@page.border-right: org.w3c.css.properties.css1.CssBorderRightCSS2 +@page.border-left: org.w3c.css.properties.css1.CssBorderLeftCSS2 +@page.border-bottom: org.w3c.css.properties.css1.CssBorderBottomCSS2 +@page.border: org.w3c.css.properties.css1.CssBorderCSS2 +@page.display: org.w3c.css.properties.css1.CssDisplayCSS2 +@page.position: org.w3c.css.properties.css1.CssPosition +@page.z-index: org.w3c.css.properties.css1.CssZIndex +@page.direction: org.w3c.css.properties.css1.CssDirection +@page.unicode-bidi: org.w3c.css.properties.css1.CssUnicodeBidi +@page.top: org.w3c.css.properties.css1.CssTop +@page.right: org.w3c.css.properties.css1.CssRight +@page.left: org.w3c.css.properties.css1.CssLeft +@page.bottom: org.w3c.css.properties.css1.CssBottom +@page.float: org.w3c.css.properties.css1.CssFloat +@page.clear: org.w3c.css.properties.css1.CssClear + +# +# @font-face +# +# The @font-face rule for describing or referencing additional font families (cf. [CSS 2], +# section 15.3) must not be used in an instance document. The viewer component of the Citizen +# Card Environment must reject an instance document containing a @font-face rule. + +#! @font-face.font-style: org.w3c.css.properties.css2.font.FontStyle +#! @font-face.font-variant: org.w3c.css.properties.css2.font.FontVariant +#! @font-face.font-weight: org.w3c.css.properties.css2.font.FontWeight +#! @font-face.font-size: org.w3c.css.properties.css2.font.FontSize +#! @font-face.font-family: org.w3c.css.properties.css2.font.FontFamily +#! @font-face.font-stretch: org.w3c.css.properties.css2.font.FontStretch +#! @font-face.unicode-range: org.w3c.css.properties.css2.font.UnicodeRange +#! @font-face.units-per-em: org.w3c.css.properties.css2.font.UnitsPerEm +#! @font-face.src: org.w3c.css.properties.css2.font.Src +#! @font-face.panose-1: org.w3c.css.properties.css2.font.Panose1 +#! @font-face.stemv: org.w3c.css.properties.css2.font.Stemv +#! @font-face.stemh: org.w3c.css.properties.css2.font.Stemh +#! @font-face.slope: org.w3c.css.properties.css2.font.Slope +#! @font-face.cap-height: org.w3c.css.properties.css2.font.CapHeight +#! @font-face.x-hegiht: org.w3c.css.properties.css2.font.XHeight +#! @font-face.widths: org.w3c.css.properties.css2.font.Widths +#! @font-face.ascent: org.w3c.css.properties.css2.font.Ascent +#! @font-face.descent: org.w3c.css.properties.css2.font.Descent +#! @font-face.bbox: org.w3c.css.properties.css2.font.Bbox +#! @font-face.baseline: org.w3c.css.properties.css2.font.Baseline +#! @font-face.centerline: org.w3c.css.properties.css2.font.Centerline +#! @font-face.definition-src: org.w3c.css.properties.css2.font.DefinitionSrc +#! @font-face.mathline: org.w3c.css.properties.css2.font.Mathline +#! @font-face.topline: org.w3c.css.properties.css2.font.Topline diff --git a/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java b/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java new file mode 100644 index 00000000..38c64262 --- /dev/null +++ b/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java @@ -0,0 +1,66 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml; + +import static org.junit.Assert.*; + +import java.io.InputStream; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.junit.Test; + +import at.gv.egiz.bku.viewer.ValidationException; +import at.gv.egiz.bku.viewer.Validator; +import at.gv.egiz.bku.viewer.ValidatorFactory; + + +public class ValidatorTest { + + private static Log log = LogFactory.getLog(ValidatorTest.class); + + @Test + public void testGetInstance() { + + Validator validator = ValidatorFactory.newValidator("application/xhtml+xml"); + + assertNotNull(validator); + + } + + @Test + public void testValidate() throws ValidationException { + + String slxhtmlFile = "at/gv/egiz/bku/slxhtml/test.xhtml"; + + Validator validator = ValidatorFactory.newValidator("application/xhtml+xml"); + + ClassLoader cl = ValidatorTest.class.getClassLoader(); + InputStream slxhtml = cl.getResourceAsStream(slxhtmlFile); + long t0 = System.currentTimeMillis(); + try { + validator.validate(slxhtml, null); + } catch (ValidationException e) { + e.printStackTrace(); + throw e; + } + long t1 = System.currentTimeMillis(); + log.info("Validated SLXHTML file '" + slxhtmlFile + "' in " + (t1 - t0) + "ms."); + + } + +} diff --git a/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/css/CssValidatorTest.java b/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/css/CssValidatorTest.java new file mode 100644 index 00000000..2b4740f9 --- /dev/null +++ b/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/css/CssValidatorTest.java @@ -0,0 +1,75 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slxhtml.css; + +import static org.junit.Assert.*; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.util.Locale; +import java.util.Properties; +import java.util.Set; + +import org.junit.Test; + +import at.gv.egiz.bku.viewer.ValidationException; + +public class CssValidatorTest { + + @Test + public void testProperties() throws IOException { + + ClassLoader cs = CssValidatorTest.class.getClassLoader(); + InputStream is = cs.getResourceAsStream("org/w3c/css/properties/SLXHTMLProperties.properties"); + + assertNotNull(is); + + Properties cssProperties = new Properties(); + cssProperties.load(is); + + Set names = cssProperties.stringPropertyNames(); + for (String name : names) { + String className = cssProperties.getProperty(name); + try { + Class.forName(className); + } catch (ClassNotFoundException e) { + fail("Implementation class '" + className + "' for property '" + name + "' not found."); + } + + } + + } + + @Test(expected=ValidationException.class) + public void testValidator() throws UnsupportedEncodingException, ValidationException { + + String css = "@charset \"ABCDEFG\";\n" + + " @import url(http://test.abc/test); * { color: black }"; + ByteArrayInputStream input = new ByteArrayInputStream(css.getBytes("UTF-8")); + + CSSValidatorSLXHTML validator = new CSSValidatorSLXHTML(); + + Locale locale = new Locale("de"); + + validator.validate(input, locale, "Test", 10); + + } + + +} diff --git a/BKUViewer/src/test/resources/at/gv/egiz/bku/slxhtml/test.xhtml b/BKUViewer/src/test/resources/at/gv/egiz/bku/slxhtml/test.xhtml new file mode 100644 index 00000000..cbd29551 --- /dev/null +++ b/BKUViewer/src/test/resources/at/gv/egiz/bku/slxhtml/test.xhtml @@ -0,0 +1,10 @@ + + + + Ein einfaches SLXHTML-Dokument + @font-face { color: red }; p { color: red; } + + + Ich bin ein einfacher Text in rot. + + diff --git a/BKUViewer/src/test/resources/commons-logging.properties b/BKUViewer/src/test/resources/commons-logging.properties new file mode 100644 index 00000000..29292562 --- /dev/null +++ b/BKUViewer/src/test/resources/commons-logging.properties @@ -0,0 +1 @@ +org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JLogger diff --git a/BKUViewer/src/test/resources/log4j.properties b/BKUViewer/src/test/resources/log4j.properties new file mode 100644 index 00000000..053eac17 --- /dev/null +++ b/BKUViewer/src/test/resources/log4j.properties @@ -0,0 +1,19 @@ +# loglever DEBUG, appender STDOUT +log4j.rootLogger=TRACE, STDOUT +#log4j.logger.at.gv.egiz.slbinding.RedirectEventFilter=DEBUG, STDOUT + +# STDOUT appender +log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender +log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout +#log4j.appender.STDOUT.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n +#log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n +log4j.appender.STDOUT.layout.ConversionPattern=%-5p |%d | %t | %c %x- %m%n + +### FILE appender +#log4j.appender.file=org.apache.log4j.RollingFileAppender +#log4j.appender.file.maxFileSize=100KB +#log4j.appender.file.maxBackupIndex=9 +#log4j.appender.file.File=egovbus_ca.log +#log4j.appender.file.threshold=info +#log4j.appender.file.layout=org.apache.log4j.PatternLayout +#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n \ No newline at end of file diff --git a/bkucommon/pom.xml b/bkucommon/pom.xml index 2ccf0766..2db0cc84 100644 --- a/bkucommon/pom.xml +++ b/bkucommon/pom.xml @@ -1,7 +1,5 @@ - + bku at.gv.egiz @@ -42,10 +40,13 @@ commons-httpclient compile + + xerces + xercesImpl + xalan xalan - 2.7.0 iaik diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java index 253f8ff5..1a22f787 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/InputStreamPartSource.java @@ -14,11 +14,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ - package at.gv.egiz.bku.binding.multipart; import java.io.IOException; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java index 566b77b3..5585f02e 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java @@ -14,11 +14,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ - package at.gv.egiz.bku.binding.multipart; import at.gv.egiz.bku.slcommands.SLResult; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java index 136fa6f3..628326cf 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java @@ -44,7 +44,9 @@ import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory; import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl; import at.gv.egiz.bku.slcommands.impl.xsect.Signature; import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLViewerException; import at.gv.egiz.dom.DOMUtils; import at.gv.egiz.stal.InfoboxReadRequest; import at.gv.egiz.stal.InfoboxReadResponse; @@ -166,9 +168,10 @@ public class CreateXMLSignatureCommandImpl extends SLCommandImpltrue if validation should be enabled, or + * false otherwise. + */ + public static void enableHashDataInputValidation(boolean validate) { + DataObject.validate = validate; + } + + /** + * @return true if hash data input validation is enabled, + * or false otherwise. + */ + public static boolean isHashDataInputValidationEnabled() { + return validate; + } + + /** + * Valid MIME types. + */ + private static String[] validMimeTypes = DEFAULT_PREFFERED_MIME_TYPES; + + /** + * Sets the list of valid hash data input media types. + *

The array is also used for transformation path selection. + * The transformation path with a final type, that appears in the + * given array in the earliest position is used selected.

+ * + * @param mediaTypes an array of MIME media types. + */ + public static void setValidHashDataInputMediaTypes(String[] mediaTypes) { + validMimeTypes = mediaTypes; + } + /** * The DOM implementation used. */ @@ -184,7 +230,70 @@ public class DataObject { public String getDescription() { return description; } - + + public void validateHashDataInput() throws SLViewerException { + + if (validate) { + + if (reference == null) { + log.error("Medthod validateHashDataInput() called before reference has been created."); + throw new SLViewerException(5000); + } + + InputStream digestInputStream = reference.getDigestInputStream(); + if (digestInputStream == null) { + log.error("Method validateHashDataInput() called before reference has been generated " + + "or reference caching is not enabled."); + throw new SLViewerException(5000); + } + + if (mimeType == null) { + log.info("FinalDataMetaInfo does not specify MIME type of to be signed data."); + // TODO: add detailed message + throw new SLViewerException(5000); + } + + // get MIME media type + String mediaType = mimeType.split(";")[0].trim(); + // and optional charset + String charset = HttpUtil.getCharset(mimeType, false); + + if (Arrays.asList(validMimeTypes).contains(mediaType)) { + + Validator validator; + try { + validator = ValidatorFactory.newValidator(mediaType); + } catch (IllegalArgumentException e) { + log.error("No validator found for mime type '" + mediaType + "'."); + throw new SLViewerException(5000); + } + + try { + validator.validate(digestInputStream, charset); + } catch (ValidationException e) { + if ("text/plain".equals(mediaType)) { + log.info("Data to be displayed contains unsupported characters.", e); + // TODO: add detailed message + throw new SLViewerException(5003); + } else if ("application/xhtml+xml".equals(mediaType)) { + // TODO: add detailed message + log.info("Standard display format: HTML does not conform to specification.", e); + throw new SLViewerException(5004); + } else { + // TODO: add detailed message + log.info("Data to be displayed is invalid.", e); + throw new SLViewerException(5000); + } + } + + } else { + log.info("MIME media type '" + mediaType + "' is not a valid digest input."); + throw new SLViewerException(5001); + } + } + + } + /** * Configures this DataObject with the information provided within the given * sl:DataObjectInfo. diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java index eba1d96d..2d89c8ae 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java @@ -17,6 +17,8 @@ package at.gv.egiz.bku.slcommands.impl.xsect; import at.gv.egiz.bku.slcommands.impl.HashDataInputImpl; +import at.gv.egiz.bku.slexceptions.SLViewerException; + import java.io.ByteArrayOutputStream; import java.security.InvalidKeyException; import java.security.InvalidParameterException; @@ -123,9 +125,14 @@ public class STALSignature extends SignatureSpi { // log.debug("got " + dataObjects.size() + " DataObjects, passing HashDataInputs to STAL SignRequest"); List hashDataInputs = new ArrayList(); - for (DataObject dataObject : dataObjects) { - hashDataInputs.add(new HashDataInputImpl(dataObject)); + for (DataObject dataObject : dataObjects) { + try { + dataObject.validateHashDataInput(); + } catch (SLViewerException e) { + throw new STALSignatureException(e); } + hashDataInputs.add(new HashDataInputImpl(dataObject)); + } SignRequest signRequest = new SignRequest(); signRequest.setKeyIdentifier(keyboxIdentifier); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java index 191f8371..2330ed3f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java @@ -81,6 +81,7 @@ import at.buergerkarte.namespaces.securitylayer._1.SignatureInfoCreationType; import at.gv.egiz.bku.binding.HttpUtil; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLViewerException; import at.gv.egiz.bku.utils.HexDump; import at.gv.egiz.bku.utils.urldereferencer.StreamData; import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; @@ -387,10 +388,11 @@ public class Signature { * if signing the XMLSignature fails * @throws SLCommandException * if building the XMLSignature fails + * @throws SLViewerException * @throws NullPointerException * if signContext is null */ - public void sign(DOMSignContext signContext) throws MarshalException, XMLSignatureException, SLCommandException { + public void sign(DOMSignContext signContext) throws MarshalException, XMLSignatureException, SLCommandException, SLViewerException { if (xmlSignature == null) { buildXMLSignature(); @@ -415,6 +417,9 @@ public class Signature { Throwable cause = e.getCause(); while (cause != null) { if (cause instanceof STALSignatureException) { + if (((STALSignatureException) cause).getCause() instanceof SLViewerException) { + throw (SLViewerException) ((STALSignatureException) cause).getCause(); + } int errorCode = ((STALSignatureException) cause).getErrorCode(); SLCommandException commandException = new SLCommandException(errorCode); log.info("Failed to sign signature.", commandException); @@ -482,11 +487,12 @@ public class Signature { * if signing this Signature fails * @throws SLCommandException * if building this Signature fails + * @throws SLViewerException * @throws NullPointerException * if stal or keyboxIdentifier is * null */ - public void sign(STAL stal, String keyboxIdentifier) throws MarshalException, XMLSignatureException, SLCommandException { + public void sign(STAL stal, String keyboxIdentifier) throws MarshalException, XMLSignatureException, SLCommandException, SLViewerException { if (stal == null) { throw new NullPointerException("Argument 'stal' must not be null."); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java index 1d128a00..853328d5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLViewerException.java @@ -17,9 +17,12 @@ package at.gv.egiz.bku.slexceptions; public class SLViewerException extends SLException { - + + public SLViewerException(int errorCode) { + super(errorCode); + } + public SLViewerException(int errorCode, String msg, Object[] args) { super(errorCode, msg, args); - // TODO Auto-generated constructor stub } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidationException.java b/bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidationException.java new file mode 100644 index 00000000..fb332a09 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidationException.java @@ -0,0 +1,38 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.viewer; + +public class ValidationException extends Exception { + + private static final long serialVersionUID = 1L; + + public ValidationException() { + } + + public ValidationException(String message) { + super(message); + } + + public ValidationException(Throwable cause) { + super(cause); + } + + public ValidationException(String message, Throwable cause) { + super(message, cause); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/viewer/Validator.java b/bkucommon/src/main/java/at/gv/egiz/bku/viewer/Validator.java new file mode 100644 index 00000000..08b21080 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/viewer/Validator.java @@ -0,0 +1,25 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.viewer; + +import java.io.InputStream; + +public interface Validator { + + public void validate(InputStream is, String charset) throws ValidationException; + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidatorFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidatorFactory.java new file mode 100644 index 00000000..e16a261e --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/viewer/ValidatorFactory.java @@ -0,0 +1,165 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.viewer; + +import java.io.IOException; +import java.net.URL; +import java.util.Collections; +import java.util.Enumeration; +import java.util.Iterator; +import java.util.List; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class ValidatorFactory { + + /** + * Logging facility. + */ + protected static Log log = LogFactory.getLog(ValidatorFactory.class); + + private static final Class VALIDATOR_CLASS = Validator.class; + + private static final String SERVICE_ID = "META-INF/services/" + VALIDATOR_CLASS.getName(); + + /** + * Creates a new Validator for the given mimeType. + * + * @param mimeType + * + * @return + * + * @throws IllegalArgumentException + * if no Validator for the mimeType could be found + */ + public static Validator newValidator(String mimeType) throws IllegalArgumentException { + + ClassLoader classLoader = ValidatorFactory.class.getClassLoader(); + ValidatorFactory factory = new ValidatorFactory(classLoader); + + Validator validator = factory.createValidator(mimeType); + + if (validator == null) { + throw new IllegalArgumentException("Validator for '" + mimeType + + "' could not be found."); + } + + return validator; + + } + + private ClassLoader classLoader; + + /** + * Private constructor. + * + * @param classLoader must not be null + */ + private ValidatorFactory(ClassLoader classLoader) { + + if (classLoader == null) { + throw new NullPointerException("Argument 'classLoader' must no be null."); + } + + this.classLoader = classLoader; + + } + + private Validator createValidator(String mimeType) { + + Iterator serviceIterator = createServiceIterator(); + while (serviceIterator.hasNext()) { + URL url = serviceIterator.next(); + + Properties properties = new Properties(); + try { + properties.load(url.openStream()); + } catch (IOException e) { + log.error("Failed to load service properties " + url.toExternalForm()); + continue; + } + String className = properties.getProperty(mimeType); + if (className != null) { + try { + return createValidatorInstance(className); + } catch (Exception e) { + continue; + } + } + + } + + return null; + + } + + private Validator createValidatorInstance(String className) + throws ClassNotFoundException, InstantiationException, + IllegalAccessException { + + try { + Class implClass = classLoader.loadClass(className); + return (Validator) implClass.newInstance(); + } catch (ClassNotFoundException e) { + log.error("Validator class '" + className + "' not found.", e); + throw e; + } catch (InstantiationException e) { + log.error("Faild to initialize validator class '" + className + "'.", e); + throw e; + } catch (IllegalAccessException e) { + log.error("Faild to initialize validator class '" + className + "'.", e); + throw e; + } catch (ClassCastException e) { + log.error("Class '" + className + "' is not a validator implementation.", e); + throw e; + } + + } + + private Iterator createServiceIterator() { + + try { + final Enumeration resources = classLoader.getResources(SERVICE_ID); + return new Iterator () { + + @Override + public boolean hasNext() { + return resources.hasMoreElements(); + } + + @Override + public URL next() { + return resources.nextElement(); + } + + @Override + public void remove() { + throw new UnsupportedOperationException(); + } + + }; + } catch (IOException e) { + log.error("Failed to enumerate resources " + SERVICE_ID); + List list = Collections.emptyList(); + return list.iterator(); + } + + } + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java index a650d67f..9e34d9ae 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java @@ -68,6 +68,7 @@ import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; import at.buergerkarte.namespaces.securitylayer._1.SignatureInfoCreationType; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLViewerException; import at.gv.egiz.bku.utils.urldereferencer.StreamData; import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; @@ -361,7 +362,7 @@ public class SignatureTest { } - private void signAndMarshalSignature(Signature signature) throws MarshalException, XMLSignatureException, SLCommandException { + private void signAndMarshalSignature(Signature signature) throws MarshalException, XMLSignatureException, SLCommandException, SLViewerException { Node parent = signature.getParent(); Node nextSibling = signature.getNextSibling(); @@ -387,7 +388,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_Base64Content_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_Base64Content_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_Base64Content_1.xml"); @@ -427,7 +428,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_XMLContent_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_XMLContent_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_XMLContent_1.xml"); @@ -467,7 +468,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_XMLContent_2() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_XMLContent_2() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_XMLContent_2.xml"); @@ -508,7 +509,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_LocRefContent_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_LocRefContent_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_LocRefContent_1.xml"); @@ -546,7 +547,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_LocRefContent_2() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_LocRefContent_2() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_LocRefContent_2.xml"); @@ -584,7 +585,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_Reference_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_Reference_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_Reference_1.xml"); @@ -622,7 +623,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_Detached_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_Detached_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_Detached_1.xml"); @@ -653,7 +654,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testDataObject_Detached_Base64Content() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testDataObject_Detached_Base64Content() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { List dataObjectInfos = unmarshalDataObjectInfo("DataObjectInfo_Detached_Base64Content.xml"); @@ -704,7 +705,7 @@ public class SignatureTest { @SuppressWarnings("unchecked") @Test - public void testTransformsInfo_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException { + public void testTransformsInfo_1() throws JAXBException, SLCommandException, XMLStreamException, SLRequestException, MarshalException, XMLSignatureException, SLViewerException { CreateXMLSignatureRequestType requestType = unmarshalCreateXMLSignatureRequest("TransformsInfo_1.xml"); diff --git a/pom.xml b/pom.xml index 352257f0..3438e596 100644 --- a/pom.xml +++ b/pom.xml @@ -7,17 +7,18 @@ 1.0-SNAPSHOT BKU http://bku.egiz.gv.at - - utils - bkucommon - STAL - BKUOnline - smcc - BKULocal - BKUApplet - smccSTAL - STALService - BKUCommonGUI + + utils + bkucommon + STAL + BKUOnline + smcc + BKULocal + BKUApplet + smccSTAL + STALService + BKUCommonGUI + BKUViewer @@ -161,6 +162,16 @@ 4.4 test + + xerces + xercesImpl + 2.9.1 + + + xalan + xalan + 2.7.0 + iaik iaik_jce_full_signed -- cgit v1.2.3 From 76bb812a3254be530e403f8db8c01323a31b30c1 Mon Sep 17 00:00:00 2001 From: wbauer Date: Thu, 11 Sep 2008 13:03:44 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@33 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUOnline/pom.xml | 317 ++++++++------- .../at/gv/egiz/bku/online/conf/Configurator.java | 21 +- .../egiz/bku/online/conf/SpringConfigurator.java | 17 + .../gv/egiz/bku/online/webapp/ResultServlet.java | 246 ++++++------ .../egiz/bku/online/webapp/SpringBKUServlet.java | 6 +- .../gv/egiz/bku/online/conf/defaultConf.properties | 2 + BKUOnline/src/main/resources/log4j.properties | 21 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 4 +- BKUOnline/src/main/webapp/appletPage.jsp | 8 +- .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 22 +- .../at/gv/egiz/bku/binding/DataUrlConnection.java | 6 +- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 444 +++++++++++---------- .../gv/egiz/bku/binding/DataUrlConnectionSPI.java | 9 +- .../egiz/bku/slcommands/impl/ErrorResultImpl.java | 14 +- .../slexceptions/SLExceptionMessages.properties | 165 ++++---- .../slexceptions/SLExceptionMessages_en.properties | 97 +++++ .../gv/egiz/bku/binding/TestDataUrlConnection.java | 9 +- 17 files changed, 812 insertions(+), 596 deletions(-) create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties (limited to 'bkucommon/src/main') diff --git a/BKUOnline/pom.xml b/BKUOnline/pom.xml index a0e45cf6..d31367a8 100644 --- a/BKUOnline/pom.xml +++ b/BKUOnline/pom.xml @@ -1,141 +1,180 @@ - - - bku - at.gv.egiz - 1.0-SNAPSHOT - - 4.0.0 - at.gv.egiz - BKUOnline - war - BKU Online - 1.0-SNAPSHOT - - - at.gv.egiz - bkucommon - 1.0-SNAPSHOT - - - commons-logging - commons-logging - - - org.springframework - spring-core - 2.5.5 - - - javax.servlet - servlet-api - 2.5 - provided - - - org.springframework - spring-web - 2.5.5 - - - at.gv.egiz - STALService - 1.0-SNAPSHOT - compile - - - - - com.sun.xml.ws - - jaxws-rt - 2.1.4 - - - - - - Tomcat60 - - - - - maven-dependency-plugin - - - copyapplet - - copy - - - - - at.gv.egiz - BKUApplet - 1.0-SNAPSHOT - - - commons-logging - commons-logging - - - iaik - iaik_jce_me4se - - - ${project.build.directory}/${project.build.finalName}/applet - - - - - - - + + + bku + at.gv.egiz + 1.0-SNAPSHOT + + 4.0.0 + at.gv.egiz + BKUOnline + war + BKU Online + 1.0-SNAPSHOT + + + + tlc + TLC Repository + http://commons.ucalgary.ca/pub/m2 + + + + + + at.gv.egiz + bkucommon + 1.0-SNAPSHOT + + + at.gv.egiz + BKUViewer + 1.0-SNAPSHOT + + + commons-logging + commons-logging + + + org.springframework + spring-core + 2.5.5 + + + javax.servlet + servlet-api + 2.5 + provided + + + org.springframework + spring-web + 2.5.5 + + + at.gv.egiz + STALService + 1.0-SNAPSHOT + compile + + + + + com.sun.xml.ws + + jaxws-rt + 2.1.4 + + + + + + Tomcat60 + + + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKUOnline + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKUOnline + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKUOnline + + + + + maven-dependency-plugin + + + copyapplet + + copy + + + + + at.gv.egiz + BKUApplet + 1.0-SNAPSHOT + + + commons-logging + commons-logging + + + iaik + iaik_jce_me4se + + + ${project.build.directory}/${project.build.finalName}/applet + + + + + + + maven-war-plugin + 2.0.2 + + + + true + + + + + + ${project.version}-r${buildNumber} + + + + + + + org.codehaus.mojo + maven-buildnumber-plugin + 0.9.6 + + + validate + + create + + + + + false + false + + + + diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java index de577139..c09abcc1 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java @@ -17,8 +17,10 @@ package at.gv.egiz.bku.online.conf; import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; import iaik.xml.crypto.XSecProvider; +import java.io.IOException; import java.net.HttpURLConnection; import java.security.Provider; import java.security.Security; @@ -29,22 +31,30 @@ import javax.net.ssl.HttpsURLConnection; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.bku.binding.DataUrl; +import at.gv.egiz.bku.binding.DataUrlConnection; +import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; -import iaik.security.provider.IAIK; /** * * TODO currently only the code to get started. */ -public class Configurator { +public abstract class Configurator { private Log log = LogFactory.getLog(Configurator.class); + + private static Configurator instance = new SpringConfigurator(); protected Properties properties; - public Configurator() { + protected Configurator() { } + public static Configurator getInstance() { + return instance; + } + protected void configUrlConnections() { HttpsURLConnection.setFollowRedirects(false); HttpURLConnection.setFollowRedirects(false); @@ -65,9 +75,14 @@ public class Configurator { log.debug(sb.toString()); } + protected void configViewer() { + DataObject.enableHashDataInputValidation(Boolean.parseBoolean(properties.getProperty("ValidateHashDataInputs"))); + } + public void configure() { configureProviders(); configUrlConnections(); + configViewer(); } public void setConfiguration(Properties props) { diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index 545a69c9..9fe91708 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -49,6 +49,8 @@ import org.springframework.context.ResourceLoaderAware; import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; +import at.gv.egiz.bku.binding.DataUrl; +import at.gv.egiz.bku.binding.DataUrlConnection; import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class SpringConfigurator extends Configurator implements @@ -71,9 +73,24 @@ public class SpringConfigurator extends Configurator implements } } + public void configureVersion() { + Properties p = new Properties(); + try { + p.load(resourceLoader.getResource("META-INF/MANIFEST.MF").getInputStream()); + String version = p.getProperty("Implementation-Build"); + properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, "citizen-card-environment/1.2 MOCCA "+version); + DataUrl.setConfiguration(properties); + log.debug("Setting user agent to: "+properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); + } catch (IOException e) { + log.error(e); + } + } + + public void configure() { super.configure(); configureSSL(); + configureVersion(); } private Set getCACerts() throws IOException, diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index bc3edf18..28c714c1 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -1,121 +1,129 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.online.webapp; - -import java.io.IOException; -import java.util.Iterator; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.binding.HTTPBindingProcessor; -import at.gv.egiz.bku.binding.IdFactory; - -/** - * Delivers the result to the browser - * - */ -public class ResultServlet extends SpringBKUServlet { - - private final static Log log = LogFactory.getLog(ResultServlet.class); - - private String encoding = "UTF-8"; - private String expiredPage = "./expiredError.jsp"; - - public ResultServlet() { - } - - private void myInit() { - String enc = getServletContext().getInitParameter("responseEncoding"); - if (enc != null) { - log.debug("Init default encoding to: "+enc); - encoding = enc; - } - String expP = getServletConfig().getInitParameter("expiredPage"); - if (expP != null) { - log.debug("Init expired page to: "+expP); - expiredPage = expP; - } - } - - @Override - public void init() throws ServletException { - super.init(); - myInit(); - } - - @Override - public void init(ServletConfig config) throws ServletException { - super.init(config); - myInit(); - } - - - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - doGet(req, resp); - } - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, java.io.IOException { - - HttpSession session = req.getSession(false); - if (session == null) { - resp.sendRedirect(expiredPage); - return; - } - String sessionId = session.getId(); - if (sessionId == null) { - resp.sendRedirect(expiredPage); - return; - } - log.debug("Got a result request for session: " + sessionId); - HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager().getBindingProcessor( - IdFactory.getInstance().createId(sessionId)); - if (bp == null) { - session.invalidate(); - resp.sendRedirect(expiredPage); - return; - } - - if (bp.getRedirectURL() != null) { - resp.sendRedirect(bp.getRedirectURL()); - return; - } - resp.setStatus(bp.getResponseCode()); - resp.setHeader("Cache-Control","no-store"); //HTTP 1.1 - resp.setHeader("Pragma","no-cache"); //HTTP 1.0 - resp.setDateHeader ("Expires", 0); - for (Iterator it = bp.getResponseHeaders().keySet() - .iterator(); it.hasNext();) { - String header = it.next(); - resp.setHeader(header, bp.getResponseHeaders().get(header)); - } - resp.setContentType(bp.getResultContentType()); - resp.setCharacterEncoding(encoding); - bp.writeResultTo(resp.getOutputStream(), encoding); + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.webapp; + +import java.io.IOException; +import java.util.Iterator; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.online.conf.Configurator; + +/** + * Delivers the result to the browser + * + */ +public class ResultServlet extends SpringBKUServlet { + + private final static Log log = LogFactory.getLog(ResultServlet.class); + public final static String USER_AGENT_PROPERTY_KEY = "UserAgent"; + + private String encoding = "UTF-8"; + private String expiredPage = "./expiredError.jsp"; + + public ResultServlet() { + } + + private void myInit() { + String enc = getServletContext().getInitParameter("responseEncoding"); + if (enc != null) { + log.debug("Init default encoding to: " + enc); + encoding = enc; + } + String expP = getServletConfig().getInitParameter("expiredPage"); + if (expP != null) { + log.debug("Init expired page to: " + expP); + expiredPage = expP; + } + } + + @Override + public void init() throws ServletException { + super.init(); + myInit(); + } + + @Override + public void init(ServletConfig config) throws ServletException { + super.init(config); + myInit(); + } + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + doGet(req, resp); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + + HttpSession session = req.getSession(false); + if (session == null) { + resp.sendRedirect(expiredPage); + return; + } + String sessionId = session.getId(); + if (sessionId == null) { + resp.sendRedirect(expiredPage); + return; + } + log.debug("Got a result request for session: " + sessionId); + HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager() + .getBindingProcessor(IdFactory.getInstance().createId(sessionId)); + if (bp == null) { + session.invalidate(); + resp.sendRedirect(expiredPage); + return; + } + + if (bp.getRedirectURL() != null) { + resp.sendRedirect(bp.getRedirectURL()); + return; + } + resp.setStatus(bp.getResponseCode()); + resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1 + resp.setHeader("Pragma", "no-cache"); // HTTP 1.0 + resp.setDateHeader("Expires", 0); + if (Configurator.getInstance().getProperty(USER_AGENT_PROPERTY_KEY) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.getInstance().getProperty( + USER_AGENT_PROPERTY_KEY)); + } else { + resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, + "citizen-card-environment/1.2 MOCCA Unknown"); + } + for (Iterator it = bp.getResponseHeaders().keySet().iterator(); it + .hasNext();) { + String header = it.next(); + resp.setHeader(header, bp.getResponseHeaders().get(header)); + } + resp.setContentType(bp.getResultContentType()); + resp.setCharacterEncoding(encoding); + bp.writeResultTo(resp.getOutputStream(), encoding); session.invalidate(); - getBindingProcessorManager().removeBindingProcessor(bp.getId()); - } -} + getBindingProcessorManager().removeBindingProcessor(bp.getId()); + } +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java index 6ee537b1..ec062e42 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java @@ -19,13 +19,13 @@ package at.gv.egiz.bku.online.webapp; import javax.servlet.http.HttpServlet; import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.online.conf.Configurator; public abstract class SpringBKUServlet extends HttpServlet { - public final static String BEAN_NAME="bindingProcessorManager"; - + public final static String BEAN_NAME="bindingProcessorManager"; + protected BindingProcessorManager getBindingProcessorManager() { return (BindingProcessorManager) getServletContext().getAttribute(BEAN_NAME); } - } diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties index 108f8624..cdc2bfad 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -39,3 +39,5 @@ SSL.sslProtocol=TLS # ------------ END SSL Config -------------------- +ValidateHashDataInputs=true + diff --git a/BKUOnline/src/main/resources/log4j.properties b/BKUOnline/src/main/resources/log4j.properties index ed14b424..58f09511 100644 --- a/BKUOnline/src/main/resources/log4j.properties +++ b/BKUOnline/src/main/resources/log4j.properties @@ -13,9 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -# loglever DEBUG, appender STDOUT -log4j.rootLogger=TRACE, STDOUT -#log4j.logger.at.gv.egiz.slbinding.RedirectEventFilter=DEBUG, STDOUT + +log4j.rootLogger=TRACE, STDOUT, file # STDOUT appender log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender @@ -24,11 +23,11 @@ log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout #log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n log4j.appender.STDOUT.layout.ConversionPattern=%-5p | %t | %c %x - %m%n -### FILE appender -#log4j.appender.file=org.apache.log4j.RollingFileAppender -#log4j.appender.file.maxFileSize=100KB -#log4j.appender.file.maxBackupIndex=9 -#log4j.appender.file.File=egovbus_ca.log -#log4j.appender.file.threshold=info -#log4j.appender.file.layout=org.apache.log4j.PatternLayout -#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n \ No newline at end of file +# FILE appender +log4j.appender.file=org.apache.log4j.RollingFileAppender +log4j.appender.file.maxFileSize=500KB +log4j.appender.file.maxBackupIndex=9 +log4j.appender.file.File=${catalina.home}/logs/bkuonline.log +log4j.appender.file.threshold=trace +log4j.appender.file.layout=org.apache.log4j.PatternLayout +log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p | %t | %c{1}:%L - %m%n \ No newline at end of file diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index f87d09f5..04b07ba4 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -45,8 +45,8 @@ - + diff --git a/BKUOnline/src/main/webapp/appletPage.jsp b/BKUOnline/src/main/webapp/appletPage.jsp index 684a8dca..fdd7072f 100644 --- a/BKUOnline/src/main/webapp/appletPage.jsp +++ b/BKUOnline/src/main/webapp/appletPage.jsp @@ -25,15 +25,15 @@ diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index 8eaeacbd..a8477ece 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -16,13 +16,14 @@ */ package at.gv.egiz.bku.binding; -import java.net.MalformedURLException; -import java.net.URL; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; /** * Used to handle DataUrl connections as specified in the CCE's HTTP protocol binding. @@ -30,7 +31,8 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; */ public class DataUrl { private static DataUrlConnectionSPI defaultDataUrlConnection = new DataUrlConnectionImpl(); - private static Log log = LogFactory.getLog(DataUrl.class); + private static Log log = LogFactory.getLog(DataUrl.class); + private static Properties configuration; private URL url; @@ -58,5 +60,9 @@ public class DataUrl { log.error(e); throw new SLRuntimeException("Cannot instantiate a dataurlconnection:",e); } + } + + public static void setConfiguration(Properties props) { + configuration = props; } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java index 6d654639..c6ffa32a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java @@ -34,14 +34,16 @@ import at.gv.egiz.bku.slcommands.SLResult; */ public interface DataUrlConnection { - public static final String DEFAULT_USERAGENT = "citizen-card-environment/1.2 BKU2 1.0"; + public static final String DEFAULT_USERAGENT = "citizen-card-environment/1.2 MOCCA Unknown"; public static final String FORMPARAM_RESPONSETYPE = "ResponseType"; public static final String DEFAULT_RESPONSETYPE = "HTTP-Security-Layer-RESPONSE"; public static final String FORMPARAM_XMLRESPONSE = "XMLResponse"; public static final String FORMPARAM_BINARYRESPONSE = "BinaryResponse"; public static final String XML_RESPONSE_ENCODING = "UTF-8"; - + + public final static String USER_AGENT_PROPERTY_KEY="UserAgent"; + public String getProtocol(); public URL getUrl(); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 9f5d70cb..bb0314b5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -1,221 +1,235 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.binding; - -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.net.HttpURLConnection; -import java.net.SocketTimeoutException; -import java.net.URL; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.net.ssl.HttpsURLConnection; - -import org.apache.commons.httpclient.methods.multipart.FilePart; -import org.apache.commons.httpclient.methods.multipart.Part; -import org.apache.commons.httpclient.methods.multipart.StringPart; - -import at.gv.egiz.bku.binding.multipart.InputStreamPartSource; -import at.gv.egiz.bku.binding.multipart.SLResultPart; -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slcommands.SLResult.SLResultType; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.bku.utils.StreamUtil; -import at.gv.egiz.bku.utils.binding.Protocol; - -/** - * not thread-safe thus newInsance always returns a new object - * - */ -public class DataUrlConnectionImpl implements DataUrlConnectionSPI { - - public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, - Protocol.HTTPS }; - protected X509Certificate serverCertificate; - protected Protocol protocol; - protected URL url; - private HttpURLConnection connection; - protected Map requestHttpHeaders; - protected ArrayList formParams; - protected String boundary; - - protected DataUrlResponse result; - - public String getProtocol() { - if (protocol == null) { - return null; - } - return protocol.toString(); - } - - /** - * opens a connection sets the headers gets the server certificate - * - * @throws java.net.SocketTimeoutException - * @throws java.io.IOException - * @pre url != null - * @pre httpHeaders != null - */ - public void connect() throws SocketTimeoutException, IOException { - connection = (HttpURLConnection) url.openConnection(); - + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.binding; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.HttpURLConnection; +import java.net.SocketTimeoutException; +import java.net.URL; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Properties; +import java.util.Set; + +import javax.net.ssl.HttpsURLConnection; + +import org.apache.commons.httpclient.methods.multipart.FilePart; +import org.apache.commons.httpclient.methods.multipart.Part; +import org.apache.commons.httpclient.methods.multipart.StringPart; + +import at.gv.egiz.bku.binding.multipart.InputStreamPartSource; +import at.gv.egiz.bku.binding.multipart.SLResultPart; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLResult.SLResultType; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.binding.Protocol; + +/** + * not thread-safe thus newInsance always returns a new object + * + */ +public class DataUrlConnectionImpl implements DataUrlConnectionSPI { + + public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, + Protocol.HTTPS }; + protected X509Certificate serverCertificate; + protected Protocol protocol; + protected URL url; + private HttpURLConnection connection; + protected Map requestHttpHeaders; + protected ArrayList formParams; + protected String boundary; + protected Properties config = null; + + protected DataUrlResponse result; + + public String getProtocol() { + if (protocol == null) { + return null; + } + return protocol.toString(); + } + + /** + * opens a connection sets the headers gets the server certificate + * + * @throws java.net.SocketTimeoutException + * @throws java.io.IOException + * @pre url != null + * @pre httpHeaders != null + */ + public void connect() throws SocketTimeoutException, IOException { + connection = (HttpURLConnection) url.openConnection(); + // FIXXME move this to config. - HttpURLConnection.setFollowRedirects(false); - - - connection.setDoOutput(true); - Set headers = requestHttpHeaders.keySet(); - Iterator headerIt = headers.iterator(); - while (headerIt.hasNext()) { - String name = headerIt.next(); - connection.setRequestProperty(name, requestHttpHeaders.get(name)); - } - connection.connect(); - if (connection instanceof HttpsURLConnection) { - HttpsURLConnection ssl = (HttpsURLConnection) connection; - X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); - if ((certs != null) && (certs.length >= 1)) { - serverCertificate = certs[0]; - } - } - } - - public X509Certificate getServerCertificate() { - return serverCertificate; - } - - public void setHTTPHeader(String name, String value) { - if (name != null && value != null) { - requestHttpHeaders.put(name, value); - } - } - - public void setHTTPFormParameter(String name, InputStream data, - String contentType, String charSet, String transferEncoding) { - InputStreamPartSource source = new InputStreamPartSource(null, data); - FilePart formParam = new FilePart(name, source, contentType, charSet); - if (transferEncoding != null) { - formParam.setTransferEncoding(transferEncoding); - } else { - formParam.setTransferEncoding(null); - } - formParams.add(formParam); - } - - /** - * send all formParameters - * - * @throws java.io.IOException - */ - public void transmit(SLResult slResult) throws IOException { - SLResultPart slResultPart = new SLResultPart(slResult, - XML_RESPONSE_ENCODING); - if (slResult.getResultType() == SLResultType.XML) { - slResultPart.setTransferEncoding(null); - slResultPart.setContentType(slResult.getMimeType()); - slResultPart.setCharSet(XML_RESPONSE_ENCODING); - } else { - slResultPart.setTransferEncoding(null); - slResultPart.setContentType(slResult.getMimeType()); - } - formParams.add(slResultPart); - - OutputStream os = connection.getOutputStream(); - - Part[] parts = new Part[formParams.size()]; - Part.sendParts(os, formParams.toArray(parts), boundary.getBytes()); - os.close(); + HttpURLConnection.setFollowRedirects(false); + + connection.setDoOutput(true); + Set headers = requestHttpHeaders.keySet(); + Iterator headerIt = headers.iterator(); + while (headerIt.hasNext()) { + String name = headerIt.next(); + connection.setRequestProperty(name, requestHttpHeaders.get(name)); + } + connection.connect(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection ssl = (HttpsURLConnection) connection; + X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); + if ((certs != null) && (certs.length >= 1)) { + serverCertificate = certs[0]; + } + } + } + + public X509Certificate getServerCertificate() { + return serverCertificate; + } + + public void setHTTPHeader(String name, String value) { + if (name != null && value != null) { + requestHttpHeaders.put(name, value); + } + } + + public void setHTTPFormParameter(String name, InputStream data, + String contentType, String charSet, String transferEncoding) { + InputStreamPartSource source = new InputStreamPartSource(null, data); + FilePart formParam = new FilePart(name, source, contentType, charSet); + if (transferEncoding != null) { + formParam.setTransferEncoding(transferEncoding); + } else { + formParam.setTransferEncoding(null); + } + formParams.add(formParam); + } + + /** + * send all formParameters + * + * @throws java.io.IOException + */ + public void transmit(SLResult slResult) throws IOException { + SLResultPart slResultPart = new SLResultPart(slResult, + XML_RESPONSE_ENCODING); + if (slResult.getResultType() == SLResultType.XML) { + slResultPart.setTransferEncoding(null); + slResultPart.setContentType(slResult.getMimeType()); + slResultPart.setCharSet(XML_RESPONSE_ENCODING); + } else { + slResultPart.setTransferEncoding(null); + slResultPart.setContentType(slResult.getMimeType()); + } + formParams.add(slResultPart); + + OutputStream os = connection.getOutputStream(); + + Part[] parts = new Part[formParams.size()]; + Part.sendParts(os, formParams.toArray(parts), boundary.getBytes()); + os.close(); // MultipartRequestEntity PostMethod - result = new DataUrlResponse(url.toString(), connection.getResponseCode(), - connection.getInputStream()); - - Map responseHttpHeaders = new HashMap(); - Map> httpHeaders = connection.getHeaderFields(); - for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt - .hasNext();) { - String key = keyIt.next(); - StringBuffer value = new StringBuffer(); - for (String val : httpHeaders.get(key)) { - value.append(val); - value.append(HttpUtil.SEPERATOR[0]); - } - String valString = value.substring(0, value.length() - 1); - if ((key != null)&&(value.length() > 0)) { - responseHttpHeaders.put(key, valString); - } - } - result.setResponseHttpHeaders(responseHttpHeaders); - } - - @Override - public DataUrlResponse getResponse() throws IOException { - return result; - } - - /** - * inits protocol, url, httpHeaders, formParams - * - * @param url - * must not be null - */ - @Override - public void init(URL url) { - - for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { - if (SUPPORTED_PROTOCOLS[i].toString().equalsIgnoreCase(url.getProtocol())) { - protocol = SUPPORTED_PROTOCOLS[i]; - break; - } - } - if (protocol == null) { - throw new SLRuntimeException("Protocol " + url.getProtocol() - + " not supported for data url"); - } - this.url = url; - boundary = "--" + IdFactory.getInstance().createId().toString(); - requestHttpHeaders = new HashMap(); - requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, DEFAULT_USERAGENT); - requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, - HttpUtil.MULTIPART_FOTMDATA + HttpUtil.SEPERATOR[0] - + HttpUtil.MULTIPART_FOTMDATA_BOUNDARY + "=" + boundary); - - formParams = new ArrayList(); - StringPart responseType = new StringPart(FORMPARAM_RESPONSETYPE, - DEFAULT_RESPONSETYPE); - responseType.setCharSet("UTF-8"); - responseType.setTransferEncoding(null); - formParams.add(responseType); - } - - @Override - public DataUrlConnectionSPI newInstance() { - return new DataUrlConnectionImpl(); + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), + connection.getInputStream()); + + Map responseHttpHeaders = new HashMap(); + Map> httpHeaders = connection.getHeaderFields(); + for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt + .hasNext();) { + String key = keyIt.next(); + StringBuffer value = new StringBuffer(); + for (String val : httpHeaders.get(key)) { + value.append(val); + value.append(HttpUtil.SEPERATOR[0]); + } + String valString = value.substring(0, value.length() - 1); + if ((key != null) && (value.length() > 0)) { + responseHttpHeaders.put(key, valString); + } + } + result.setResponseHttpHeaders(responseHttpHeaders); } - @Override - public URL getUrl() { - return url; - } + @Override + public DataUrlResponse getResponse() throws IOException { + return result; + } + + /** + * inits protocol, url, httpHeaders, formParams + * + * @param url + * must not be null + */ + @Override + public void init(URL url) { + + for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { + if (SUPPORTED_PROTOCOLS[i].toString().equalsIgnoreCase(url.getProtocol())) { + protocol = SUPPORTED_PROTOCOLS[i]; + break; + } + } + if (protocol == null) { + throw new SLRuntimeException("Protocol " + url.getProtocol() + + " not supported for data url"); + } + this.url = url; + boundary = "--" + IdFactory.getInstance().createId().toString(); + requestHttpHeaders = new HashMap(); + if ((config != null) + && (config.getProperty(USER_AGENT_PROPERTY_KEY) != null)) { + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config + .getProperty(USER_AGENT_PROPERTY_KEY)); + } else { + requestHttpHeaders + .put(HttpUtil.HTTP_HEADER_USER_AGENT, DEFAULT_USERAGENT); + + } + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + HttpUtil.MULTIPART_FOTMDATA + HttpUtil.SEPERATOR[0] + + HttpUtil.MULTIPART_FOTMDATA_BOUNDARY + "=" + boundary); + + formParams = new ArrayList(); + StringPart responseType = new StringPart(FORMPARAM_RESPONSETYPE, + DEFAULT_RESPONSETYPE); + responseType.setCharSet("UTF-8"); + responseType.setTransferEncoding(null); + formParams.add(responseType); + } + + @Override + public DataUrlConnectionSPI newInstance() { + DataUrlConnectionSPI uc = new DataUrlConnectionImpl(); + uc.setConfiguration(config); + return uc; + } + + @Override + public URL getUrl() { + return url; + } + + @Override + public void setConfiguration(Properties config) { + this.config = config; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java index 9e5a66f8..80cc3a0b 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.binding; import java.net.URL; +import java.util.Properties; /** * Prototype of a DataurlconnectionSPI @@ -36,7 +37,13 @@ public interface DataUrlConnectionSPI extends DataUrlConnection { * Initializes the DataUrlConnection * @param url */ - public void init(URL url); + public void init(URL url); + + /** + * Sets configuration parameters for this connection + * @param config + */ + public void setConfiguration(Properties config); } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java index 555f83bd..fb624211 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java @@ -16,12 +16,14 @@ */ package at.gv.egiz.bku.slcommands.impl; -import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; -import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.gv.egiz.bku.slcommands.ErrorResult; -import at.gv.egiz.bku.slexceptions.SLException; - -import javax.xml.transform.Result; +import java.util.Locale; + +import javax.xml.transform.Result; + +import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.ErrorResult; +import at.gv.egiz.bku.slexceptions.SLException; /** * This class implements the security layer result ErrorResponse. diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties index 8e0a09bc..cf52a4c3 100644 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties @@ -13,85 +13,86 @@ # See the License for the specific language governing permissions and # limitations under the License. -test.noerror=This is a test error-message. No error occurred. - -ec1000=Unclassified error. -ec2000=Unclassified error in the transport binding. -ec2001=HTTP/HTTPS binding: DataURL cannot be resolved. -ec2002=HTTP/HTTPS binding: StylesheetURL cannot be resolved. -ec2003=HTTP/HTTPS binding: RedirectURL cannot be resolved. -ec2004=HTTP/HTTPS binding: XMLRequest parameter missing. -ec2005=HTTP/HTTPS binding: Unknown parameter encoding. -ec2006=HTTP/HTTPS binding: Incorrect parameter encoding. -ec2007=HTTP/HTTPS binding: DataURL server transmits error or unexpected response. -ec2008=HTTP/HTTPS binding: Error in stylesheet obtained from the StylesheetURL. -ec2009=HTTP/HTTPS binding: HTTP request to local CCE directed to unauthorised URL. -ec2010=HTTPS binding: Error while establishing the TLS connection. -ec3000=Unclassified error in the XML structure of the command request. -ec3001=XML structure of the command request is not well formed. -ec3002=XML structure of the command request does not comply with the Security Layer schema. -ec3003=XML structure of the command request contains an invalid combination of optional elements or attributes. -ec3004=XML structure contains an element or attribute whose syntax does not match the Security Layer specification. -ec3005=Protocol version of Security Layer not supported. -ec4000=Unclassified error while processing command. -ec4001=Unknown key box identifier. -ec4002=Unknown info box identifier. -ec4003=Date to be signed cannot be resolved. -ec4004=Supplementary object cannot be resolved. -ec4005=Date to be encrypted cannot be resolved. -ec4006=Algorithm (signature, encryption, digest, canonicalisation, transformation) not supported. -ec4007=Error while executing algorithm (signature, encryption, digest, canonicalisation, transformation). -ec4008=Error while parsing CMS message -ec4009=No matching decryption key. -ec4010=Info box command parameters do not match info box type. -ec4011=Command not implemented. -ec4100=XML document in which the signature is to be integrated cannot be resolved. -ec4101=XML document in which the signature is to be integrated cannot be parsed. -ec4102=Signature cannot be integrated in the existing XML document at the specified location. -ec4103=Signature certificate not contained in the CMS signature. -ec4104=Signed data not contained in the CMS signature or XML request. -ec4105=XML document containing the signature to be verified cannot be resolved. -ec4106=XML document containing the signature to be verified cannot be parsed. -ec4107=There is no XML signature at the specified location within the XML document. -ec4108=Encrypted date cannot be inserted in the existing XML document at the specified location. -ec4109=Existing XML document is required but missing. -ec4110=Existing XML document cannot be resolved. -ec4111=Existing XML document cannot be parsed. -ec4112=Encrypted data encryption keys cannot be inserted in the existing XML document at the specified location. -ec4113=Data to be decrypted not contained in either the CMS message or XML request. -ec4114=XML document to be decrypted cannot be resolved. -ec4115=XML document to be decrypted cannot be parsed. -ec4116=At least one specified encryption element cannot be found in the XML document to be decrypted. -ec4117=No encryption element for binary response. -ec4118=Date to be hashed cannot be resolved. -ec4119=Date for which the hash value is to be verified cannot be resolved. -ec4120=Selected info box identifier already allocated. -ec4121=Info box with specified identifier does not exist. -ec4122=Contents of the selected info box cannot be displayed as XML. -ec4123=Associative array: No entry for the specified key. -ec5000=Unclassified error in the viewer component. -ec5001=Display of data of the mime type specified in the command request not supported. -ec5002=Character encoding of the data to be displayed is invalid or not supported. -ec5003=Data to be displayed contains unsupported characters. -ec5004=Standard display format: HTML does not conform to specification. -ec5005=Standard display format: CSS does not conform to specification. -ec5006=Standard display format: Format of an embedded image does not conform to specification. -ec5007=Standard display format: Signature for embedded images missing or does not conform to specification. -ec6000=Unclassified cancelling by the citizen. -ec6001=Cancelled by the citizen via the user interface. -ec6002=Cancelled because of insufficient rights to execute command. - -# 3xxx -# - -ec3000.unclassified=Error in the XML structure of the command request. {0} -ec3002.invalid=XML structure of the command request does not comply with the Security Layer schema. {0} - -# 4xxx -# - -ec4000.infobox.invalid=The infobox '{0}' contains invalid content. -ec4000.idlink.transfomation.failed=Failed to transform CompressedIdentityLink with Stylesheet {0}. -ec4002.infobox.unknown=Unknown info box identifier {0}. -ec4003.not.resolved=Data to be signed cannot be resolved from URI={0}. -ec4011.notimplemented=Command {0} not implemented. +test.noerror=Das ist eine Test-Fehlermeldung. Es ist kein Fehler aufgetreten. + +ec1000=Unklassifizierter Fehler. +ec2000=Unklassifizierter Fehler in der Transportbindung. +ec2001=HTTP/HTTPS-Bindung: DataURL kann nicht aufgelöst werden. +ec2002=HTTP/HTTPS-Bindung: StylesheetURL kann nicht aufgelöst werden. +ec2003=HTTP/HTTPS-Bindung: RedirectURL kann nicht aufgelöst werden. +ec2004=HTTP/HTTPS-Bindung: Parameter XMLRequest fehlt. +ec2005=HTTP/HTTPS-Bindung: Unbekannte Kodierung der Parameter. +ec2006=HTTP/HTTPS-Bindung: Fehlerhafte Kodierung der Parameter. +ec2007=HTTP/HTTPS-Bindung: DataURL-Server sendet Fehler oder unerwartete Antwort. +ec2008=HTTP/HTTPS-Bindung: Fehler im Stylesheet, der von der StylesheetURL bezogen wurde. +ec2009=HTTP/HTTPS-Bindung: HTTP-Anfrage an lokale BKU wurde an unerlaubte URL gerichtet. +ec2010=HTTPS-Bindung: Fehler beim Aufbau der TLS-Verbindung. +ec3000=Unklassifizierter Fehler in der XML-Struktur der Befehlsanfrage. +ec3001=XML-Struktur der Befehlsanfrage ist nicht wohlgeformt. +ec3002=XML-Struktur der Befehlsanfrage entspricht nicht dem Schema des Security-Layers. +ec3003=XML-Struktur der Befehlsanfrage enthält eine unerlaubte Kombination aus optionalen Elementen oder Attributen. +ec3004=XML-Struktur enthält ein Element oder Attribut, dessen Syntax nicht der Spezifikation des Security-Layer entspricht. +ec3005=Protokollversion des Security-Layer wird nicht unterstützt. +ec4000=Unklassifizierter Fehler in der Befehlsabarbeitung. +ec4001=Unbekannter Keyboxbezeichner. +ec4002=Unbekannter Infoboxbezeichner. +ec4003=Zu signierendes Datum kann nicht aufgelöst werden. +ec4004=Ergänzungsobjekt kann nicht aufgelöst werden. +ec4005=Zu verschlüsselndes Datum kann nicht aufgelöst werden. +ec4006=Algorithmus (Signatur, Verschlüsselung, Digest, Kanonisierung, Transformation) wird nicht unterstützt. +ec4007=Fehler bei der Algorithmusausführung (Signatur, Verschlüsselung, Digest, Kanonisierung, Transformation). +ec4008=Fehler beim Parsen der CMS-Nachricht. +ec4009=Kein passender Entschlüsselungsschlüssel vorhanden. +ec4010=Parameter des Infobox-Befehls passen nicht zum Typ der Infobox. +ec4011=Befehl ist nicht implementiert. +ec4100=XML-Dokument, in das die Signatur integriert werden soll, kann nicht aufgelöst werden. +ec4101=XML-Dokument, in das die Signatur integriert werden soll, kann nicht geparst werden. +ec4102=Signatur kann nicht am spezifizierten Ort in das bestehende XML-Dokument integriert werden. +ec4103=Signatorzertifikat ist nicht in der CMS-Signatur enthalten. +ec4104=Signierte Daten sind weder in der CMS-Signatur noch im XML-Request enthalten. +ec4105=XML-Dokument, das die zu prüfende Signatur enthält, kann nicht aufgelöst werden. +ec4106=XML-Dokument, das die zu prüfende Signatur enthält, kann nicht geparst werden. +ec4107=Am spezifizierten Ort innerhalb des XML-Dokuments befindet sich keine XML-Signatur. +ec4108=Verschlüsseltes Datum kann nicht am spezifizierten Ort in das bestehende XML-Dokument eingefügt werden. +ec4109=Bestehendes XML-Dokument ist notwendig, aber nicht vorhanden. +ec4110=Bestehendes XML-Dokument kann nicht aufgelöst werden. +ec4111=Bestehendes XML-Dokument kann nicht geparst werden. +ec4112=Verschlüsselte Datenverschlüsselungsschlüssel können nicht am spezifizierten Ort in das bestehende XML-Dokument eingefügt werden. +ec4113=Zu entschlüsselnde Daten sind weder in der CMS-Nachricht noch im XML-Request enthalten. +ec4114=Zu entschlüsselndes XML-Dokument kann nicht aufgelöst werden. +ec4115=Zu entschlüsselndes XML-Dokument kann nicht geparst werden. +ec4116=Zumindest ein spezifiziertes Verschlüsselungselement kann nicht im zu entschlüsselnden XML-Dokument gefunden werden. +ec4117=Kein Verschlüsselungselement für Binärantwort vorhanden. +ec4118=Zu hashendes Datum kann nicht aufgelöst werden. +ec4119=Datum, für das der Hashwert zu prüfen ist, kann nicht aufgelöst werden. +ec4120=Gewählter Infoboxbezeichner bereits vergeben. +ec4121=Infobox mit spezifiziertem Bezeichner existiert nicht. +ec4122=Inhalt der ausgewählten Infobox kann nicht als XML dargestellt werden. +ec4123=Assoziatives Array: Zum spezifizierten Schlüssel existiert kein Eintrag. +ec5000=Unklassifizierter Fehler in der Anzeigekomponente. +ec5001=Anzeige von Daten des in der Befehlsanfrage angegebenen Mime-Types wird nicht unterstützt. +ec5002=Zeichenkodierung der anzuzeigenden Daten ist fehlerhaft oder wird nicht unterstützt. +ec5003=Anzuzeigende Daten enhalten nicht unterstützte Zeichen. +ec5004=Standardanzeigeformat: HTML ist nicht spezifikationskonform. +ec5005=Standardanzeigeformat: CSS ist nicht spezifikationskonform. +ec5006=Standardanzeigeformat: Format eines eingebundenen Bildes ist nicht spezifikationskonform. +ec5007=Standardanzeigeformat: Signatur über eingebundene Bilder fehlt oder ist nicht spezifikationskonform. +ec6000=Unklassifizierter Abbruch durch den Bürger. +ec6001=Abbruch durch den Bürger über die Benutzerschnittstelle. +ec6002=Abbruch auf Grund mangelnder Rechte zur Befehlsausführung. + +# 3xxx +# + +ec3000.unclassified=Unklassifizierter Fehler in der XML-Struktur der Befehlsanfrage. {0} +ec3002.invalid=XML-Struktur der Befehlsanfrage entspricht nicht dem Schema des Security-Layers. {0} + +# 4xxx +# + +ec4000.infobox.invalid=Die Infobox '{0}' enthält ungültige Daten. +ec4000.idlink.transfomation.failed=Die komprimierte Personenbindung konnte mit dem Stylesheet {0} nicht transformiert werden. +ec4002.infobox.unknown=Unbekannter Infoboxbezeichner {0}. +ec4003.not.resolved=Zu signierendes Datum kann nicht aufgelöst werden (URI={0}). +ec4011.notimplemented=Befehl {0} ist nicht implementiert. + diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties new file mode 100644 index 00000000..8e0a09bc --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties @@ -0,0 +1,97 @@ +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +test.noerror=This is a test error-message. No error occurred. + +ec1000=Unclassified error. +ec2000=Unclassified error in the transport binding. +ec2001=HTTP/HTTPS binding: DataURL cannot be resolved. +ec2002=HTTP/HTTPS binding: StylesheetURL cannot be resolved. +ec2003=HTTP/HTTPS binding: RedirectURL cannot be resolved. +ec2004=HTTP/HTTPS binding: XMLRequest parameter missing. +ec2005=HTTP/HTTPS binding: Unknown parameter encoding. +ec2006=HTTP/HTTPS binding: Incorrect parameter encoding. +ec2007=HTTP/HTTPS binding: DataURL server transmits error or unexpected response. +ec2008=HTTP/HTTPS binding: Error in stylesheet obtained from the StylesheetURL. +ec2009=HTTP/HTTPS binding: HTTP request to local CCE directed to unauthorised URL. +ec2010=HTTPS binding: Error while establishing the TLS connection. +ec3000=Unclassified error in the XML structure of the command request. +ec3001=XML structure of the command request is not well formed. +ec3002=XML structure of the command request does not comply with the Security Layer schema. +ec3003=XML structure of the command request contains an invalid combination of optional elements or attributes. +ec3004=XML structure contains an element or attribute whose syntax does not match the Security Layer specification. +ec3005=Protocol version of Security Layer not supported. +ec4000=Unclassified error while processing command. +ec4001=Unknown key box identifier. +ec4002=Unknown info box identifier. +ec4003=Date to be signed cannot be resolved. +ec4004=Supplementary object cannot be resolved. +ec4005=Date to be encrypted cannot be resolved. +ec4006=Algorithm (signature, encryption, digest, canonicalisation, transformation) not supported. +ec4007=Error while executing algorithm (signature, encryption, digest, canonicalisation, transformation). +ec4008=Error while parsing CMS message +ec4009=No matching decryption key. +ec4010=Info box command parameters do not match info box type. +ec4011=Command not implemented. +ec4100=XML document in which the signature is to be integrated cannot be resolved. +ec4101=XML document in which the signature is to be integrated cannot be parsed. +ec4102=Signature cannot be integrated in the existing XML document at the specified location. +ec4103=Signature certificate not contained in the CMS signature. +ec4104=Signed data not contained in the CMS signature or XML request. +ec4105=XML document containing the signature to be verified cannot be resolved. +ec4106=XML document containing the signature to be verified cannot be parsed. +ec4107=There is no XML signature at the specified location within the XML document. +ec4108=Encrypted date cannot be inserted in the existing XML document at the specified location. +ec4109=Existing XML document is required but missing. +ec4110=Existing XML document cannot be resolved. +ec4111=Existing XML document cannot be parsed. +ec4112=Encrypted data encryption keys cannot be inserted in the existing XML document at the specified location. +ec4113=Data to be decrypted not contained in either the CMS message or XML request. +ec4114=XML document to be decrypted cannot be resolved. +ec4115=XML document to be decrypted cannot be parsed. +ec4116=At least one specified encryption element cannot be found in the XML document to be decrypted. +ec4117=No encryption element for binary response. +ec4118=Date to be hashed cannot be resolved. +ec4119=Date for which the hash value is to be verified cannot be resolved. +ec4120=Selected info box identifier already allocated. +ec4121=Info box with specified identifier does not exist. +ec4122=Contents of the selected info box cannot be displayed as XML. +ec4123=Associative array: No entry for the specified key. +ec5000=Unclassified error in the viewer component. +ec5001=Display of data of the mime type specified in the command request not supported. +ec5002=Character encoding of the data to be displayed is invalid or not supported. +ec5003=Data to be displayed contains unsupported characters. +ec5004=Standard display format: HTML does not conform to specification. +ec5005=Standard display format: CSS does not conform to specification. +ec5006=Standard display format: Format of an embedded image does not conform to specification. +ec5007=Standard display format: Signature for embedded images missing or does not conform to specification. +ec6000=Unclassified cancelling by the citizen. +ec6001=Cancelled by the citizen via the user interface. +ec6002=Cancelled because of insufficient rights to execute command. + +# 3xxx +# + +ec3000.unclassified=Error in the XML structure of the command request. {0} +ec3002.invalid=XML structure of the command request does not comply with the Security Layer schema. {0} + +# 4xxx +# + +ec4000.infobox.invalid=The infobox '{0}' contains invalid content. +ec4000.idlink.transfomation.failed=Failed to transform CompressedIdentityLink with Stylesheet {0}. +ec4002.infobox.unknown=Unknown info box identifier {0}. +ec4003.not.resolved=Data to be signed cannot be resolved from URI={0}. +ec4011.notimplemented=Command {0} not implemented. diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java index 45e38674..8a607b80 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java @@ -25,6 +25,7 @@ import java.security.cert.X509Certificate; import java.util.Collections; import java.util.HashMap; import java.util.Map; +import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -124,5 +125,11 @@ public class TestDataUrlConnection implements DataUrlConnectionSPI { @Override public URL getUrl() { return url; - } + } + + @Override + public void setConfiguration(Properties config) { + // TODO Auto-generated method stub + + } } -- cgit v1.2.3 From 0df8bb10302989f41ed420ec0ff29b2fc2005471 Mon Sep 17 00:00:00 2001 From: wbauer Date: Mon, 15 Sep 2008 14:18:53 +0000 Subject: Migrated BKULocal to BKUCommonGUI and minor bug fixes git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@37 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/online/applet/BKUWorker.java | 11 + BKULocal/pom.xml | 5 + .../at/gv/egiz/bku/local/stal/BKUGuiProxy.java | 130 ++++++++++ .../bku/local/stal/LocalSignRequestHandler.java | 84 +++++++ .../java/at/gv/egiz/bku/local/stal/PINDialog.java | 214 ----------------- .../gv/egiz/bku/local/stal/QuitRequestHandler.java | 41 ---- .../java/at/gv/egiz/bku/local/stal/SMCCSTAL.java | 100 ++------ .../at/gv/egiz/bku/local/stal/SMCCSTALFactory.java | 100 ++++++-- .../egiz/bku/local/stal/SwingInsertCardDialog.java | 147 ------------ .../gv/egiz/bku/local/stal/SwingPINProvider.java | 57 ----- .../at/gv/egiz/bku/local/stal/SwingPinDialog.java | 265 --------------------- .../gv/egiz/bku/online/webapp/ResultServlet.java | 1 + .../service/impl/RequestBrokerSTALFactory.java | 5 + .../java/at/gv/egiz/bku/slxhtml/ValidatorTest.java | 5 +- .../src/main/java/at/gv/egiz/stal/STALFactory.java | 6 +- .../bku/binding/BindingProcessorManagerImpl.java | 1 + .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 20 +- .../egiz/bku/slcommands/impl/xsect/Signature.java | 25 ++ .../at/gv/egiz/bku/binding/DummyStalFactory.java | 8 + 19 files changed, 382 insertions(+), 843 deletions(-) create mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/BKUGuiProxy.java create mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/PINDialog.java delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/QuitRequestHandler.java delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingInsertCardDialog.java delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPINProvider.java delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPinDialog.java (limited to 'bkucommon/src/main') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUWorker.java index 51ac243c..cd96a481 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUWorker.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUWorker.java @@ -75,6 +75,17 @@ public class BKUWorker extends AbstractSMCCSTAL implements Runnable, addRequestHandler(QuitRequest.class, this); //register SignRequestHandler once we have a webservice port } + + /** + * Used for non applet variants + * @param gui + * @param errorMessageBundle + */ + protected BKUWorker(BKUGUIFacade gui, ResourceBundle errorMessageBundle) { + this.gui = gui; + this.errorMessages = errorMessageBundle; + addRequestHandler(QuitRequest.class, this); + } private STALPortType getSTALPort() throws MalformedURLException { URL wsdlURL = null; diff --git a/BKULocal/pom.xml b/BKULocal/pom.xml index 3f77752a..341e574a 100644 --- a/BKULocal/pom.xml +++ b/BKULocal/pom.xml @@ -74,6 +74,11 @@ org.springframework spring-tx 2.5.5 + + + at.gv.egiz + BKUApplet + 1.0-SNAPSHOT \ No newline at end of file diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/BKUGuiProxy.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/BKUGuiProxy.java new file mode 100644 index 00000000..0bed928d --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/BKUGuiProxy.java @@ -0,0 +1,130 @@ +package at.gv.egiz.bku.local.stal; + +import java.awt.Container; +import java.awt.event.ActionListener; +import java.util.List; + +import javax.swing.JDialog; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.stal.HashDataInput; + +public class BKUGuiProxy implements BKUGUIFacade { + + private BKUGUIFacade delegate; + private JDialog dialog; + + public BKUGuiProxy(JDialog dialog, BKUGUIFacade delegate) { + this.delegate = delegate; + this.dialog = dialog; + } + + private void showDialog() { + dialog.setVisible(true); + dialog.setAlwaysOnTop(true); + } + + @Override + public char[] getPin() { + return delegate.getPin(); + } + + @Override + public void init(Container contentPane, String localeString) { + delegate.init(contentPane, localeString); + } + + @Override + public void showCardNotSupportedDialog(ActionListener cancelListener, + String actionCommand) { + showDialog(); + delegate.showCardNotSupportedDialog(cancelListener, actionCommand); + } + + @Override + public void showCardPINDialog(PINSpec pinSpec, ActionListener okListener, + String okCommand, ActionListener cancelListener, String cancelCommand) { + showDialog(); + delegate.showCardPINDialog(pinSpec, okListener, okCommand, cancelListener, + cancelCommand); + } + + @Override + public void showCardPINRetryDialog(PINSpec pinSpec, int numRetries, + ActionListener okListener, String okCommand, + ActionListener cancelListener, String cancelCommand) { + showDialog(); + delegate.showCardPINRetryDialog(pinSpec, numRetries, okListener, okCommand, + cancelListener, cancelCommand); + } + + @Override + public void showErrorDialog(String errorMsg, ActionListener okListener, + String actionCommand) { + showDialog(); + delegate.showErrorDialog(errorMsg, okListener, actionCommand); + } + + @Override + public void showErrorDialog(String errorMsg) { + showDialog(); + delegate.showErrorDialog(errorMsg); + } + + @Override + public void showHashDataInputDialog(List signedReferences, + ActionListener okListener, String actionCommand) { + showDialog(); + delegate.showHashDataInputDialog(signedReferences, okListener, + actionCommand); + } + + @Override + public void showInsertCardDialog(ActionListener cancelListener, + String actionCommand) { + showDialog(); + delegate.showInsertCardDialog(cancelListener, actionCommand); + } + + @Override + public void showLoginDialog(ActionListener loginListener, String actionCommand) { + showDialog(); + + delegate.showLoginDialog(loginListener, actionCommand); + } + + @Override + public void showSignaturePINDialog(PINSpec pinSpec, + ActionListener signListener, String signCommand, + ActionListener cancelListener, String cancelCommand, + ActionListener hashdataListener, String hashdataCommand) { + showDialog(); + delegate.showSignaturePINDialog(pinSpec, signListener, signCommand, + cancelListener, cancelCommand, hashdataListener, hashdataCommand); + } + + @Override + public void showSignaturePINRetryDialog(PINSpec pinSpec, int numRetries, + ActionListener okListener, String okCommand, + ActionListener cancelListener, String cancelCommand, + ActionListener hashdataListener, String hashdataCommand) { + showDialog(); + delegate.showSignaturePINRetryDialog(pinSpec, numRetries, okListener, + okCommand, cancelListener, cancelCommand, hashdataListener, + hashdataCommand); + } + + @Override + public void showWaitDialog(String waitMessage) { + showDialog(); + delegate.showWaitDialog(waitMessage); + } + + @Override + public void showWelcomeDialog() { + showDialog(); + delegate.showWelcomeDialog(); + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java new file mode 100644 index 00000000..f8546e49 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java @@ -0,0 +1,84 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.smccstal.SMCCSTALRequestHandler; +import at.gv.egiz.bku.smccstal.SignRequestHandler; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.signedinfo.ReferenceType; + +/** + * + * @author clemens + */ +public class LocalSignRequestHandler extends SignRequestHandler { + + private static final Log log = LogFactory + .getLog(LocalSignRequestHandler.class); + private List hashDataInput = Collections.EMPTY_LIST; + + public LocalSignRequestHandler() { + } + + @SuppressWarnings("unchecked") + @Override + public STALResponse handleRequest(STALRequest request) { + if (request instanceof SignRequest) { + SignRequest signReq = (SignRequest) request; + hashDataInput = signReq.getHashDataInput(); + } + return super.handleRequest(request); + } + + @Override + protected List getHashDataInputs( + List dsigReferences) throws Exception { + ArrayList result = new ArrayList(); + for (ReferenceType dsigRef : dsigReferences) { + // don't get Manifest, QualifyingProperties, ... + if (dsigRef.getType() == null) { + String dsigRefId = dsigRef.getId(); + if (dsigRefId != null) { + for (HashDataInput hdi : hashDataInput) { + if (hdi.getReferenceId().equals(dsigRefId)) { + result.add(hdi); + } + } + } else { + throw new Exception( + "Cannot get HashDataInput for dsig:Reference without Id attribute"); + } + } + } + return result; + } + + @Override + public SMCCSTALRequestHandler newInstance() { + return new LocalSignRequestHandler(); + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/PINDialog.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/PINDialog.java deleted file mode 100644 index 5bc6bab5..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/PINDialog.java +++ /dev/null @@ -1,214 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.stal; - -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.awt.event.WindowAdapter; -import java.awt.event.WindowEvent; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import javax.swing.JButton; -import javax.swing.JPasswordField; -import javax.swing.text.AttributeSet; -import javax.swing.text.BadLocationException; -import javax.swing.text.PlainDocument; - -import at.gv.egiz.smcc.PINSpec; - -public class PINDialog extends javax.swing.JDialog implements ActionListener { - - // Variables declaration - do not modify - private javax.swing.JButton okButton; - private javax.swing.JButton cancelButton; - private javax.swing.JLabel label; - private javax.swing.JPasswordField password; - // End of variables declaration - - private PINSpec pinSpec; - private String pinString; - private boolean finished = false; - - class PinDocument extends PlainDocument { - private Pattern pattern; - - public PinDocument() { - pattern = Pattern.compile(pinSpec.getRexepPattern()); - } - - public void insertString(int offs, String str, AttributeSet a) - throws BadLocationException { - if (pinSpec.getMaxLength() >= (getLength() + str.length())) { - Matcher matcher = pattern.matcher(str); - if (matcher.matches()) { - super.insertString(offs, str, a); - } - } - okButton.setEnabled(getLength() >= pinSpec.getMinLength()); - } - - @Override - public void remove(int offs, int len) throws BadLocationException { - super.remove(offs, len); - okButton.setEnabled(getLength() >= pinSpec.getMinLength()); - } - } - - public PINDialog() { - } - - private synchronized void finished(boolean ok) { - if (ok) { - pinString = password.getText(); - } else { - pinString = null; - } - finished = true; - notifyAll(); - } - - public synchronized void waitFinished() { - while (!finished) { - try { - wait(); - } catch (InterruptedException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - } - - public String getPIN() { - return pinString; - } - - /** Creates new form NewJDialog */ - public PINDialog(java.awt.Frame parent, boolean modal, PINSpec pinSpec, - int retries) { - super(parent, modal); - this.pinSpec = pinSpec; - initComponents(); - } - - private void initComponents() { - okButton = new javax.swing.JButton(); - cancelButton = new javax.swing.JButton(); - password = new javax.swing.JPasswordField(); - label = new javax.swing.JLabel(); - setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE); - - setTitle("PIN Dialog"); // NOI18N - setName("Form"); // NOI18N - - okButton.setText("OK"); // NOI18N - okButton.setName("okButton"); // NOI18N - okButton.setEnabled(false); - okButton.addActionListener(this); - - cancelButton.setText("Cancel"); // NOI18N - cancelButton.setName("cancelButton"); // NOI18N - cancelButton.addActionListener(this); - - password.setText(""); // NOI18N - password.setName("password"); // NOI18N - password.addActionListener(this); - password.setDocument(new PinDocument()); - - label.setText("PIN: "); // NOI18N - label.setName("jLabel1"); // NOI18N - - javax.swing.GroupLayout layout = new javax.swing.GroupLayout( - getContentPane()); - getContentPane().setLayout(layout); - layout.setHorizontalGroup(layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - layout.createSequentialGroup().addContainerGap().addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - layout.createSequentialGroup().addComponent(label, - javax.swing.GroupLayout.PREFERRED_SIZE, 61, - javax.swing.GroupLayout.PREFERRED_SIZE).addPreferredGap( - javax.swing.LayoutStyle.ComponentPlacement.RELATED, - javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(password, - javax.swing.GroupLayout.PREFERRED_SIZE, 127, - javax.swing.GroupLayout.PREFERRED_SIZE)).addGroup( - javax.swing.GroupLayout.Alignment.TRAILING, - layout.createSequentialGroup().addComponent(cancelButton) - .addPreferredGap( - javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addComponent(okButton))).addContainerGap())); - layout.setVerticalGroup(layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - layout.createSequentialGroup().addContainerGap().addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.BASELINE).addComponent(label, - javax.swing.GroupLayout.PREFERRED_SIZE, 33, - javax.swing.GroupLayout.PREFERRED_SIZE).addComponent(password, - javax.swing.GroupLayout.PREFERRED_SIZE, - javax.swing.GroupLayout.DEFAULT_SIZE, - javax.swing.GroupLayout.PREFERRED_SIZE)).addPreferredGap( - javax.swing.LayoutStyle.ComponentPlacement.RELATED, 14, - Short.MAX_VALUE).addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.BASELINE).addComponent( - okButton).addComponent(cancelButton)).addContainerGap())); - - pack(); - } - - /** - * @param args - * the command line arguments - */ - public static void main(String args[]) { - java.awt.EventQueue.invokeLater(new Runnable() { - public void run() { - PINDialog dialog = new PINDialog(new javax.swing.JFrame(), true, - new PINSpec(1, 5, "[0-9]*", "Hansi"), 10); - dialog.setResizable(false); - dialog.addWindowListener(new java.awt.event.WindowAdapter() { - public void windowClosing(java.awt.event.WindowEvent e) { - System.exit(0); - } - }); - dialog.setVisible(true); - } - }); - } - - @Override - public void actionPerformed(ActionEvent e) { - if (e.getSource() instanceof JButton) { - JButton pressed = (JButton) e.getSource(); - if (pressed.getName().equals("okButton")) { - finished(true); - } else if (pressed.getName().equals("cancelButton")) { - finished(false); - } - } else if (e.getSource() instanceof JPasswordField) { - JPasswordField pwf = (JPasswordField) e.getSource(); - if (pwf.getName().equals("password")) { - if (password.getPassword().length >= pinSpec.getMinLength()) { - finished(true); - } - } - } - } - -} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/QuitRequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/QuitRequestHandler.java deleted file mode 100644 index 5596b7bb..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/QuitRequestHandler.java +++ /dev/null @@ -1,41 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.stal; - -import at.gv.egiz.bku.smccstal.AbstractRequestHandler; -import at.gv.egiz.bku.smccstal.SMCCSTALRequestHandler; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; - -public class QuitRequestHandler extends AbstractRequestHandler { - - @Override - public STALResponse handleRequest(STALRequest request) { - return null; - } - - @Override - public boolean requireCard() { - return false; - } - - @Override - public SMCCSTALRequestHandler newInstance() { - return this; - } - -} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTAL.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTAL.java index 26ec2aa8..6f9e72c5 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTAL.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTAL.java @@ -1,95 +1,33 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ package at.gv.egiz.bku.local.stal; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.util.Locale; +import java.util.List; +import java.util.ResourceBundle; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import javax.swing.JDialog; import at.gv.egiz.bku.gui.BKUGUIFacade; -import at.gv.egiz.bku.local.ui.TrayIconDialog; -import at.gv.egiz.bku.smccstal.AbstractRequestHandler; -import at.gv.egiz.bku.smccstal.AbstractSMCCSTAL; -import at.gv.egiz.bku.smccstal.STALMessageConsumer; -import at.gv.egiz.smcc.PINProvider; -import at.gv.egiz.smcc.util.SMCCHelper; -import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.bku.online.applet.BKUWorker; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; -public class SMCCSTAL extends AbstractSMCCSTAL implements STALMessageConsumer { - private static Log log = LogFactory.getLog(SMCCSTAL.class); +public class SMCCSTAL extends BKUWorker { - protected PINProvider pinProvider = new SwingPINProvider(); - protected SwingInsertCardDialog insertCard = new SwingInsertCardDialog(); - private boolean canceled = false; + private JDialog container; - static { - addRequestHandler(QuitRequest.class, new QuitRequestHandler()); - } - - public SMCCSTAL() { - AbstractRequestHandler.setMessageConsumer(this); - } - - /** - * - * @return if the user canceled - */ - protected boolean waitForCard() { - canceled = false; - while ((smccHelper.getResultCode() != SMCCHelper.CARD_FOUND) && (!canceled)) { - insertCard.setVisible(true); - insertCard.setAlwaysOnTop(true); - insertCard.addCanceledListener(new ActionListener() { - @Override - public void actionPerformed(ActionEvent e) { - canceled = true; - } - }); - try { - smccHelper.update(1000); - } catch (Exception ex) { - log.info(ex); - } - } - insertCard.setVisible(false); - signatureCard = smccHelper.getSignatureCard(locale); - return canceled; + public SMCCSTAL(BKUGUIFacade gui, JDialog container, + ResourceBundle errorMessageBundle) { + super(gui, errorMessageBundle); + this.container = container; + addRequestHandler(SignRequest.class, new LocalSignRequestHandler()); } @Override - public void setLocale(Locale locale) { - super.setLocale(locale); - if (pinProvider instanceof SwingPINProvider) { - ((SwingPINProvider) pinProvider).setLocale(locale); - } + public List handleRequest(List requestList) { + signatureCard = null; + List responses = super.handleRequest(requestList); + container.setVisible(false); + return responses; } - @Override - public void consumeNewSTALMessage(String captionId, String messageId) { - TrayIconDialog.getInstance().displayInfo(captionId, messageId); - } - - @Override - protected BKUGUIFacade getGUI() { - // TODO Auto-generated method stub - //FIXME - return null; - } } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTALFactory.java index 014d884a..97646d09 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTALFactory.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SMCCSTALFactory.java @@ -1,27 +1,75 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.stal; - -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.STALFactory; - -public class SMCCSTALFactory implements STALFactory { - @Override - public STAL createSTAL() { - return new SMCCSTAL(); - } -} + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import java.awt.Dimension; +import java.awt.Toolkit; +import java.util.Locale; +import java.util.ResourceBundle; + +import javax.swing.JDialog; +import javax.swing.WindowConstants; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.gui.BKUGUIFactory; +import at.gv.egiz.bku.online.applet.BKUApplet; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; + +public class SMCCSTALFactory implements STALFactory { + + private Locale locale; + private SMCCSTAL stal; + private JDialog dialog; + + @Override + public STAL createSTAL() { + if (stal == null) { + ResourceBundle resourceBundle; + if (locale != null) { + resourceBundle = ResourceBundle.getBundle( + BKUApplet.RESOURCE_BUNDLE_BASE, locale); + } else { + resourceBundle = ResourceBundle + .getBundle(BKUApplet.RESOURCE_BUNDLE_BASE); + } + dialog = new JDialog(); + BKUGUIFacade gui = BKUGUIFactory.createGUI(); + gui.init(dialog.getContentPane(), locale.toString()); + stal = new SMCCSTAL(new BKUGuiProxy(dialog, gui), dialog, resourceBundle); + dialog.setPreferredSize(new Dimension(400, 200)); + dialog.setDefaultCloseOperation(WindowConstants.HIDE_ON_CLOSE); + Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); + Dimension frameSize = dialog.getSize(); + if (frameSize.height > screenSize.height) { + frameSize.height = screenSize.height; + } + if (frameSize.width > screenSize.width) { + frameSize.width = screenSize.width; + } + dialog.setLocation((screenSize.width - frameSize.width) / 2, + (screenSize.height - frameSize.height) / 2); + dialog.pack(); + } + return stal; + } + + @Override + public void setLocale(Locale locale) { + this.locale = locale; + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingInsertCardDialog.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingInsertCardDialog.java deleted file mode 100644 index eb76f2f2..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingInsertCardDialog.java +++ /dev/null @@ -1,147 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.stal; - -import java.awt.Dimension; -import java.awt.Font; -import java.awt.Toolkit; -import java.awt.event.ActionListener; -import java.awt.event.WindowAdapter; -import java.awt.event.WindowEvent; -import java.awt.event.WindowListener; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.Locale; -import java.util.ResourceBundle; - -import javax.swing.ImageIcon; -import javax.swing.JDialog; - -import at.gv.egiz.bku.utils.StreamUtil; - -public class SwingInsertCardDialog extends JDialog { - - private javax.swing.JButton cancelButton; - private javax.swing.JLabel jLabel1; - private javax.swing.JLabel jLabel2; - private Locale locale = Locale.getDefault(); - - public SwingInsertCardDialog() { - super((java.awt.Frame) null, false); - initComponents(); - } - - public void setLocale(Locale locale) { - this.locale = locale; - } - - private void initComponents() { - ResourceBundle rb = ResourceBundle.getBundle( - "at/gv/egiz/bku/local/Userdialog", locale); - setTitle(rb.getString("Insert.Header")); - jLabel1 = new javax.swing.JLabel(); - jLabel2 = new javax.swing.JLabel(); - cancelButton = new javax.swing.JButton(); - - setDefaultCloseOperation(javax.swing.WindowConstants.DO_NOTHING_ON_CLOSE); - setName("Form"); // NOI18N - setUndecorated(true); - - jLabel1.setFont(new Font("Tahoma", Font.BOLD, 14)); - jLabel1.setText(rb.getString("Insert.Text")); // NOI18N - jLabel1.setName("text"); // NOI18N - - ByteArrayOutputStream os = new ByteArrayOutputStream(); - InputStream is = getClass().getClassLoader().getResourceAsStream( - "at/gv/egiz/bku/local/logo.png"); - try { - StreamUtil.copyStream(is, os); - jLabel2.setIcon(new ImageIcon(os.toByteArray())); // NOI18N - } catch (IOException e) { - jLabel2.setText("Chipperling image missing"); // NOI18N - } - jLabel2.setName("jLabel2"); // NOI18N - cancelButton.setText(rb.getString("Insert.Button.Cancel")); // NOI18N - cancelButton.setName("jButton1"); // NOI18N - - javax.swing.GroupLayout layout = new javax.swing.GroupLayout( - getContentPane()); - getContentPane().setLayout(layout); - layout.setHorizontalGroup(layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - layout.createSequentialGroup().addContainerGap().addComponent(jLabel2) - .addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.TRAILING).addGroup( - layout.createSequentialGroup().addGap(35, 35, 35) - .addComponent(jLabel1, - javax.swing.GroupLayout.DEFAULT_SIZE, - javax.swing.GroupLayout.DEFAULT_SIZE, - Short.MAX_VALUE)).addGroup( - layout.createSequentialGroup().addPreferredGap( - javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(cancelButton))).addGap(29, 29, 29))); - layout.setVerticalGroup(layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - javax.swing.GroupLayout.Alignment.TRAILING, - layout.createSequentialGroup().addContainerGap().addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.TRAILING).addComponent( - jLabel2).addGroup( - layout.createSequentialGroup().addComponent(jLabel1, - javax.swing.GroupLayout.DEFAULT_SIZE, 53, Short.MAX_VALUE) - .addGap(35, 35, 35).addComponent(cancelButton).addGap(9, 9, - 9))).addContainerGap())); - - Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); - Dimension frameSize = getSize(); - if (frameSize.height > screenSize.height) { - frameSize.height = screenSize.height; - } - if (frameSize.width > screenSize.width) { - frameSize.width = screenSize.width; - } - setLocation((screenSize.width - frameSize.width) / 2, - (screenSize.height - frameSize.height) / 2); - setUndecorated(false); - pack(); - } - - public void addCanceledListener(ActionListener al) { - cancelButton.addActionListener(al); - } - - /** - * @param args - * the command line arguments - */ - public static void main(String args[]) { - java.awt.EventQueue.invokeLater(new Runnable() { - public void run() { - SwingInsertCardDialog dialog = new SwingInsertCardDialog(); - dialog.addWindowListener(new java.awt.event.WindowAdapter() { - public void windowClosing(java.awt.event.WindowEvent e) { - System.exit(0); - } - }); - // - } - }); - } - -} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPINProvider.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPINProvider.java deleted file mode 100644 index 7d36e68e..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPINProvider.java +++ /dev/null @@ -1,57 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.stal; - -import java.util.Locale; - -import at.gv.egiz.smcc.PINProvider; -import at.gv.egiz.smcc.PINSpec; - -public class SwingPINProvider implements PINProvider { - - private Locale locale = Locale.getDefault(); - SwingPinDialog dialog; - - public SwingPINProvider() { - this.locale = Locale.getDefault(); - - } - - public Locale getLocale() { - return locale; - } - - public void setLocale(Locale locale) { - this.locale = locale; - } - - @Override - public String providePIN(PINSpec pinSpec, int retries) { - dialog = new SwingPinDialog(null, false); - dialog.setResizable(false); - dialog.setRetries(retries); - dialog.setPinSpec(pinSpec); - dialog.initComponents(); - dialog.setVisible(true); - dialog.requestFocus(); - dialog.setAlwaysOnTop(true); - dialog.waitFinished(); - dialog.dispose(); - return dialog.getPIN(); - } - -} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPinDialog.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPinDialog.java deleted file mode 100644 index 3e91972c..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/SwingPinDialog.java +++ /dev/null @@ -1,265 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.stal; - -import java.awt.Dimension; -import java.awt.Font; -import java.awt.Toolkit; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.io.ByteArrayOutputStream; -import java.io.InputStream; -import java.text.MessageFormat; -import java.util.Locale; -import java.util.ResourceBundle; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import javax.swing.ImageIcon; -import javax.swing.JButton; -import javax.swing.JPasswordField; -import javax.swing.text.AttributeSet; -import javax.swing.text.BadLocationException; -import javax.swing.text.PlainDocument; - -import at.gv.egiz.bku.utils.StreamUtil; -import at.gv.egiz.smcc.PINSpec; - -public class SwingPinDialog extends javax.swing.JDialog implements - ActionListener { - - private javax.swing.JButton okButton; - private javax.swing.JButton cancelButton; - private javax.swing.JLabel jLabel1; - private javax.swing.JLabel jLabel2; - private javax.swing.JPasswordField password; - - private PINSpec pinSpec; - private String pinString; - private boolean finished = false; - private int retries = -1; - private Locale locale = Locale.getDefault(); - private boolean setUp = false; - - class PinDocument extends PlainDocument { - private Pattern pattern; - - public PinDocument() { - if ((pinSpec != null) && (pinSpec.getRexepPattern() != null)) { - pattern = Pattern.compile(pinSpec.getRexepPattern()); - } else { - pattern = Pattern.compile("."); - } - } - - public void insertString(int offs, String str, AttributeSet a) - throws BadLocationException { - if (pinSpec.getMaxLength() >= (getLength() + str.length())) { - Matcher matcher = pattern.matcher(str); - if (matcher.matches()) { - super.insertString(offs, str, a); - } - } - okButton.setEnabled(getLength() >= pinSpec.getMinLength()); - } - - @Override - public void remove(int offs, int len) throws BadLocationException { - super.remove(offs, len); - okButton.setEnabled(getLength() >= pinSpec.getMinLength()); - } - } - - /** - * Make sure to call initComponents - * - * @param parent - * @param modal - */ - public SwingPinDialog(java.awt.Frame parent, boolean modal) { - super(parent, modal); - } - - public void setLocale(Locale locale) { - this.locale = locale; - } - - public void setPinSpec(PINSpec pinSpec) { - this.pinSpec = pinSpec; - } - - public void setRetries(int retries) { - this.retries = retries; - } - - public void initComponents() { - ResourceBundle rb = ResourceBundle.getBundle( - "at/gv/egiz/bku/local/Userdialog", locale); - okButton = new javax.swing.JButton(); - cancelButton = new javax.swing.JButton(); - password = new javax.swing.JPasswordField(); - jLabel1 = new javax.swing.JLabel(); - jLabel2 = new javax.swing.JLabel(); - - setTitle(rb.getString("Pin.Header")); - setName("Form"); - setDefaultCloseOperation(javax.swing.WindowConstants.DO_NOTHING_ON_CLOSE); - - okButton.setText(rb.getString("Pin.Button.OK")); - okButton.setName("okButton"); - okButton.setEnabled(false); - okButton.addActionListener(this); - - cancelButton.setText(rb.getString("Pin.Button.Cancel")); - cancelButton.setName("cancelButton"); - cancelButton.addActionListener(this); - - password.setText(""); - password.setDocument(new PinDocument()); - password.setName("password"); - password.addActionListener(this); - password.setDocument(new PinDocument()); - password.setRequestFocusEnabled(true); - password.requestFocus(); - - jLabel1.setFont(new Font("Tahoma", Font.BOLD, 14)); - String text = null; - Object[] args; - if (retries > 0) { - text = rb.getString("Pin.Text.Retries"); - args = new Object[2]; - args[0] = pinSpec.getLocalizedName(); - args[1] = new Integer(retries); - } else { - text = rb.getString("Pin.Text.NoRetries"); - args = new Object[1]; - args[0] = pinSpec.getLocalizedName(); - } - text = MessageFormat.format(text, args); - jLabel1.setText(text); // NOI18N - jLabel1.setName("jLabel1"); // NOI18N - - ByteArrayOutputStream os = new ByteArrayOutputStream(); - InputStream is = getClass().getClassLoader().getResourceAsStream( - "at/gv/egiz/bku/local/logo.png"); - try { - StreamUtil.copyStream(is, os); - jLabel2.setIcon(new ImageIcon(os.toByteArray())); // NOI18N - } catch (Exception e) { - jLabel2.setText("Chipperling image missing"); // NOI18N - } - jLabel2.setName("jLabel2"); // NOI18N - - javax.swing.GroupLayout layout = new javax.swing.GroupLayout( - getContentPane()); - getContentPane().setLayout(layout); - layout.setHorizontalGroup(layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - layout.createSequentialGroup().addContainerGap().addComponent(jLabel2) - .addGap(73, 73, 73).addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addComponent( - jLabel1).addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.TRAILING, false) - .addComponent(password, - javax.swing.GroupLayout.Alignment.LEADING) - .addGroup( - javax.swing.GroupLayout.Alignment.LEADING, - layout.createSequentialGroup().addComponent( - cancelButton).addGap(18, 18, 18).addComponent( - okButton)))).addContainerGap(31, - Short.MAX_VALUE))); - layout.setVerticalGroup(layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING).addGroup( - layout.createSequentialGroup().addContainerGap().addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel2).addGroup( - layout.createSequentialGroup().addPreferredGap( - javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(jLabel1, - javax.swing.GroupLayout.PREFERRED_SIZE, 33, - javax.swing.GroupLayout.PREFERRED_SIZE).addGap(18, - 18, 18).addComponent(password, - javax.swing.GroupLayout.PREFERRED_SIZE, - javax.swing.GroupLayout.DEFAULT_SIZE, - javax.swing.GroupLayout.PREFERRED_SIZE).addGap(20, - 20, 20).addGroup( - layout.createParallelGroup( - javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(cancelButton).addComponent( - okButton)))).addGap(36, 36, 36))); - Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); - Dimension frameSize = getSize(); - if (frameSize.height > screenSize.height) { - frameSize.height = screenSize.height; - } - if (frameSize.width > screenSize.width) { - frameSize.width = screenSize.width; - } - setLocation((screenSize.width - frameSize.width) / 2, - (screenSize.height - frameSize.height) / 2); - setUndecorated(false); - pack(); - } - - public String getPIN() { - return pinString; - } - - private synchronized void finished(boolean ok) { - if (ok) { - pinString = password.getText(); - } else { - pinString = null; - } - finished = true; - notifyAll(); - } - - public synchronized void waitFinished() { - while (!finished) { - try { - wait(); - } catch (InterruptedException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - } - - @Override - public void actionPerformed(ActionEvent e) { - if (e.getSource() instanceof JButton) { - JButton pressed = (JButton) e.getSource(); - if (pressed.getName().equals("okButton")) { - finished(true); - } else if (pressed.getName().equals("cancelButton")) { - finished(false); - } - } else if (e.getSource() instanceof JPasswordField) { - JPasswordField pwf = (JPasswordField) e.getSource(); - if (pwf.getName().equals("password")) { - if (password.getPassword().length >= pinSpec.getMinLength()) { - finished(true); - } - } - } - } - -} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index 28c714c1..b70a6274 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -123,6 +123,7 @@ public class ResultServlet extends SpringBKUServlet { resp.setContentType(bp.getResultContentType()); resp.setCharacterEncoding(encoding); bp.writeResultTo(resp.getOutputStream(), encoding); + resp.getOutputStream().flush(); session.invalidate(); getBindingProcessorManager().removeBindingProcessor(bp.getId()); } diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java index 38c568ab..8e61230c 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java @@ -21,6 +21,8 @@ package at.gv.egiz.stal.service.impl; +import java.util.Locale; + import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.STALFactory; @@ -35,4 +37,7 @@ public class RequestBrokerSTALFactory implements STALFactory { return new STALRequestBrokerImpl(); } + @Override + public void setLocale(Locale locale) { + } } diff --git a/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java b/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java index 38c64262..4708d6e7 100644 --- a/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java +++ b/BKUViewer/src/test/java/at/gv/egiz/bku/slxhtml/ValidatorTest.java @@ -16,19 +16,20 @@ */ package at.gv.egiz.bku.slxhtml; -import static org.junit.Assert.*; +import static org.junit.Assert.assertNotNull; import java.io.InputStream; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.junit.Ignore; import org.junit.Test; import at.gv.egiz.bku.viewer.ValidationException; import at.gv.egiz.bku.viewer.Validator; import at.gv.egiz.bku.viewer.ValidatorFactory; - +@Ignore public class ValidatorTest { private static Log log = LogFactory.getLog(ValidatorTest.class); diff --git a/STAL/src/main/java/at/gv/egiz/stal/STALFactory.java b/STAL/src/main/java/at/gv/egiz/stal/STALFactory.java index e7b3edd1..f9cf00c6 100644 --- a/STAL/src/main/java/at/gv/egiz/stal/STALFactory.java +++ b/STAL/src/main/java/at/gv/egiz/stal/STALFactory.java @@ -15,8 +15,10 @@ * limitations under the License. */ package at.gv.egiz.stal; + +import java.util.Locale; public interface STALFactory { - - public STAL createSTAL(); + public STAL createSTAL(); + public void setLocale(Locale locale); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 0082de26..22ee0d1d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -187,6 +187,7 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { } BindingProcessor bindingProcessor = new HTTPBindingProcessor(aSessionId, commandInvokerClass.newInstance(), url); + stalFactory.setLocale(locale); STAL stal = stalFactory.createSTAL(); bindingProcessor.init(stal, commandInvokerClass.newInstance()); if (locale != null) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index bb0314b5..775f4136 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -36,6 +36,8 @@ import javax.net.ssl.HttpsURLConnection; import org.apache.commons.httpclient.methods.multipart.FilePart; import org.apache.commons.httpclient.methods.multipart.Part; import org.apache.commons.httpclient.methods.multipart.StringPart; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.multipart.InputStreamPartSource; import at.gv.egiz.bku.binding.multipart.SLResultPart; @@ -49,6 +51,8 @@ import at.gv.egiz.bku.utils.binding.Protocol; * */ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { + + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; @@ -80,10 +84,6 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); - - // FIXXME move this to config. - HttpURLConnection.setFollowRedirects(false); - connection.setDoOutput(true); Set headers = requestHttpHeaders.keySet(); Iterator headerIt = headers.iterator(); @@ -146,10 +146,14 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { Part[] parts = new Part[formParams.size()]; Part.sendParts(os, formParams.toArray(parts), boundary.getBytes()); os.close(); - // MultipartRequestEntity PostMethod - result = new DataUrlResponse(url.toString(), connection.getResponseCode(), - connection.getInputStream()); - + // MultipartRequestEntity PostMethod + InputStream is = null; + try { + is = connection.getInputStream(); + } catch (IOException iox) { + log.info(iox); + } + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); Map responseHttpHeaders = new HashMap(); Map> httpHeaders = connection.getHeaderFields(); for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java index 2330ed3f..8baa0137 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java @@ -463,6 +463,31 @@ public class Signature { log.trace("Reference caching is not enabled."); } } + for (Reference reference : getReferences()) { + if (reference.getType() != null) { + InputStream digestInputStream = reference.getDigestInputStream(); + if (digestInputStream != null) { + StringBuilder sb = new StringBuilder(); + sb.append("DigestInput for Reference with id='"); + sb.append(reference.getId()); + sb.append("'; Type:"); + sb.append(reference.getType()); + sb.append("):\n"); + try { + byte[] b = new byte[512]; + for (int l; (l = digestInputStream.read(b)) != -1;) { + sb.append(new String(b, 0, l)); + } + } catch (IOException e) { + log.error(e); + } + log.trace(sb.toString()); + } else { + log.trace("Reference caching is not enabled."); + } + + } + } } } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/DummyStalFactory.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/DummyStalFactory.java index 45dcdc3a..f832f364 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/DummyStalFactory.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/DummyStalFactory.java @@ -16,6 +16,8 @@ */ package at.gv.egiz.bku.binding; +import java.util.Locale; + import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.STALFactory; @@ -25,6 +27,12 @@ public class DummyStalFactory implements STALFactory { public STAL createSTAL() { // TODO Auto-generated method stub return new at.gv.egiz.stal.dummy.DummySTAL(); + } + + @Override + public void setLocale(Locale locale) { + // TODO Auto-generated method stub + } } -- cgit v1.2.3 From fd1db02bdc9fbd2a5beca0cc2b214c1adbcc1a7a Mon Sep 17 00:00:00 2001 From: clemenso Date: Mon, 15 Sep 2008 18:01:32 +0000 Subject: encoding git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@39 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- bkucommon/pom.xml | 4 +- .../src/main/java/at/gv/egiz/bku/binding/Id.java | 24 ++-- .../main/java/at/gv/egiz/bku/binding/IdImpl.java | 129 +++++++++++---------- .../bku/slcommands/impl/HashDataInputImpl.java | 11 +- 4 files changed, 92 insertions(+), 76 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/pom.xml b/bkucommon/pom.xml index 2db0cc84..40b73e48 100644 --- a/bkucommon/pom.xml +++ b/bkucommon/pom.xml @@ -69,10 +69,10 @@ true + skip tests temporarily org.apache.maven.plugins maven-surefire-plugin - true + true \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java index 93ab2e8b..fc7c35c3 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/Id.java @@ -14,14 +14,18 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -/** - * The unique identifier for a BindingProcessor - * @author wbauer - * - */ -public interface Id { - - public String toString(); +package at.gv.egiz.bku.binding; + +/** + * The unique identifier for a BindingProcessor + * @author wbauer + * + */ +public interface Id { + + @Override + public String toString(); + + @Override + public boolean equals(Object id); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java index 5523992a..c8a76823 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/IdImpl.java @@ -14,67 +14,70 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -import iaik.utils.Base64OutputStream; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.security.SecureRandom; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * Implementation that uses a Base64 representation for self generated Ids. - * @author wbauer - * - */ -public class IdImpl implements at.gv.egiz.bku.binding.Id { - private static Log log = LogFactory.getLog(IdImpl.class); - - private String idString; - - public IdImpl(int bitNumber, SecureRandom random) { - int byteSize = bitNumber/8; - if (bitNumber % 8 != 0) { - byteSize++; - } - byte[] randomBytes = new byte[byteSize]; - random.nextBytes(randomBytes); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - Base64OutputStream b64 = new Base64OutputStream(baos); - try { - b64.write(randomBytes); - b64.flush(); - b64.close(); - idString = new String(baos.toByteArray()); - } catch (IOException e) { - log.error("Cannot create secure id: "+e); - } - } - - public IdImpl(String idString) { - if (idString == null) { - throw new NullPointerException("Provided idstring must not be null"); - } - this.idString = idString; - } - - public String toString() { - return idString; - } - - public int hashCode() { - return idString.hashCode(); - } - - public boolean equals(Object other) { - if (other instanceof Id) { - Id otherId = (Id)other; - return otherId.toString().equals(idString); - } else { - return false; - } - } +package at.gv.egiz.bku.binding; + +import iaik.utils.Base64OutputStream; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.security.SecureRandom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Implementation that uses a Base64 representation for self generated Ids. + * @author wbauer + * + */ +public class IdImpl implements at.gv.egiz.bku.binding.Id { + private static Log log = LogFactory.getLog(IdImpl.class); + + private String idString; + + public IdImpl(int bitNumber, SecureRandom random) { + int byteSize = bitNumber/8; + if (bitNumber % 8 != 0) { + byteSize++; + } + byte[] randomBytes = new byte[byteSize]; + random.nextBytes(randomBytes); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + Base64OutputStream b64 = new Base64OutputStream(baos); + try { + b64.write(randomBytes); + b64.flush(); + b64.close(); + idString = new String(baos.toByteArray()); + } catch (IOException e) { + log.error("Cannot create secure id: "+e); + } + } + + public IdImpl(String idString) { + if (idString == null) { + throw new NullPointerException("Provided idstring must not be null"); + } + this.idString = idString; + } + + @Override + public String toString() { + return idString; + } + + @Override + public int hashCode() { + return idString.hashCode(); + } + + @Override + public boolean equals(Object other) { + if (other instanceof Id) { + Id otherId = (Id)other; + return otherId.toString().equals(idString); + } else { + return false; + } + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java index 49d3c63f..d6999404 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java @@ -4,6 +4,7 @@ */ package at.gv.egiz.bku.slcommands.impl; +import at.gv.egiz.bku.binding.HttpUtil; import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; import at.gv.egiz.stal.HashDataInput; import java.io.InputStream; @@ -16,11 +17,14 @@ public class HashDataInputImpl implements HashDataInput { String refId; String mimeType; + String encoding; InputStream hashDataInput; public HashDataInputImpl(DataObject dataObject) { refId = dataObject.getReference().getId(); - mimeType = dataObject.getMimeType(); + String contentType = dataObject.getMimeType(); + mimeType = contentType.split(";")[0].trim(); + encoding = HttpUtil.getCharset(dataObject.getMimeType(), false); hashDataInput = dataObject.getReference().getDigestInputStream(); } @@ -39,4 +43,9 @@ public class HashDataInputImpl implements HashDataInput { return hashDataInput; } + @Override + public String getEncoding() { + return encoding; + } + } -- cgit v1.2.3 From f72d5842828ec072813eb30051d24f7cc8613606 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 17 Sep 2008 17:18:14 +0000 Subject: hashdatainput digest verification git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@45 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../slcommands/impl/DataObjectHashDataInput.java | 50 +++++++++++++++++++++ .../bku/slcommands/impl/HashDataInputImpl.java | 51 ---------------------- .../bku/slcommands/impl/xsect/STALSignature.java | 4 +- 3 files changed, 52 insertions(+), 53 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java new file mode 100644 index 00000000..71b62911 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java @@ -0,0 +1,50 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package at.gv.egiz.bku.slcommands.impl; + +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; +import at.gv.egiz.stal.HashDataInput; +import java.io.InputStream; + +/** + * + * @author clemens + */ +public class DataObjectHashDataInput implements HashDataInput { + + protected DataObject dataObject; + + public DataObjectHashDataInput(DataObject dataObject) { + if (dataObject.getReference() == null) + throw new NullPointerException("DataObject reference must not be null"); + this.dataObject = dataObject; + } + + @Override + public String getReferenceId() { + return dataObject.getReference().getId(); + } + + @Override + public String getMimeType() { + return dataObject.getMimeType(); + } + + /** + * + * @return the pre-digested input stream if reference caching is enabled, null otherwise + */ + @Override + public InputStream getHashDataInput() { + return dataObject.getReference().getDigestInputStream(); + } + + @Override + public String getEncoding() { + return HttpUtil.getCharset(dataObject.getMimeType(), false); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java deleted file mode 100644 index d6999404..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/HashDataInputImpl.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * To change this template, choose Tools | Templates - * and open the template in the editor. - */ -package at.gv.egiz.bku.slcommands.impl; - -import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; -import at.gv.egiz.stal.HashDataInput; -import java.io.InputStream; - -/** - * - * @author clemens - */ -public class HashDataInputImpl implements HashDataInput { - - String refId; - String mimeType; - String encoding; - InputStream hashDataInput; - - public HashDataInputImpl(DataObject dataObject) { - refId = dataObject.getReference().getId(); - String contentType = dataObject.getMimeType(); - mimeType = contentType.split(";")[0].trim(); - encoding = HttpUtil.getCharset(dataObject.getMimeType(), false); - hashDataInput = dataObject.getReference().getDigestInputStream(); - } - - @Override - public String getReferenceId() { - return refId; - } - - @Override - public String getMimeType() { - return mimeType; - } - - @Override - public InputStream getHashDataInput() { - return hashDataInput; - } - - @Override - public String getEncoding() { - return encoding; - } - -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java index 2d89c8ae..dd7c7d8a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/STALSignature.java @@ -16,7 +16,7 @@ */ package at.gv.egiz.bku.slcommands.impl.xsect; -import at.gv.egiz.bku.slcommands.impl.HashDataInputImpl; +import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput; import at.gv.egiz.bku.slexceptions.SLViewerException; import java.io.ByteArrayOutputStream; @@ -131,7 +131,7 @@ public class STALSignature extends SignatureSpi { } catch (SLViewerException e) { throw new STALSignatureException(e); } - hashDataInputs.add(new HashDataInputImpl(dataObject)); + hashDataInputs.add(new DataObjectHashDataInput(dataObject)); } SignRequest signRequest = new SignRequest(); -- cgit v1.2.3 From a20fb683943ce0893302b6dc25015c998cd9687f Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 18 Sep 2008 09:25:55 +0000 Subject: hashdatainput cached git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@46 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/gui/BKUGUI.java | 6 +++-- .../bku/local/stal/LocalSignRequestHandler.java | 28 ++++++++++++++++------ .../src/main/resources/commons-logging.properties | 16 +++++++++++++ BKULocal/src/main/resources/log4j.properties | 2 +- .../slcommands/impl/DataObjectHashDataInput.java | 6 +++-- 5 files changed, 46 insertions(+), 12 deletions(-) create mode 100644 BKULocal/src/main/resources/commons-logging.properties (limited to 'bkucommon/src/main') diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUI.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUI.java index 5fb67982..be4aeded 100644 --- a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUI.java +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUI.java @@ -871,8 +871,10 @@ public class BKUGUI implements BKUGUIFacade { .addComponent(waitMsgLabel) .addContainerGap()); //, GroupLayout.DEFAULT_SIZE, GroupLayout.PREFERRED_SIZE, Short.MAX_VALUE)); mainPanelLayout.setVerticalGroup( - mainPanelLayout.createParallelGroup(GroupLayout.Alignment.LEADING) - .addComponent(waitMsgLabel)); + mainPanelLayout.createSequentialGroup() +// mainPanelLayout.createParallelGroup(GroupLayout.Alignment.LEADING) + .addComponent(waitMsgLabel) + .addContainerGap()); contentPanel.validate(); } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java index a288a716..ca420f13 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.local.stal; +import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -68,14 +69,27 @@ public class LocalSignRequestHandler extends SignRequestHandler { if (dsigRefId != null) { for (HashDataInput hdi : hashDataInput) { if (hdi.getReferenceId().equals(dsigRefId)) { - InputStream hdIs = hdi.getHashDataInput(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(hdIs.available()); - int b; - while ((b = hdIs.read()) != -1) { - baos.write(b); + if (hdi instanceof DataObjectHashDataInput) { + if (log.isTraceEnabled()) + log.trace("adding DataObjectHashDataInput"); + result.add(hdi); + } else if (hdi instanceof ByteArrayHashDataInput) { + if (log.isTraceEnabled()) + log.trace("adding ByteArrayHashDataInput"); + result.add(hdi); + } else { + if (log.isDebugEnabled()) + log.debug("provided HashDataInput not chaching enabled, creating ByteArrayHashDataInput"); + + InputStream hdIs = hdi.getHashDataInput(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(hdIs.available()); + int b; + while ((b = hdIs.read()) != -1) { + baos.write(b); + } + ByteArrayHashDataInput baHdi = new ByteArrayHashDataInput(baos.toByteArray(), hdi.getReferenceId(), hdi.getMimeType(), hdi.getEncoding()); + result.add(baHdi); } - ByteArrayHashDataInput baHdi = new ByteArrayHashDataInput(baos.toByteArray(), hdi.getReferenceId(), hdi.getMimeType(), hdi.getEncoding()); - result.add(baHdi); } } } else { diff --git a/BKULocal/src/main/resources/commons-logging.properties b/BKULocal/src/main/resources/commons-logging.properties new file mode 100644 index 00000000..0d497b1b --- /dev/null +++ b/BKULocal/src/main/resources/commons-logging.properties @@ -0,0 +1,16 @@ +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JLogger diff --git a/BKULocal/src/main/resources/log4j.properties b/BKULocal/src/main/resources/log4j.properties index 49d763f8..3a730bac 100644 --- a/BKULocal/src/main/resources/log4j.properties +++ b/BKULocal/src/main/resources/log4j.properties @@ -14,7 +14,7 @@ # limitations under the License. # loglever DEBUG, appender STDOUT -log4j.rootLogger=TRACE, STDOUT, file +log4j.rootLogger=DEBUG, STDOUT, file # STDOUT appender log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java index 71b62911..0386bdd6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java @@ -10,7 +10,9 @@ import at.gv.egiz.stal.HashDataInput; import java.io.InputStream; /** - * + * DataObject-backed HashDataInput + * If reference caching is enabled, + * the hashdata input stream can be obtained repeatedly. * @author clemens */ public class DataObjectHashDataInput implements HashDataInput { @@ -34,7 +36,7 @@ public class DataObjectHashDataInput implements HashDataInput { } /** - * + * may be called repeatedly * @return the pre-digested input stream if reference caching is enabled, null otherwise */ @Override -- cgit v1.2.3 From 40e57f6c9101ddcc00422d95086d6a485c3ceda2 Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 18 Sep 2008 15:52:02 +0000 Subject: mimetype git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@52 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java index 0386bdd6..1a9b56fb 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/DataObjectHashDataInput.java @@ -32,7 +32,8 @@ public class DataObjectHashDataInput implements HashDataInput { @Override public String getMimeType() { - return dataObject.getMimeType(); + String contentType = dataObject.getMimeType(); + return contentType.split(";")[0].trim(); } /** -- cgit v1.2.3 From 9ca314eced8a73f58282684597468f98621ac502 Mon Sep 17 00:00:00 2001 From: wbauer Date: Fri, 19 Sep 2008 12:17:47 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@53 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/local/conf/SpringConfigurator.java | 73 ++++++++++++---------- .../gv/egiz/bku/local/conf/defaultConf.properties | 6 ++ .../egiz/bku/online/conf/SpringConfigurator.java | 17 +++++ .../gv/egiz/bku/online/conf/defaultConf.properties | 3 + .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 3 +- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 7 ++- 6 files changed, 72 insertions(+), 37 deletions(-) (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java index 3aeb1745..9326d904 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java @@ -42,11 +42,16 @@ import java.util.List; import java.util.Properties; import java.util.Set; +import javax.naming.ldap.LdapContext; +import javax.naming.ldap.LdapReferralException; import javax.net.ssl.CertPathTrustManagerParameters; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; import javax.net.ssl.ManagerFactoryParameters; import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; @@ -118,7 +123,14 @@ public class SpringConfigurator extends Configurator implements } public void configureNetwork() { - + String proxy = getProperty("HTTPProxyHost"); + String portString = getProperty("HTTPProxyPort"); + if ((proxy == null) || (proxy.equals(""))) { + log.info("No proxy configured"); + } else { + System.setProperty("proxyHost", proxy); + System.setProperty("proxyPort", portString); + } } private Set getCACerts() throws IOException, @@ -258,13 +270,33 @@ public class SpringConfigurator extends Configurator implements KeyManager[] km = null; SSLContext sslCtx = SSLContext .getInstance(getProperty("SSL.sslProtocol")); - sslCtx.init(km, trustFab.getTrustManagers(), null); - // sslCtx.init(km, new TrustManager[] { new MyTrustManager(caCerts, - // certStoreList) }, null); + String disableAll = getProperty("SSL.disableAllChecks"); + if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { + log.warn("--------------------------------------"); + log.warn(" Disabling SSL Certificate Validation "); + log.warn("--------------------------------------"); + + sslCtx.init(km, new TrustManager[] { new MyTrustManager(caCerts, + certStoreList) }, null); + } else { + sslCtx.init(km, trustFab.getTrustManagers(), null); + } HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); } catch (Exception e) { log.error("Cannot configure SSL", e); } + String disableAll = getProperty("SSL.disableAllChecks"); + if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { + log.warn("---------------------------------"); + log.warn(" Disabling Hostname Verification "); + log.warn("---------------------------------"); + HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { + @Override + public boolean verify(String hostname, SSLSession session) { + return true; + } + }); + } } @Override @@ -275,20 +307,15 @@ public class SpringConfigurator extends Configurator implements class MyTrustManager implements X509TrustManager { private static Log log = LogFactory.getLog(MyTrustManager.class); - private Set caCerts; - private List certStoreList; private X509Certificate[] trustedCerts; public MyTrustManager(Set caCerts, List cs) { - this.caCerts = caCerts; - this.certStoreList = cs; trustedCerts = new X509Certificate[caCerts.size()]; int i = 0; for (Iterator it = caCerts.iterator(); it.hasNext();) { TrustAnchor ta = it.next(); trustedCerts[i++] = ta.getTrustedCert(); } - } @Override @@ -301,31 +328,9 @@ class MyTrustManager implements X509TrustManager { @Override public void checkServerTrusted(X509Certificate[] certs, String arg1) throws CertificateException { - try { - log.debug("Checking server certificate: " + certs[0].getSubjectDN()); - CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX"); - X509CertSelector selector = new X509CertSelector(); - selector.setCertificate(certs[0]); - PKIXBuilderParameters pkixParams; - pkixParams = new PKIXBuilderParameters(caCerts, selector); - pkixParams.setRevocationEnabled(true); // FIXME - for (CertStore cs : certStoreList) { - pkixParams.addCertStore(cs); - } - PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) pathBuilder - .build(pkixParams); - if (log.isTraceEnabled()) { - StringBuffer sb = new StringBuffer(); - for (Certificate cert : result.getCertPath().getCertificates()) { - sb.append(((X509Certificate) cert).getSubjectDN()); - sb.append("->"); - } - sb.append("End"); - log.trace(sb); - } - } catch (Exception e) { - throw new CertificateException(e); - } + log.warn("-------------------------------------"); + log.warn("SSL Certificate Validation Disabled !"); + log.warn("-------------------------------------"); } @Override diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties index 93796a7e..31f55ed0 100644 --- a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties @@ -45,9 +45,15 @@ SSL.cache.lifetime=3600 # use authority info access extension to find ca certs. SSL.useAIA=true +# Don't set to true in production environments +# Attention flag only used for debugging +SSL.disableAllChecks=false # ------------ END SSL Config -------------------- ValidateHashDataInputs=true +#HTTPProxyHost=localhost +#HTTPProxyPort=8888 + diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index 9fe91708..54dbfdea 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -70,6 +70,8 @@ public class SpringConfigurator extends Configurator implements } catch (IOException e) { log.error("Cannot load config", e); } + } else { + log.warn("Cannot load properties, resource: "+resource); } } @@ -91,8 +93,23 @@ public class SpringConfigurator extends Configurator implements super.configure(); configureSSL(); configureVersion(); + configureNetwork(); } + public void configureNetwork() { + String proxyHost = getProperty("HTTPProxyHost"); + String proxyPort = getProperty("HTTPProxyPort"); + if (proxyPort == null) { + proxyPort = "80"; + } + if (proxyHost != null) { + log.debug("Setting proxy server to: "+proxyHost+":"+proxyPort); + System.setProperty("http.proxyHost", proxyHost); + System.setProperty("http.proxyPort", proxyPort); + } + log.debug("No proxy specified"); + } + private Set getCACerts() throws IOException, CertificateException { Set caCerts = new HashSet(); diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties index cdc2bfad..42b0d93e 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -41,3 +41,6 @@ SSL.sslProtocol=TLS ValidateHashDataInputs=true + +HTTPProxyHost=taranis.iaik.tugraz.at +HTTPProxyPort=8888 diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index a8477ece..d462ac60 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -52,7 +52,8 @@ public class DataUrl { } public DataUrlConnection openConnection() { - try { + try { + log.debug("Opening dataurl connection"); DataUrlConnectionSPI retVal = defaultDataUrlConnection.newInstance(); retVal.init(url); return retVal; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 775f4136..6ad0bb78 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -91,11 +91,13 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { String name = headerIt.next(); connection.setRequestProperty(name, requestHttpHeaders.get(name)); } + log.trace("Connecting to: "+url); connection.connect(); if (connection instanceof HttpsURLConnection) { HttpsURLConnection ssl = (HttpsURLConnection) connection; X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); if ((certs != null) && (certs.length >= 1)) { + log.trace("Server certificate: "+certs[0]); serverCertificate = certs[0]; } } @@ -142,7 +144,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { formParams.add(slResultPart); OutputStream os = connection.getOutputStream(); - + log.trace("Sending data"); Part[] parts = new Part[formParams.size()]; Part.sendParts(os, formParams.toArray(parts), boundary.getBytes()); os.close(); @@ -152,7 +154,8 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { is = connection.getInputStream(); } catch (IOException iox) { log.info(iox); - } + } + log.trace("Reading response"); result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); Map responseHttpHeaders = new HashMap(); Map> httpHeaders = connection.getHeaderFields(); -- cgit v1.2.3 From 2a0fd44a7999dbcc6ee80fed4e39d3aab66d94ce Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 24 Sep 2008 07:48:54 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@60 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../bku/binding/BindingProcessorManagerImpl.java | 529 +++++++++++---------- 1 file changed, 273 insertions(+), 256 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 22ee0d1d..11f5a160 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -1,270 +1,287 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.binding; - + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.binding; + import java.net.MalformedURLException; import java.net.URL; -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Locale; -import java.util.Map; -import java.util.Set; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; -import java.util.concurrent.Future; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slcommands.SLCommandInvoker; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.bku.utils.binding.Protocol; -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.STALFactory; - -/** - * This class maintains all active BindingProcessor Objects. Currently, only - * HTTPBinding is supported. - */ -public class BindingProcessorManagerImpl implements BindingProcessorManager { - - public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, - Protocol.HTTPS }; - - private static Log log = LogFactory.getLog(BindingProcessorManagerImpl.class); - - private RemovalStrategy removalStrategy; - private STALFactory stalFactory; - private SLCommandInvoker commandInvokerClass; - private ExecutorService executorService; - private Map bindingProcessorMap = Collections - .synchronizedMap(new HashMap()); - - /** - * Container to hold a Future and Bindingprocessor object as map value. - * @author wbauer - * @see BindingProcessorManagerImpl#bindingProcessorMap - */ - static class MapEntityWrapper { - private Future future; - private BindingProcessor bindingProcessor; - - public MapEntityWrapper(Future future, BindingProcessor bindingProcessor) { - if ((bindingProcessor == null) || (future == null)) { - throw new NullPointerException("Argument must not be null"); - } - this.bindingProcessor = bindingProcessor; - this.future = future; - } - - public Future getFuture() { - return future; - } - - public BindingProcessor getBindingProcessor() { - return bindingProcessor; - } - - public int hashCode() { - return bindingProcessor.getId().hashCode(); - } - - public boolean equals(Object other) { - if (other instanceof MapEntityWrapper) { - MapEntityWrapper o = (MapEntityWrapper) other; - return (o.bindingProcessor.getId().equals(bindingProcessor.getId())); - } else { - return false; - } - } - } - - /** - * - * @param fab - * must not be null - * @param ci - * must not be null (prototype to generate new instances) - */ - public BindingProcessorManagerImpl(STALFactory fab, SLCommandInvoker ci) { - if (fab == null) { - throw new NullPointerException("STALFactory must not be null"); - } - stalFactory = fab; - if (ci == null) { - throw new NullPointerException("SLCommandInvoker must not be null"); - } - commandInvokerClass = ci; - executorService = Executors.newCachedThreadPool(); - } - - /** - * - * @return the STALFactory currently used. - */ - public STALFactory getStalFactory() { - return stalFactory; - } - - /** - * Sets the STALFactory to be used. - * @param stalFactory - */ - public void setStalFactory(STALFactory stalFactory) { - this.stalFactory = stalFactory; - } - - /** - * Could be used to setup a new executor service during application stratup. - * @param executorService - */ - public void setExecutorService(ExecutorService executorService) { - this.executorService = executorService; - } - - public void setRemovalStrategy(RemovalStrategy aStrategy) { - removalStrategy = aStrategy; - } - - public RemovalStrategy getRemovlaStrategy() { - return removalStrategy; - } - - public void shutdown() { - log.info("Shutting down the BindingProcessorManager"); - executorService.shutdown(); +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Locale; +import java.util.Map; +import java.util.Set; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.Future; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.binding.Protocol; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; + +/** + * This class maintains all active BindingProcessor Objects. Currently, only + * HTTPBinding is supported. + */ +public class BindingProcessorManagerImpl implements BindingProcessorManager { + + public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, + Protocol.HTTPS }; + + private static Log log = LogFactory.getLog(BindingProcessorManagerImpl.class); + + private RemovalStrategy removalStrategy; + private STALFactory stalFactory; + private SLCommandInvoker commandInvokerClass; + private ExecutorService executorService; + private Map bindingProcessorMap = Collections + .synchronizedMap(new HashMap()); + + /** + * Container to hold a Future and Bindingprocessor object as map value. + * + * @author wbauer + * @see BindingProcessorManagerImpl#bindingProcessorMap + */ + static class MapEntityWrapper { + private Future future; + private BindingProcessor bindingProcessor; + + public MapEntityWrapper(Future future, BindingProcessor bindingProcessor) { + if ((bindingProcessor == null) || (future == null)) { + throw new NullPointerException("Argument must not be null"); + } + this.bindingProcessor = bindingProcessor; + this.future = future; + } + + public Future getFuture() { + return future; + } + + public BindingProcessor getBindingProcessor() { + return bindingProcessor; + } + + public int hashCode() { + return bindingProcessor.getId().hashCode(); + } + + public boolean equals(Object other) { + if (other instanceof MapEntityWrapper) { + MapEntityWrapper o = (MapEntityWrapper) other; + return (o.bindingProcessor.getId().equals(bindingProcessor.getId())); + } else { + return false; + } + } } - + + /** + * + * @param fab + * must not be null + * @param ci + * must not be null (prototype to generate new instances) + */ + public BindingProcessorManagerImpl(STALFactory fab, SLCommandInvoker ci) { + if (fab == null) { + throw new NullPointerException("STALFactory must not be null"); + } + stalFactory = fab; + if (ci == null) { + throw new NullPointerException("SLCommandInvoker must not be null"); + } + commandInvokerClass = ci; + executorService = Executors.newCachedThreadPool(); + } + + /** + * + * @return the STALFactory currently used. + */ + public STALFactory getStalFactory() { + return stalFactory; + } + + /** + * Sets the STALFactory to be used. + * + * @param stalFactory + */ + public void setStalFactory(STALFactory stalFactory) { + this.stalFactory = stalFactory; + } + + /** + * Could be used to setup a new executor service during application stratup. + * + * @param executorService + */ + public void setExecutorService(ExecutorService executorService) { + this.executorService = executorService; + } + + public void setRemovalStrategy(RemovalStrategy aStrategy) { + removalStrategy = aStrategy; + } + + public RemovalStrategy getRemovlaStrategy() { + return removalStrategy; + } + + public void shutdown() { + log.info("Shutting down the BindingProcessorManager"); + executorService.shutdown(); + } + public void shutdownNow() { - log.info("Shutting down the BindingProcessorManager NOW!"); + log.info("Shutting down the BindingProcessorManager NOW!"); executorService.shutdownNow(); - } - - /** - * Uses the default locale - */ - public BindingProcessor createBindingProcessor(String srcUrl, - String aSessionId) throws MalformedURLException { - return createBindingProcessor(srcUrl, aSessionId, null); - } - - /** - * FactoryMethod creating a new BindingProcessor object. - * - * @param protocol + log.debug("Number of binding prcessors currently managed: " + + bindingProcessorMap.size()); + if (log.isDebugEnabled()) { + for (Iterator it = bindingProcessorMap.values() + .iterator(); it.hasNext();) { + MapEntityWrapper entry = it.next(); + log.debug(entry.getBindingProcessor().getId() + ": isDone: " + + entry.getFuture().isDone()); + log.debug(entry.getBindingProcessor().getId() + ": isCanceled: " + + entry.getFuture().isCancelled()); + } + } + } + + /** + * Uses the default locale + */ + public BindingProcessor createBindingProcessor(String srcUrl, + String aSessionId) throws MalformedURLException { + return createBindingProcessor(srcUrl, aSessionId, null); + } + + /** + * FactoryMethod creating a new BindingProcessor object. + * + * @param protocol * must not be null - * @throws MalformedURLException - */ - public BindingProcessor createBindingProcessor(String srcUrl, + * @throws MalformedURLException + */ + public BindingProcessor createBindingProcessor(String srcUrl, String aSessionId, Locale locale) throws MalformedURLException { - URL url = new URL(srcUrl); - String low = url.getProtocol().toLowerCase(); - Protocol proto = null; - for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { - if (SUPPORTED_PROTOCOLS[i].toString().equals(low)) { - proto = SUPPORTED_PROTOCOLS[i]; - break; - } - } - if (proto == null) { - throw new UnsupportedOperationException(); - } - BindingProcessor bindingProcessor = new HTTPBindingProcessor(aSessionId, - commandInvokerClass.newInstance(), url); + URL url = new URL(srcUrl); + String low = url.getProtocol().toLowerCase(); + Protocol proto = null; + for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { + if (SUPPORTED_PROTOCOLS[i].toString().equals(low)) { + proto = SUPPORTED_PROTOCOLS[i]; + break; + } + } + if (proto == null) { + throw new UnsupportedOperationException(); + } + BindingProcessor bindingProcessor = new HTTPBindingProcessor(aSessionId, + commandInvokerClass.newInstance(), url); stalFactory.setLocale(locale); - STAL stal = stalFactory.createSTAL(); - bindingProcessor.init(stal, commandInvokerClass.newInstance()); - if (locale != null) { - bindingProcessor.setLocale(locale); - stal.setLocale(locale); - } - return bindingProcessor; - } - - /** - * @return the bindingprocessor object for this id or null if no bindingprocessor was found. - */ - public BindingProcessor getBindingProcessor(Id aId) { - if (bindingProcessorMap.get(aId) != null) { - return bindingProcessorMap.get(aId).getBindingProcessor(); - } else { - return null; - } - } - + STAL stal = stalFactory.createSTAL(); + bindingProcessor.init(stal, commandInvokerClass.newInstance()); + if (locale != null) { + bindingProcessor.setLocale(locale); + stal.setLocale(locale); + } + return bindingProcessor; + } + + /** + * @return the bindingprocessor object for this id or null if no + * bindingprocessor was found. + */ + public BindingProcessor getBindingProcessor(Id aId) { + if (bindingProcessorMap.get(aId) != null) { + return bindingProcessorMap.get(aId).getBindingProcessor(); + } else { + return null; + } + } + /** * - */ - public void setSTALFactory(STALFactory aStalFactory) { - if (aStalFactory == null) { - throw new NullPointerException("Cannot set STALFactory to null"); - } - stalFactory = aStalFactory; - } - - /** - * Causes the BindingProcessorManager to manage the provided BindingProcessor - * @param aBindingProcessor must not be null - */ - public void process(BindingProcessor aBindingProcessor) { - if (bindingProcessorMap.containsKey(aBindingProcessor.getId())) { - log.fatal("Clashing ids, cannot process bindingprocessor with id:" - + aBindingProcessor.getId()); - throw new SLRuntimeException( - "Clashing ids, cannot process bindingprocessor with id:" - + aBindingProcessor.getId()); + */ + public void setSTALFactory(STALFactory aStalFactory) { + if (aStalFactory == null) { + throw new NullPointerException("Cannot set STALFactory to null"); + } + stalFactory = aStalFactory; + } + + /** + * Causes the BindingProcessorManager to manage the provided BindingProcessor + * + * @param aBindingProcessor + * must not be null + */ + public void process(BindingProcessor aBindingProcessor) { + if (bindingProcessorMap.containsKey(aBindingProcessor.getId())) { + log.fatal("Clashing ids, cannot process bindingprocessor with id:" + + aBindingProcessor.getId()); + throw new SLRuntimeException( + "Clashing ids, cannot process bindingprocessor with id:" + + aBindingProcessor.getId()); } - log.debug("processing bindingprocessor: "+aBindingProcessor.getId()); - Future f = executorService.submit(aBindingProcessor); - bindingProcessorMap.put(aBindingProcessor.getId(), new MapEntityWrapper(f, - aBindingProcessor)); - } - - @Override - public void setSLCommandInvoker(SLCommandInvoker invoker) { - commandInvokerClass = invoker; - } - - @Override + log.debug("processing bindingprocessor: " + aBindingProcessor.getId()); + Future f = executorService.submit(aBindingProcessor); + bindingProcessorMap.put(aBindingProcessor.getId(), new MapEntityWrapper(f, + aBindingProcessor)); + } + + @Override + public void setSLCommandInvoker(SLCommandInvoker invoker) { + commandInvokerClass = invoker; + } + + @Override public void removeBindingProcessor(Id sessionId) { - log.debug("Removing binding processor: "+sessionId); - MapEntityWrapper wrapper = bindingProcessorMap - .get(sessionId); - if (wrapper == null) { - return; - } - Future f = wrapper.getFuture(); - if (!f.isDone()) { - f.cancel(true); - } - bindingProcessorMap.remove(sessionId); - } - - @Override - public Set getManagedIds() { - Set result = new HashSet(); - synchronized (bindingProcessorMap) { - for (Iterator it = bindingProcessorMap.keySet().iterator(); it - .hasNext();) { - result.add(it.next()); - } - } - return result; - } + log.debug("Removing binding processor: " + sessionId); + MapEntityWrapper wrapper = bindingProcessorMap.get(sessionId); + if (wrapper == null) { + return; + } + Future f = wrapper.getFuture(); + if (!f.isDone()) { + f.cancel(true); + } + bindingProcessorMap.remove(sessionId); + } + + @Override + public Set getManagedIds() { + Set result = new HashSet(); + synchronized (bindingProcessorMap) { + for (Iterator it = bindingProcessorMap.keySet().iterator(); it + .hasNext();) { + result.add(it.next()); + } + } + return result; + } } \ No newline at end of file -- cgit v1.2.3 From 3edfbe631f24d73324bc4dd0d182ca7737c4d5b5 Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 24 Sep 2008 13:56:53 +0000 Subject: Improved SLResult marshalling. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@66 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 40 +-- .../java/at/gv/egiz/bku/slcommands/SLResult.java | 7 +- .../impl/CreateXMLSignatureResultImpl.java | 73 ++--- .../egiz/bku/slcommands/impl/ErrorResultImpl.java | 21 +- .../slcommands/impl/InfoboxReadCommandImpl.java | 320 ++++++++++++++++----- .../slcommands/impl/InfoboxReadResultFileImpl.java | 141 +++++++++ .../bku/slcommands/impl/InfoboxReadResultImpl.java | 190 +++--------- .../slcommands/impl/NullOperationResultImpl.java | 5 +- .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 166 ++++++++--- 9 files changed, 606 insertions(+), 357 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 19f22126..8f72c3ee 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -35,6 +35,7 @@ import java.util.Locale; import java.util.Map; import javax.net.ssl.SSLHandshakeException; +import javax.xml.transform.Templates; import javax.xml.transform.Transformer; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; @@ -108,7 +109,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements protected SLTargetContext targetContext = new SLTargetContext(); protected URL srcUrl; protected State currentState = State.INIT; - protected Transformer transformer = null; + protected Templates templates = null; protected String resultContentType = null; protected SLResult slResult = null; protected int responseCode = 200; @@ -471,10 +472,10 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements resultContentType = HttpUtil.TXT_XML; } } - transformer = getTransformer(getStyleSheetUrl()); - if (transformer != null) { + templates = getTemplates(getStyleSheetUrl()); + if (templates != null) { log.debug("Output transformation required"); - resultContentType = transformer.getOutputProperty("media-type"); + resultContentType = templates.getOutputProperties().getProperty("media-type"); log.debug("Got media type from stylesheet: " + resultContentType); if (resultContentType == null) { log.debug("Setting to default text/xml result conent type"); @@ -703,7 +704,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements return resultContentType; } - protected Transformer getTransformer(String styleSheetURL) { + protected Templates getTemplates(String styleSheetURL) { if (styleSheetURL == null) { log.debug("Stylesheet URL not set"); return null; @@ -713,11 +714,10 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements URIResolver resolver = new URIResolverAdapter(URLDereferencer .getInstance(), urlCtx); TransformerFactory factory = TransformerFactory.newInstance(); + factory.setURIResolver(resolver); StreamData sd = URLDereferencer.getInstance().dereference(styleSheetURL, urlCtx); - Transformer t = factory.newTransformer(new StreamSource(sd.getStream())); - t.setURIResolver(resolver); - return t; + return factory.newTemplates(new StreamSource(sd.getStream())); } catch (Exception ex) { log.info("Cannot instantiate transformer", ex); bindingProcessorError = new SLException(2002); @@ -726,15 +726,10 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } protected void handleBindingProcessorError(OutputStream os, String encoding, - Transformer transformer) throws IOException { + Templates templates) throws IOException { log.debug("Writing error as result"); ErrorResultImpl error = new ErrorResultImpl(bindingProcessorError); - try { - error.writeTo(new StreamResult(new OutputStreamWriter(os, encoding)), - transformer); - } catch (TransformerException e) { - log.fatal("Cannot write error result to stream", e); - } + error.writeTo(new StreamResult(new OutputStreamWriter(os, encoding)), templates); } @Override @@ -745,7 +740,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } if (bindingProcessorError != null) { log.debug("Detected error in binding processor, writing error as result"); - handleBindingProcessorError(os, encoding, transformer); + handleBindingProcessorError(os, encoding, templates); return; } else if (dataUrlResponse != null) { log.debug("Writing data url response as result"); @@ -754,10 +749,11 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements InputStreamReader isr = new InputStreamReader( dataUrlResponse.getStream(), charEnc); OutputStreamWriter osw = new OutputStreamWriter(os, encoding); - if (transformer == null) { + if (templates == null) { StreamUtil.copyStream(isr, osw); } else { try { + Transformer transformer = templates.newTransformer(); transformer.transform(new StreamSource(isr), new StreamResult(osw)); } catch (TransformerException e) { log.fatal("Exception occured during result transformation", e); @@ -771,18 +767,12 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } else if (slResult == null) { // result not yet assigned -> must be a cancel bindingProcessorError = new SLException(6001); - handleBindingProcessorError(os, encoding, transformer); + handleBindingProcessorError(os, encoding, templates); return; } else { log.debug("Getting result from invoker"); OutputStreamWriter osw = new OutputStreamWriter(os, encoding); - try { - slResult.writeTo(new StreamResult(osw), transformer); - } catch (TransformerException e) { - log.fatal("Cannot write result to stream", e); - // bindingProcessorError = new SLException(2008); - // handleBindingProcessorError(os, encoding, transformer); - } + slResult.writeTo(new StreamResult(osw), templates); osw.flush(); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java index 7cf43fda..7989a771 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java @@ -16,9 +16,8 @@ */ package at.gv.egiz.bku.slcommands; -import javax.xml.transform.Result; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; +import javax.xml.transform.Result; +import javax.xml.transform.Templates; public interface SLResult { @@ -40,5 +39,5 @@ public interface SLResult { * @param result * @param transformer may be null. */ - public void writeTo(Result result, Transformer transformer) throws TransformerException; + public void writeTo(Result result, Templates templates); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java index d2d2e678..092a13c4 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java @@ -16,28 +16,24 @@ */ package at.gv.egiz.bku.slcommands.impl; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.transform.Result; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.w3c.dom.Document; -import org.w3c.dom.DocumentFragment; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureResponseType; -import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.gv.egiz.bku.slcommands.SLCommandFactory; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.transform.Result; +import javax.xml.transform.Templates; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; /** * This calls implements the result of the security layer command CreateXMLSignature. @@ -104,35 +100,10 @@ public class CreateXMLSignatureResultImpl extends SLResultImpl { } } - - @Override - public void writeTo(Result result) { - - try { - writeTo(result, null); - } catch (TransformerException e) { - log.error(e); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.bku.slcommands.impl.SLResultImpl#writeTo(javax.xml.transform.Result, javax.xml.transform.Transformer) - */ - @Override - public void writeTo(Result result, Transformer transformer) throws TransformerException { - - if (transformer == null) { - TransformerFactory transformerFactory = TransformerFactory.newInstance(); - try { - transformer = transformerFactory.newTransformer(); - } catch (TransformerConfigurationException e) { - log.error("Failed to create Transformer.", e); - throw new SLRuntimeException(e); - } - } - transformer.transform(new DOMSource(doc), result); - + + @Override + public void writeTo(Result result, Templates templates) { + writeTo(doc, result, templates); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java index fb624211..176ba001 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java @@ -16,12 +16,9 @@ */ package at.gv.egiz.bku.slcommands.impl; -import java.util.Locale; - import javax.xml.transform.Result; +import javax.xml.transform.Templates; -import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; -import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; import at.gv.egiz.bku.slcommands.ErrorResult; import at.gv.egiz.bku.slexceptions.SLException; @@ -48,15 +45,9 @@ public class ErrorResultImpl extends SLResultImpl implements ErrorResult { this.slException = slException; } - @Override - public void writeTo(Result result) { - - ObjectFactory factory = new ObjectFactory(); - ErrorResponseType responseType = factory.createErrorResponseType(); - responseType.setErrorCode(slException.getErrorCode()); - responseType.setInfo(slException.getDetailedMsg()); - - writeTo(factory.createErrorResponse(responseType), result); - - } + @Override + public void writeTo(Result result, Templates templates) { + writeErrorTo(slException, result, templates); + } + } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index b6745e1f..4d64ae36 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -16,55 +16,66 @@ */ package at.gv.egiz.bku.slcommands.impl; -import iaik.asn1.CodingException; -import iaik.asn1.DerCoder; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.OutputStream; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.List; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Result; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Node; - -import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; -import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; -import at.gv.egiz.bku.slcommands.InfoboxReadCommand; -import at.gv.egiz.bku.slcommands.SLCommand; -import at.gv.egiz.bku.slcommands.SLCommandContext; -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLExceptionMessages; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.idlink.CompressedIdentityLinkFactory; -import at.gv.egiz.idlink.IdentityLinkTransformer; -import at.gv.egiz.idlink.ans1.IdentityLink; -import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; -import at.gv.egiz.stal.STALRequest; +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.regex.Pattern; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; + +import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; +import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxAssocArrayPairType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadKeys; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadPairs; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; +import at.gv.egiz.bku.slcommands.InfoboxReadCommand; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.idlink.CompressedIdentityLinkFactory; +import at.gv.egiz.idlink.IdentityLinkTransformer; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STALRequest; /** * This class implements the security layer command @@ -82,23 +93,45 @@ public class InfoboxReadCommandImpl extends SLCommandImplInfoboxIdentifier */ protected String infoboxIdentifier; /** - * The IdentityLinkDomainIdentifier value of an IdentyLink infobox. + * The IdentityLinkDomainIdentifier value of an IdentyLink infobox. */ - protected String identityLinkDomainIdentifier; + protected String identityLinkDomainIdentifier; + + /** + * The list of certificates to be read from an Certificates infobox. + */ + protected List certificates; + + /** + * The result type. + */ + protected int assocArrayResult; /** * Is content XML entity? @@ -125,12 +158,6 @@ public class InfoboxReadCommandImpl extends SLCommandImpl 1) { + log.info("UserMakesUnique not supported"); + // TODO: give more specific error message + throw new SLCommandException(4010); + } + } + + // ReadPairs? + if (assocArrayParameters.getReadPairs() != null) { + assocArrayResult = ASSOC_ARRAY_READ_PAIRS; + ReadPairs readPairs = assocArrayParameters.getReadPairs(); + if (readPairs.isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities but infobox type is binary."); + throw new SLCommandException(4010); + } + certificates = findCertificates(readPairs.getSearchString()); + if (readPairs.isUserMakesUnique() && certificates.size() > 1) { + log.info("UserMakesUnique not supported"); + // TODO: give more specific error message + throw new SLCommandException(4010); + } + } + + // ReadValue + if (assocArrayParameters.getReadValue() != null) { + assocArrayResult = ASSOC_ARRAY_READ_VALUE; + ReadValue readValue = assocArrayParameters.getReadValue(); + if (readValue.isValueIsXMLEntity()) { + log.info("Got valuesAreXMLEntities but infobox type is binary."); + throw new SLCommandException(4010); + } + String key = readValue.getKey(); + if (Arrays.asList(INFOXBOX_CERTIFICATES_KEYS).contains(key)) { + certificates = Collections.singletonList(key); + } else { + certificates = Collections.emptyList(); + } + } + + if (assocArrayResult == 0) { + log.info("Infobox type is AssocArray but got invalid AssocArrayParameters."); + throw new SLCommandException(4010); + } } else { throw new SLCommandException(4002, @@ -168,9 +268,15 @@ public class InfoboxReadCommandImpl extends SLCommandImpl findCertificates(String searchString) throws SLCommandException { + + if ("*".equals(searchString) || "**".equals(searchString)) { + return Arrays.asList(INFOXBOX_CERTIFICATES_KEYS); + } + + if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) { + +// for (int i = 0; i < searchString.length(); i++) { +// int codePoint = searchString.codePointAt(i); +// +// } + + // TODO : build pattern + return Collections.emptyList(); + } else { + log.info("Got invalid search string '" + searchString + "'"); + throw new SLCommandException(4010); + } + + } + + private SLResult readCertificates() throws SLCommandException { + + ObjectFactory objectFactory = new ObjectFactory(); + + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory + .createInfoboxReadDataAssocArrayType(); + + if (assocArrayResult == ASSOC_ARRAY_READ_KEYS) { - @Override - public String getIdentityLinkDomainId() { - return identityLinkDomainIdentifier; - } + List keys = infoboxReadDataAssocArrayType.getKey(); + keys.addAll(certificates); + + } else { + + if (certificates != null && !certificates.isEmpty()) { + + List stalRequests = new ArrayList(); + + // get certificates + InfoboxReadRequest infoboxReadRequest; + for (int i = 0; i < certificates.size(); i++) { + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(certificates.get(i)); + stalRequests.add(infoboxReadRequest); + } + + requestSTAL(stalRequests); + + List x509Certs = getCertificatesFromResponses(); + + for (int i = 0; i < certificates.size(); i++) { + InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); + infoboxAssocArrayPairType.setKey(certificates.get(i)); + try { + infoboxAssocArrayPairType.setBase64Content(x509Certs.get(i).getEncoded()); + } catch (CertificateEncodingException e) { + log.error("Failed to encode certificate.", e); + throw new SLCommandException(4000); + } + infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); + } + + } + + } + + return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + + } + + @Override + public String getIdentityLinkDomainId() { + return identityLinkDomainIdentifier; + } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java new file mode 100644 index 00000000..6f41b562 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -0,0 +1,141 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Result; +import javax.xml.transform.Templates; +import javax.xml.transform.dom.DOMResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; + +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * This class implements the result of the security layer command InfoboxReadRequest. + * + * @author mcentner + */ +public class InfoboxReadResultFileImpl extends SLResultImpl implements + InfoboxReadResult { + + /** + * Logging facility. + */ + protected static Log log = LogFactory.getLog(InfoboxReadResultFileImpl.class); + + /** + * The XML document containing the infobox content. + */ + Document xmlDocument; + + /** + * Creates the response document from the given binaryContent. + * + * @param binaryContent the infobox content + * @param preserveSpace the value of the preserveSpace parameter + * + * @return the created response document + */ + private Document createResponseDocument(byte[] binaryContent, boolean preserveSpace) { + + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + Document doc; + try { + doc = dbf.newDocumentBuilder().newDocument(); + } catch (ParserConfigurationException e) { + // it should always be possible to create a new Document + log.error("Failed to create XML document.", e); + throw new SLRuntimeException(e); + } + + ObjectFactory factory = new ObjectFactory(); + + Base64XMLContentType base64XMLContentType = factory.createBase64XMLContentType(); + if (binaryContent == null) { + XMLContentType xmlContentType = factory.createXMLContentType(); + if (preserveSpace) { + xmlContentType.setSpace("preserve"); + } + base64XMLContentType.setXMLContent(xmlContentType); + } else { + base64XMLContentType.setBase64Content(binaryContent); + } + InfoboxReadResponseType infoboxReadResponseType = factory.createInfoboxReadResponseType(); + infoboxReadResponseType.setBinaryFileData(base64XMLContentType); + + JAXBElement infoboxReadResponse = factory.createInfoboxReadResponse(infoboxReadResponseType); + + JAXBContext context = SLCommandFactory.getJaxbContext(); + try { + Marshaller marshaller = context.createMarshaller(); + marshaller.marshal(infoboxReadResponse, doc); + } catch (JAXBException e) { + log.error("Failed to marshal 'InfoboxReadResponse' document.", e); + throw new SLRuntimeException(e); + } + + return doc; + + } + + + /** + * @return an XMLResult for marshalling the infobox to + */ + Result getXmlResult(boolean preserveSpace) { + + xmlDocument = createResponseDocument(null, preserveSpace); + + NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); + return new DOMResult(nodeList.item(0)); + + } + + /** + * Creates a new result document for this InfoboxReadResult + * and sets the given resultBytes as content. + * + * @param resultBytes + */ + void setResultBytes(byte[] resultBytes) { + + xmlDocument = createResponseDocument(resultBytes, false); + + } + + @Override + public void writeTo(Result result, Templates templates) { + writeTo(xmlDocument, result, templates); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java index 6f07338f..8904eac6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java @@ -14,158 +14,38 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.slcommands.impl; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Result; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.dom.DOMSource; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.w3c.dom.Document; -import org.w3c.dom.NodeList; - -import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadResponseType; -import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; -import at.gv.egiz.bku.slcommands.InfoboxReadResult; -import at.gv.egiz.bku.slcommands.SLCommand; -import at.gv.egiz.bku.slcommands.SLCommandFactory; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; - -/** - * This class implements the result of the security layer command InfoboxReadRequest. - * - * @author mcentner - */ -public class InfoboxReadResultImpl extends SLResultImpl implements - InfoboxReadResult { - - /** - * Logging facility. - */ - protected static Log log = LogFactory.getLog(InfoboxReadResultImpl.class); - - /** - * The XML document containing the infobox content. - */ - Document xmlDocument; - - /** - * Creates the response document from the given binaryContent. - * - * @param binaryContent the infobox content - * @param preserveSpace the value of the preserveSpace parameter - * - * @return the created response document - */ - private Document createResponseDocument(byte[] binaryContent, boolean preserveSpace) { - - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - Document doc; - try { - doc = dbf.newDocumentBuilder().newDocument(); - } catch (ParserConfigurationException e) { - // it should always be possible to create a new Document - log.error("Failed to create XML document.", e); - throw new SLRuntimeException(e); - } - - ObjectFactory factory = new ObjectFactory(); - - Base64XMLContentType base64XMLContentType = factory.createBase64XMLContentType(); - if (binaryContent == null) { - XMLContentType xmlContentType = factory.createXMLContentType(); - if (preserveSpace) { - xmlContentType.setSpace("preserve"); - } - base64XMLContentType.setXMLContent(xmlContentType); - } else { - base64XMLContentType.setBase64Content(binaryContent); - } - InfoboxReadResponseType infoboxReadResponseType = factory.createInfoboxReadResponseType(); - infoboxReadResponseType.setBinaryFileData(base64XMLContentType); - - JAXBElement infoboxReadResponse = factory.createInfoboxReadResponse(infoboxReadResponseType); - - JAXBContext context = SLCommandFactory.getJaxbContext(); - try { - Marshaller marshaller = context.createMarshaller(); - marshaller.marshal(infoboxReadResponse, doc); - } catch (JAXBException e) { - log.error("Failed to marshal 'InfoboxReadResponse' document.", e); - throw new SLRuntimeException(e); - } - - return doc; - - } - - - /** - * @return an XMLResult for marshalling the infobox to - */ - Result getXmlResult(boolean preserveSpace) { - - xmlDocument = createResponseDocument(null, preserveSpace); - - NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); - return new DOMResult(nodeList.item(0)); - - } - - /** - * Creates a new result document for this InfoboxReadResult - * and sets the given resultBytes as content. - * - * @param resultBytes - */ - void setResultBytes(byte[] resultBytes) { - - xmlDocument = createResponseDocument(resultBytes, false); - - } - - @Override - public void writeTo(Result result) { - - try { - writeTo(result, null); - } catch (TransformerException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.bku.slcommands.impl.SLResultImpl#writeTo(javax.xml.transform.Result, javax.xml.transform.Transformer) - */ - @Override - public void writeTo(Result result, Transformer transformer) throws TransformerException { - - if (transformer == null) { - TransformerFactory transformerFactory = TransformerFactory.newInstance(); - try { - transformer = transformerFactory.newTransformer(); - } catch (TransformerConfigurationException e) { - log.error("Failed to create Transformer.", e); - throw new SLRuntimeException(e); - } - } - transformer.transform(new DOMSource(xmlDocument), result); - - } - -} +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBElement; +import javax.xml.transform.Result; +import javax.xml.transform.Templates; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; + +public class InfoboxReadResultImpl extends SLResultImpl { + + /** + * The InfoboxReadResponse + */ + protected InfoboxReadResponseType infoboxReadResponse; + + public InfoboxReadResultImpl(InfoboxReadDataAssocArrayType assocArray) { + + ObjectFactory objectFactory = new ObjectFactory(); + InfoboxReadResponseType infoboxReadResponseType = objectFactory.createInfoboxReadResponseType(); + + infoboxReadResponseType.setAssocArrayData(assocArray); + + this.infoboxReadResponse = infoboxReadResponseType; + } + + @Override + public void writeTo(Result result, Templates templates) { + ObjectFactory objectFactory = new ObjectFactory(); + JAXBElement response = objectFactory.createInfoboxReadResponse(infoboxReadResponse); + writeTo(response, result, templates); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java index ae1f91ce..05986f85 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java @@ -18,6 +18,7 @@ package at.gv.egiz.bku.slcommands.impl; import javax.xml.bind.JAXBElement; import javax.xml.transform.Result; +import javax.xml.transform.Templates; import at.buergerkarte.namespaces.securitylayer._1.NullOperationResponseType; import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; @@ -40,8 +41,8 @@ public class NullOperationResultImpl extends SLResultImpl implements NullOperati } @Override - public void writeTo(Result result) { - writeTo(RESPONSE, result); + public void writeTo(Result result, Templates templates) { + writeTo(RESPONSE, result, templates); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java index a79382b6..57309182 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java @@ -16,24 +16,33 @@ */ package at.gv.egiz.bku.slcommands.impl; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; - import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import javax.xml.transform.Result; +import javax.xml.transform.Templates; import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; import javax.xml.transform.TransformerException; -import javax.xml.transform.stream.StreamResult; -import javax.xml.transform.stream.StreamSource; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.TransformerFactoryConfigurationError; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.sax.SAXTransformerFactory; +import javax.xml.transform.sax.TransformerHandler; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Node; +import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; import at.gv.egiz.bku.slcommands.SLCommandFactory; import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slexceptions.SLBindingException; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; /** * This class serves as an abstract base class for the implementation of a @@ -72,46 +81,135 @@ public abstract class SLResultImpl implements SLResult { return resultingMimeType; } + private Marshaller getMarshaller() { + try { + JAXBContext context = SLCommandFactory.getJaxbContext(); + Marshaller marshaller = context.createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + return marshaller; + } catch (JAXBException e) { + log.fatal("Failed to marshall error response.", e); + throw new SLRuntimeException("Failed to marshall error response.", e); + } + } + + private TransformerHandler getTransformerHandler(Templates templates, Result result) throws SLException { + try { + SAXTransformerFactory transformerFactory = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); + TransformerHandler transformerHandler = transformerFactory.newTransformerHandler(templates); + transformerHandler.setResult(result); + return transformerHandler; + } catch (TransformerFactoryConfigurationError e) { + log.error("Failed to create an instance of SAXTransformerFactory.", e); + throw new SLBindingException(2000); + } catch (IllegalArgumentException e) { + log.error("Failed to set result for transformation.", e); + throw new SLBindingException(2000); + } catch (TransformerConfigurationException e) { + log.info("Failed to create an instance of SAXTransformerFactory.", e); + throw new SLBindingException(2008); + } + } + + @Override + public void writeTo(Result result) { + writeTo(result, null); + } + + /** - * Writes the given response to the result. + * Writes the given response to the SAX result using + * the given transform templates. * - * @param response the security layer response element - * @param result the result to marshal the response to + * @param response + * @param result + * @param templates */ - @SuppressWarnings("unchecked") - public void writeTo(JAXBElement response, Result result) { + protected void writeTo(JAXBElement response, Result result, Templates templates) { + TransformerHandler transformerHandler = null; + if (templates != null) { + try { + transformerHandler = getTransformerHandler(templates, result); + } catch (SLException e) { + writeErrorTo(e, result, templates); + } + } + + Marshaller marshaller = getMarshaller(); try { - JAXBContext context = SLCommandFactory.getJaxbContext(); - Marshaller marshaller = context.createMarshaller(); - marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - marshaller.marshal(response, result); + if (transformerHandler != null) { + marshaller.marshal(response, transformerHandler); + } else { + marshaller.marshal(response, result); + } } catch (JAXBException e) { - // TODO Add throws clause to interface - log.fatal("Failed to marshall JAXBElement.", e); - throw new RuntimeException("Failed to marshall JAXBElement.", e); + log.info("Failed to marshall " + response.getName() + " result." , e); + SLCommandException commandException = new SLCommandException(4000); + writeErrorTo(commandException, result, templates); } + + } + + protected void writeTo(Node node, Result result, Templates templates) { + if (templates == null) { + try { + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + Transformer transformer = transformerFactory.newTransformer(); + transformer.transform(new DOMSource(node), result); + } catch (TransformerConfigurationException e) { + log.error("Failed to create Transformer.", e); + writeErrorTo(new SLException(4000), result, null); + } catch (TransformerException e) { + log.error("Failed to transform result.", e); + writeErrorTo(new SLException(4000), result, null); + } + } else { + try { + Transformer transformer = templates.newTransformer(); + transformer.transform(new DOMSource(node), result); + } catch (TransformerConfigurationException e) { + log.info("Failed to create transformer.", e); + writeErrorTo(new SLException(2008), result, templates); + } catch (TransformerException e) { + log.error("Failed to transform result.", e); + writeErrorTo(new SLException(2008), result, templates); + } + } + } + + protected void writeErrorTo(SLException slException, Result result, Templates templates) { + + TransformerHandler transformerHandler = null; + if (templates != null) { + try { + transformerHandler = getTransformerHandler(templates, result); + } catch (SLException e) { + // write the exception thrown instead of the given one + slException = e; + } + } - /* (non-Javadoc) - * @see at.gv.egiz.bku.slcommands.SLResult#writeTo(javax.xml.transform.Result, javax.xml.transform.Transformer) - */ - @Override - public void writeTo(Result result, Transformer transformer) throws TransformerException { - // TODO Auto-generated method stub - // fixxme: wb added for testing purposes to be completed - // begin hack - if (transformer == null) { - writeTo(result); - return; + ObjectFactory factory = new ObjectFactory(); + ErrorResponseType responseType = factory.createErrorResponseType(); + responseType.setErrorCode(slException.getErrorCode()); + responseType.setInfo(slException.getDetailedMsg()); + JAXBElement response = factory.createErrorResponse(responseType); + + Marshaller marshaller = getMarshaller(); + try { + if (transformerHandler != null) { + marshaller.marshal(response, transformerHandler); + } else { + marshaller.marshal(response, result); + } + } catch (JAXBException e) { + log.fatal("Failed to marshall error result." , e); + throw new SLRuntimeException("Failed to marshall error result."); } - // just a quick hack to proceed with testing - ByteArrayOutputStream os = new ByteArrayOutputStream(); - writeTo(new StreamResult(os)); - ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray()); - transformer.transform(new StreamSource(is), result); - //end hack + } } -- cgit v1.2.3 From e21dd5249d5fa19c5619847922cf8cdea95e3145 Mon Sep 17 00:00:00 2001 From: wbauer Date: Thu, 25 Sep 2008 07:29:47 +0000 Subject: improved robustness of http binding processor git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@70 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/local/conf/SpringConfigurator.java | 6 +++- .../gv/egiz/bku/local/conf/defaultConf.properties | 1 + .../gv/egiz/stal/service/impl/STALServiceImpl.java | 2 +- BKUOnline/src/main/webapp/META-INF/MANIFEST.MF | 7 ++-- .../at/gv/egiz/bku/binding/BindingProcessor.java | 4 ++- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 9 ++++- .../slcommands/impl/InfoboxReadCommandImpl.java | 8 +++-- .../gv/egiz/smcc/utils/SingletonPINProvider.java | 38 ---------------------- .../HTTPURLProtocolHandlerImpl.java | 3 +- .../at/gv/egiz/idlink/IdentityLinkTransformer.java | 30 ++++++++++++----- 10 files changed, 52 insertions(+), 56 deletions(-) delete mode 100644 smcc/src/main/java/at/gv/egiz/smcc/utils/SingletonPINProvider.java (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java index 43dbf745..46668667 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java @@ -128,10 +128,14 @@ public class SpringConfigurator extends Configurator implements if ((proxy == null) || (proxy.equals(""))) { log.info("No proxy configured"); } else { - log.info("Setting proxy to: "+proxy+":"+portString); + log.info("Setting proxy to: " + proxy + ":" + portString); System.setProperty("proxyHost", proxy); System.setProperty("proxyPort", portString); } + String timeout = getProperty("DefaultSocketTimeout"); + if ((timeout != null) && (!timeout.equals(""))) { + System.setProperty("sun.net.client.defaultConnectTimeout", timeout); + } } private Set getCACerts() throws IOException, diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties index 6d59ec21..29bdd1ed 100644 --- a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties @@ -54,6 +54,7 @@ ValidateHashDataInputs=true HTTPProxyHost= HTTPProxyPort= +DefaultSocketTimeout=200 diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java index 385888e9..d3d6c8db 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java @@ -248,6 +248,6 @@ public class STALServiceImpl implements STALPortType { ServletContext sCtx = (ServletContext) mCtx.get(MessageContext.SERVLET_CONTEXT); BindingProcessorManager bpMgr = (BindingProcessorManager) sCtx.getAttribute(BINDING_PROCESSOR_MANAGER); BindingProcessor bp = bpMgr.getBindingProcessor(sessionId); - return (bp == null) ? null : (STALRequestBroker) bp.getSTAL(); + return (bp == null) ? null : (bp.isFinished() ? null : (STALRequestBroker) bp.getSTAL()); } } diff --git a/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF b/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF index 5e949512..ca7c7604 100644 --- a/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF +++ b/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF @@ -1,3 +1,6 @@ Manifest-Version: 1.0 -Class-Path: - +Archiver-Version: Plexus Archiver +Created-By: Apache Maven +Built-By: wbauer +Build-Jdk: 1.6.0_10-beta +Implementation-Build: 1.0-SNAPSHOT-r31 \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java index c386508d..2569bf85 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java @@ -71,5 +71,7 @@ public interface BindingProcessor extends Runnable { * If the locale is not set the default locale will be used. * @param locale must not be null. */ - public void setLocale(Locale locale); + public void setLocale(Locale locale); + + public boolean isFinished(); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 8f72c3ee..5e44e82b 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -115,6 +115,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements protected int responseCode = 200; protected Map responseHeaders = Collections.EMPTY_MAP; protected Locale locale = Locale.getDefault(); + protected boolean finished = false; /** * @@ -246,6 +247,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements commandInvoker.setCommand(slCommand); responseCode = 200; responseHeaders = Collections.EMPTY_MAP; + dataUrlResponse = null; try { commandInvoker.invoke(srcContex); } catch (SLException e) { @@ -253,7 +255,6 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements bindingProcessorError = e; currentState = State.TRANSFORM; } - dataUrlResponse = null; if (getDataUrl() != null) { log.debug("Data Url set to: " + getDataUrl()); currentState = State.DATAURL; @@ -495,6 +496,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements sendSTALQuit(); log.info("Terminating Bindingprocessor; Thread: " + Thread.currentThread().getId()); + finished = true; } // -- END Methods that handle the http binding activities as defined in the @@ -620,6 +622,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements currentState = State.FINISHED; } log.debug("Terminated http binding processor"); + finished = true; } @Override @@ -805,4 +808,8 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements this.locale = locale; } + @Override + public boolean isFinished() { + return finished; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index 4d64ae36..b6c89e5b 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -371,12 +371,12 @@ public class InfoboxReadCommandImpl extends SLCommandImpl certificates = getCertificatesFromResponses(); @@ -413,10 +413,12 @@ public class InfoboxReadCommandImpl extends SLCommandImpl>(); } - private synchronized IdLTransformer getFreeTransfomer(String stylesheetURL) throws TransformerConfigurationException, IOException { + private IdLTransformer getFreeTransfomer(String stylesheetURL) throws TransformerConfigurationException, IOException { IdLTransformer transformer = null; @@ -260,9 +271,12 @@ public class IdentityLinkTransformer { } - public void transformIdLink(String stylesheetURL, Source source, Result result) throws IOException, TransformerException { - IdLTransformer transformer = getFreeTransfomer(stylesheetURL); - transformer.transform(source, result); + public void transformIdLink(String stylesheetURL, Source source, Result result) throws IOException, TransformerException { + log.trace("Trying to get free IdentityLinkTransformer for issuer template '" + stylesheetURL + "'."); + IdLTransformer transformer = getFreeTransfomer(stylesheetURL); + log.trace("Trying to transform IdentityLink."); + transformer.transform(source, result); + log.trace("IdentityLink transformed successfully. " + getStatistics()); } public String getStatistics() { -- cgit v1.2.3 From 7d3f6235a46f70323defa9910da240e61ca684b3 Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 1 Oct 2008 07:30:55 +0000 Subject: Moved main parts of the configuration to bkucommon git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@78 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKULocal/pom.xml | 48 ++- .../accesscontroller/SpringSecurityManager.java | 86 ++--- .../at/gv/egiz/bku/local/conf/Configurator.java | 103 ------ .../gv/egiz/bku/local/conf/SpringConfigurator.java | 320 ++++--------------- .../gv/egiz/bku/local/conf/defaultConf.properties | 7 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 6 +- BKULocalApp/keystore.ks | Bin 0 -> 5635 bytes BKULocalApp/pom.xml | 131 ++++++++ .../java/at/gv/egiz/bku/local/app/BKULauncher.java | 222 +++++++++++++ .../src/main/java/at/gv/egiz/bku/local/app/CA.java | 117 +++++++ .../java/at/gv/egiz/bku/local/app/Container.java | 98 ++++++ .../at/gv/egiz/bku/local/defaultConf/template.zip | Bin 0 -> 17759 bytes .../at/gv/egiz/bku/local/ui/UIMessages.properties | 13 + .../resources/at/gv/egiz/bku/local/ui/favicon.png | Bin 0 -> 2149 bytes BKULocalApp/src/main/resources/log4j.properties | 16 + .../accesscontroller/SpringSecurityManager.java | 3 +- .../at/gv/egiz/bku/online/conf/Configurator.java | 98 ------ .../egiz/bku/online/conf/SpringConfigurator.java | 209 +++--------- .../gv/egiz/bku/online/webapp/ResultServlet.java | 6 +- .../egiz/bku/online/webapp/SpringBKUServlet.java | 14 +- .../gv/egiz/bku/online/conf/defaultConf.properties | 5 + .../src/main/webapp/WEB-INF/applicationContext.xml | 4 +- .../java/at/gv/egiz/bku/conf/Configurator.java | 351 +++++++++++++++++++++ pom.xml | 1 + .../at/gv/egiz/bku/local/ui/TrayIconDialog.java | 2 +- 25 files changed, 1169 insertions(+), 691 deletions(-) delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java create mode 100644 BKULocalApp/keystore.ks create mode 100644 BKULocalApp/pom.xml create mode 100644 BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java create mode 100644 BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/CA.java create mode 100644 BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java create mode 100644 BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip create mode 100644 BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/UIMessages.properties create mode 100644 BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/favicon.png create mode 100644 BKULocalApp/src/main/resources/log4j.properties delete mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java (limited to 'bkucommon/src/main') diff --git a/BKULocal/pom.xml b/BKULocal/pom.xml index 49ec95a0..204fa6b9 100644 --- a/BKULocal/pom.xml +++ b/BKULocal/pom.xml @@ -13,7 +13,53 @@ war BKU Local 1.0-SNAPSHOT - + + + + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal + + + + + maven-war-plugin + 2.0.2 + + + + true + + + + + + ${project.version}-r${buildNumber} + + + + + + + org.codehaus.mojo + maven-buildnumber-plugin + 0.9.6 + + + validate + + create + + + + + false + false + + + + + at.gv.egiz diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java index b547bf6a..3f50fc78 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java @@ -1,65 +1,65 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package at.gv.egiz.bku.local.accesscontroller; import java.io.IOException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer; import org.springframework.context.ResourceLoaderAware; import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; -import at.gv.egiz.bku.local.conf.Configurator; +import at.gv.egiz.bku.conf.Configurator; public class SpringSecurityManager extends SecurityManagerFacade implements - ResourceLoaderAware { + ResourceLoaderAware { - private ResourceLoader resourceLoader; + private ResourceLoader resourceLoader; - private static Log log = LogFactory.getLog(SpringSecurityManager.class); + private static Log log = LogFactory.getLog(SpringSecurityManager.class); - protected Configurator config; + protected Configurator config; - public void setConfig(Configurator config) { - this.config = config; - } + public void setConfig(Configurator config) { + this.config = config; + } - public void init() { - String noMatch = config.getProperty("AccessController.acceptNoMatch"); - if (noMatch != null) { - log.debug("Setting allow now match to: " + noMatch); - setAllowUnmatched(Boolean.getBoolean(noMatch)); - } - String policy = config.getProperty("AccessController.policyResource"); - log.info("Loading resource: " + policy); - try { - Resource res = resourceLoader.getResource(policy); - init(res.getInputStream()); - } catch (IOException e) { - log.error(e); - } - } + public void init() { + String noMatch = config.getProperty("AccessController.acceptNoMatch"); + if (noMatch != null) { + log.debug("Setting allow now match to: " + noMatch); + setAllowUnmatched(Boolean.getBoolean(noMatch)); + } + String policy = config.getProperty("AccessController.policyResource"); + policy = policy.replace("${user.home}", System.getProperty("user.home")); + log.info("Loading resource: " + policy); + try { + Resource res = resourceLoader.getResource(policy); + init(res.getInputStream()); + } catch (IOException e) { + log.error(e); + } + } - @Override - public void setResourceLoader(ResourceLoader loader) { - this.resourceLoader = loader; - } + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java deleted file mode 100644 index 57a0f84f..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.bku.local.conf; - -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; -import iaik.xml.crypto.XSecProvider; - -import java.io.IOException; -import java.net.HttpURLConnection; -import java.security.Provider; -import java.security.Security; -import java.util.Properties; - -import javax.net.ssl.HttpsURLConnection; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.binding.DataUrl; -import at.gv.egiz.bku.binding.DataUrlConnection; -import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; -import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; - -/** - * - * TODO currently only the code to get started. - */ -public abstract class Configurator { - - private Log log = LogFactory.getLog(Configurator.class); - - private static Configurator instance = new SpringConfigurator(); - - protected Properties properties; - - protected Configurator() { - } - - public static Configurator getInstance() { - return instance; - } - - protected void configUrlConnections() { - HttpsURLConnection.setFollowRedirects(false); - HttpURLConnection.setFollowRedirects(false); - } - - protected void configureProviders() { - log.debug("Registering security providers"); - Security.insertProviderAt(new IAIK(), 1); - Security.insertProviderAt(new ECCProvider(false), 2); - Security.addProvider(new STALProvider()); - XSecProvider.addAsProvider(false); - StringBuilder sb = new StringBuilder(); - sb.append("Registered providers: "); - int i = 1; - for (Provider prov : Security.getProviders()) { - sb.append((i++) + ". : " + prov); - } - log.debug(sb.toString()); - } - - protected void configViewer() { - String bv = properties.getProperty("ValidateHashDataInputs"); - if (bv != null) { - DataObject.enableHashDataInputValidation(Boolean.parseBoolean(bv)); - } else { - log.warn("ValidateHashDataInputs not set, falling back to default"); - } - } - - public void configure() { - configureProviders(); - configUrlConnections(); - configViewer(); - } - - public void setConfiguration(Properties props) { - this.properties = props; - } - - public String getProperty(String key) { - if (properties != null) { - return properties.getProperty(key); - } - return null; - } -} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java index 46668667..bcb96c2f 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java @@ -19,41 +19,8 @@ package at.gv.egiz.bku.local.conf; import java.io.File; import java.io.FileInputStream; import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.Security; -import java.security.cert.CertPathBuilder; -import java.security.cert.CertStore; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.CollectionCertStoreParameters; -import java.security.cert.LDAPCertStoreParameters; -import java.security.cert.PKIXBuilderParameters; -import java.security.cert.PKIXCertPathBuilderResult; -import java.security.cert.TrustAnchor; -import java.security.cert.X509CertSelector; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.List; +import java.io.InputStream; import java.util.Properties; -import java.util.Set; - -import javax.naming.ldap.LdapContext; -import javax.naming.ldap.LdapReferralException; -import javax.net.ssl.CertPathTrustManagerParameters; -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.ManagerFactoryParameters; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.net.ssl.X509TrustManager; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -61,8 +28,7 @@ import org.springframework.context.ResourceLoaderAware; import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; -import at.gv.egiz.bku.binding.DataUrl; -import at.gv.egiz.bku.binding.DataUrlConnection; +import at.gv.egiz.bku.conf.Configurator; import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class SpringConfigurator extends Configurator implements @@ -73,15 +39,16 @@ public class SpringConfigurator extends Configurator implements private ResourceLoader resourceLoader; public SpringConfigurator() { - File configDir = new File(System.getProperty("user.home") + "/.bku/conf"); - if (configDir.exists()) { - log.debug("Found existing config directory: " + configDir); - } else { - log.info("Config dir not existing, creating new"); - if (!configDir.mkdirs()) { - log.error("Cannot create directory: " + configDir); - } - } + // File configDir = new File(System.getProperty("user.home") + + // "/.bku/conf"); + // if (configDir.exists()) { + // log.debug("Found existing config directory: " + configDir); + // } else { + // log.info("Config dir not existing, creating new"); + // if (!configDir.mkdirs()) { + // log.error("Cannot create directory: " + configDir); + // } + // } } public void setResource(Resource resource) { @@ -99,248 +66,75 @@ public class SpringConfigurator extends Configurator implements } } - public void configureVersion() { - Properties p = new Properties(); - try { - p.load(resourceLoader.getResource("META-INF/MANIFEST.MF") - .getInputStream()); - String version = p.getProperty("Implementation-Build"); - properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, - "citizen-card-environment/1.2 MOCCA " + version); - DataUrl.setConfiguration(properties); - log.debug("Setting user agent to: " - + properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); - } catch (IOException e) { - log.error(e); - } - } - + @Override public void configure() { + if (properties == null) { + defaultInit(); + } super.configure(); - configureSSL(); - configureVersion(); - configureNetwork(); } - public void configureNetwork() { - String proxy = getProperty("HTTPProxyHost"); - String portString = getProperty("HTTPProxyPort"); - if ((proxy == null) || (proxy.equals(""))) { - log.info("No proxy configured"); - } else { - log.info("Setting proxy to: " + proxy + ":" + portString); - System.setProperty("proxyHost", proxy); - System.setProperty("proxyPort", portString); - } - String timeout = getProperty("DefaultSocketTimeout"); - if ((timeout != null) && (!timeout.equals(""))) { - System.setProperty("sun.net.client.defaultConnectTimeout", timeout); + public void defaultInit() { + Properties props = new Properties(); + try { + props.load(new FileInputStream(System.getProperty("user.home") + + "/.mocca/war/mocca.war")); + super.setConfiguration(props); + } catch (IOException e) { + log.error("Cannot load config", e); } } - private Set getCACerts() throws IOException, - CertificateException { - Set caCerts = new HashSet(); - String caDirectory = getProperty("SSL.caDirectory"); - if (caDirectory != null) { - Resource caDirRes = resourceLoader.getResource(caDirectory); - File caDir = caDirRes.getFile(); - if (!caDir.isDirectory()) { - log.error("Expecting directory as SSL.caDirectory parameter"); - throw new SLRuntimeException( - "Expecting directory as SSL.caDirectory parameter"); - } - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - for (File f : caDir.listFiles()) { - try { - FileInputStream fis = new FileInputStream(f); - X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); - fis.close(); - log.debug("Adding trusted cert " + cert.getSubjectDN()); - caCerts.add(new TrustAnchor(cert, null)); - } catch (Exception e) { - log.error("Cannot add trusted ca", e); - } - } - return caCerts; - - } else { - log.warn("No CA certificates configured"); - } - return null; + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; } - private List getCertstore() throws IOException, - CertificateException, InvalidAlgorithmParameterException, - NoSuchAlgorithmException { - List resultList = new ArrayList(); - String certDirectory = getProperty("SSL.certDirectory"); - if (certDirectory != null) { - Resource certDirRes = resourceLoader.getResource(certDirectory); - - File certDir = certDirRes.getFile(); + private File getDirectory(String property) { + property = property + .replace("${user.home}", System.getProperty("user.home")); + if (property != null) { + Resource certDirRes = resourceLoader.getResource(property); + File certDir; + try { + certDir = certDirRes.getFile(); + } catch (IOException e) { + log.error("Cannot get cert directory", e); + throw new SLRuntimeException(e); + } if (!certDir.isDirectory()) { log.error("Expecting directory as SSL.certDirectory parameter"); throw new SLRuntimeException( "Expecting directory as SSL.certDirectory parameter"); } - List certCollection = new LinkedList(); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - for (File f : certDir.listFiles()) { - try { - FileInputStream fis = new FileInputStream(f); - X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); - certCollection.add(cert); - fis.close(); - log - .trace("Added following cert to certstore: " - + cert.getSubjectDN()); - } catch (Exception ex) { - log.error("Cannot add certificate", ex); - } - } - CollectionCertStoreParameters csp = new CollectionCertStoreParameters( - certCollection); - resultList.add(CertStore.getInstance("Collection", csp)); - log.info("Added collection certstore"); - } else { - log.warn("No certstore directory configured"); - } - String ldapHost = getProperty("SSL.ldapServer"); - if ((ldapHost != null) && (!"".equals(ldapHost))) { - String ldapPortString = getProperty("SSL.ldapPort"); - int ldapPort = 389; - if (ldapPortString != null) { - try { - ldapPort = Integer.parseInt(ldapPortString); - } catch (NumberFormatException nfe) { - log.error("Invalid ldap port, using default 389"); - } - } else { - log.warn("ldap port not specified, using default 389"); - } - LDAPCertStoreParameters ldapParams = new LDAPCertStoreParameters( - ldapHost, ldapPort); - resultList.add(CertStore.getInstance("LDAP", ldapParams)); - log.info("Added LDAP certstore"); + return certDir; } - return resultList; - } - - public void configureSSL() { - Set caCerts = null; - try { - caCerts = getCACerts(); - } catch (Exception e1) { - log.error("Cannot load CA certificates", e1); - } - List certStoreList = null; - try { - certStoreList = getCertstore(); - } catch (Exception e1) { - log.error("Cannot load certstore certificates", e1); - } - String aia = getProperty("SSL.useAIA"); - if ((aia == null) || (aia.equals(""))) { - System.setProperty("com.sun.security.enableAIAcaIssuers", "true"); - } else { - System.setProperty("com.sun.security.enableAIAcaIssuers", aia); - } - String lifetime = getProperty("SSL.cache.lifetime"); - if ((lifetime == null) || (lifetime.equals(""))) { - System.setProperty("sun.security.certpath.ldap.cache.lifetime", "0"); - } else { - System.setProperty("sun.security.certpath.ldap.cache.lifetime", lifetime); - } - X509CertSelector selector = new X509CertSelector(); - PKIXBuilderParameters pkixParams; - try { - pkixParams = new PKIXBuilderParameters(caCerts, selector); - if ((getProperty("SSL.doRevocationChecking") != null) - && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) { - log.info("Enable revocation checking"); - System.setProperty("com.sun.security.enableCRLDP", "true"); - Security.setProperty("ocsp.enable", "true"); - } else { - log.warn("Revocation checking disabled"); - } - for (CertStore cs : certStoreList) { - pkixParams.addCertStore(cs); - } - ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters( - pkixParams); - TrustManagerFactory trustFab; - trustFab = TrustManagerFactory.getInstance("PKIX"); - trustFab.init(trustParams); - KeyManager[] km = null; - SSLContext sslCtx = SSLContext - .getInstance(getProperty("SSL.sslProtocol")); - String disableAll = getProperty("SSL.disableAllChecks"); - if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { - log.warn("--------------------------------------"); - log.warn(" Disabling SSL Certificate Validation "); - log.warn("--------------------------------------"); - - sslCtx.init(km, new TrustManager[] { new MyTrustManager(caCerts, - certStoreList) }, null); - } else { - sslCtx.init(km, trustFab.getTrustManagers(), null); - } - HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); - } catch (Exception e) { - log.error("Cannot configure SSL", e); - } - String disableAll = getProperty("SSL.disableAllChecks"); - if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { - log.warn("---------------------------------"); - log.warn(" Disabling Hostname Verification "); - log.warn("---------------------------------"); - HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }); - } - } - - @Override - public void setResourceLoader(ResourceLoader loader) { - this.resourceLoader = loader; - } -} - -class MyTrustManager implements X509TrustManager { - private static Log log = LogFactory.getLog(MyTrustManager.class); - private X509Certificate[] trustedCerts; + return null; - public MyTrustManager(Set caCerts, List cs) { - trustedCerts = new X509Certificate[caCerts.size()]; - int i = 0; - for (Iterator it = caCerts.iterator(); it.hasNext();) { - TrustAnchor ta = it.next(); - trustedCerts[i++] = ta.getTrustedCert(); - } } @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException { - log.error("Did not expect this method to get called"); - throw new CertificateException("Method not implemented"); + protected File getCADir() { + String caDirectory = getProperty("SSL.caDirectory"); + return getDirectory(caDirectory); } @Override - public void checkServerTrusted(X509Certificate[] certs, String arg1) - throws CertificateException { - log.warn("-------------------------------------"); - log.warn("SSL Certificate Validation Disabled !"); - log.warn("-------------------------------------"); + protected File getCertDir() { + String certDirectory = getProperty("SSL.certDirectory"); + return getDirectory(certDirectory); } @Override - public X509Certificate[] getAcceptedIssuers() { - return trustedCerts; + protected InputStream getManifest() { + Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF"); + if ((r != null) && r.isReadable()) { + try { + return r.getInputStream(); + } catch (IOException e) { + log.error("Cannot read manifest data:" + e); + } + } + return null; } - } \ No newline at end of file diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties index 29bdd1ed..8ae5bf6d 100644 --- a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties +++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties @@ -51,10 +51,11 @@ SSL.disableAllChecks=false # ------------ END SSL Config -------------------- ValidateHashDataInputs=true +AppletTimeout=300000 -HTTPProxyHost= -HTTPProxyPort= -DefaultSocketTimeout=200 +#HTTPProxyHost= +#HTTPProxyPort= +#DefaultSocketTimeout=200 diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index c6a5088a..a4003a2a 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -21,6 +21,7 @@ + @@ -47,10 +48,11 @@ - - + diff --git a/BKULocalApp/keystore.ks b/BKULocalApp/keystore.ks new file mode 100644 index 00000000..824c3a40 Binary files /dev/null and b/BKULocalApp/keystore.ks differ diff --git a/BKULocalApp/pom.xml b/BKULocalApp/pom.xml new file mode 100644 index 00000000..e2d17d7c --- /dev/null +++ b/BKULocalApp/pom.xml @@ -0,0 +1,131 @@ + + + bku + at.gv.egiz + 1.0-SNAPSHOT + + 4.0.0 + at.gv.egiz.bku + BKULocalApp + + 1.0-SNAPSHOT + + + + + + maven-compiler-plugin + org.apache.maven.plugins + 2.0.2 + + 1.6 + 1.6 + true + true + + + + + + + maven-dependency-plugin + + + + copywar + + copy + + + + + at.gv.egiz + BKULocal + 1.0-SNAPSHOT + war + + + + ${project.build.directory}/classes + + + + + unpack-dependencies + + unpack-dependencies + + + javax/xml/crypto/**, demo/**, + junit/**, w3/**, org/etsi/**, META-INF/** + ${project.build.directory}/classes + true + true + + + + + + + + maven-jar-plugin + + + + sign + + + + + + false + false + + false + true + + + test-applet signer + ./keystore.ks + storepass + keypass + true + + + + + + + + + commons-logging + commons-logging + 1.1.1 + compile + + + at.gv.egiz + BKULocal + 1.0-SNAPSHOT + war + + + utils + at.gv.egiz + 1.0-SNAPSHOT + compile + + + commons-cli + commons-cli + 1.0 + + + org.mortbay.jetty + jetty + 6.1.10 + + + + \ No newline at end of file diff --git a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java new file mode 100644 index 00000000..091843e1 --- /dev/null +++ b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java @@ -0,0 +1,222 @@ +package at.gv.egiz.bku.local.app; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.KeyStore; +import java.util.Enumeration; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.ResourceBundle; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.CommandLineParser; +import org.apache.commons.cli.HelpFormatter; +import org.apache.commons.cli.Options; +import org.apache.commons.cli.ParseException; +import org.apache.commons.cli.PosixParser; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.local.ui.BKUControllerInterface; +import at.gv.egiz.bku.local.ui.TrayIconDialog; +import at.gv.egiz.bku.utils.StreamUtil; + +public class BKULauncher implements BKUControllerInterface { + private static Log log = LogFactory.getLog(BKULauncher.class); + + private ResourceBundle resourceBundle = null; + private Container server; + + private void startUpServer() throws Exception { + server = new Container(); + // XmlConfiguration xcfg = new XmlConfiguration(getClass().getClassLoader() + // .getResourceAsStream("at/gv/egiz/bku/local/app/jetty.xml")); + // xcfg.configure(server); + server.init(); + server.start(); + } + + private void initTrayIcon() { + Locale loc = Locale.getDefault(); + try { + resourceBundle = ResourceBundle.getBundle( + "at/gv/egiz/bku/local/ui/UIMessages", loc); + } catch (MissingResourceException mx) { + resourceBundle = ResourceBundle.getBundle( + "at/gv/egiz/bku/local/ui/UIMessages", Locale.ENGLISH); + } + TrayIconDialog.getInstance().init(resourceBundle); + TrayIconDialog.getInstance().setShutdownHook(this); + TrayIconDialog.getInstance().displayInfo("Greetings.Caption", + "Greetings.Message"); + } + + private void initFinished() { + try { + server.join(); + } catch (InterruptedException e) { + log.info(e); + } + } + + private void copyDirs(File srcDir, File dstDir) { + for (File cf : srcDir.listFiles()) { + File of = new File(dstDir, cf.getName()); + if (cf.isDirectory()) { + log.debug("Creating directory: " + of); + of.mkdir(); + copyDirs(cf, of); + } else { + log.debug("Writing file: " + of); + try { + FileInputStream fis = new FileInputStream(cf); + FileOutputStream fos = new FileOutputStream(of); + StreamUtil.copyStream(fis, fos); + fis.close(); + fos.close(); + } catch (IOException e) { + log.error("Cannot copy default configuration", e); + } + } + } + } + + private void unzip(File zipfile) throws IOException { + File dir = zipfile.getParentFile(); + ZipFile zipFile = new ZipFile(zipfile); + Enumeration entries = zipFile.entries(); + while (entries.hasMoreElements()) { + ZipEntry entry = entries.nextElement(); + File eF = new File(dir, entry.getName()); + if (entry.isDirectory()) { + eF.mkdirs(); + continue; + } + File f = new File(eF.getParent()); + f.mkdirs(); + StreamUtil.copyStream(zipFile.getInputStream(entry), + new FileOutputStream(eF)); + } + zipFile.close(); + } + + private void checkConfig(String[] args) { + CommandLineParser parser = new PosixParser(); + Options options = new Options(); + options.addOption("c", true, "the configuration's base directory"); + options.addOption("h", false, "print this message"); + try { + File cfgDir = new File(System.getProperty("user.home") + "/.mocca/conf"); + CommandLine cmd = parser.parse(options, args); + if (cmd.hasOption("h")) { + HelpFormatter formatter = new HelpFormatter(); + formatter.printHelp("BKULauncher", options); + System.exit(0); + } + + if (cmd.hasOption("c")) { + cfgDir = new File(cmd.getOptionValue("c")); + } + log.debug("using config directory: " + cfgDir); + if (cfgDir.exists() && cfgDir.isFile()) { + log.error("Configuration directory must not be a file"); + } + if (!cfgDir.exists()) { + log.debug("Creating config directory: " + cfgDir); + cfgDir.mkdirs(); + try { + InputStream is = getClass().getClassLoader().getResourceAsStream( + "at/gv/egiz/bku/local/defaultConf/template.zip"); + OutputStream os = new FileOutputStream(new File(cfgDir, + "template.zip")); + StreamUtil.copyStream(is, os); + os.close(); + unzip(new File(cfgDir, "template.zip")); + } catch (IOException iox) { + log.error("Cannot create user directory", iox); + return; + } + CA ca = new CA(); + char[] password = "changeMe".toCharArray(); + KeyStore ks = ca.generateKeyStore(password); + if (ks != null) { + File ksdir = new File(cfgDir, "keystore"); + ksdir.mkdirs(); + FileOutputStream fos; + try { + fos = new FileOutputStream(new File(ksdir, "keystore.ks")); + ks.store(fos, password); + fos.close(); + } catch (Exception e) { + log.error("Cannot store keystore", e); + } + } else { + log.error("Cannot create ssl certificate"); + } + } + } catch (ParseException e1) { + log.error(e1); + HelpFormatter formatter = new HelpFormatter(); + formatter.printHelp("BKULauncher", options); + System.exit(0); + } + } + + public void jwsHack() { + InputStream is = getClass().getClassLoader().getResourceAsStream( + "BKULocal-1.0-SNAPSHOT.war"); + File f = new File(System.getProperty("user.home") + "/.mocca/war"); + f.mkdirs(); + try { + OutputStream os = new FileOutputStream(new File(f, "mocca.war")); + StreamUtil.copyStream(is, os); + os.close(); + } catch (Exception e) { + log.error(e); + } + } + + /** + * @param args + */ + public static void main(String[] args) { + + try { + BKULauncher launcher = new BKULauncher(); + //launcher.jwsHack(); + launcher.checkConfig(args); + launcher.startUpServer(); + launcher.initTrayIcon(); + launcher.initFinished(); + } catch (Exception e) { + log.fatal("Cannot launch BKU", e); + System.exit(-1000); + } + + } + + public void shutDown() { + log.info("Shutting down server"); + if ((server != null) && (server.isRunning())) { + try { + if (server.isRunning()) { + server.stop(); + } + } catch (Exception e) { + log.debug(e.toString()); + } finally { + if (server.isRunning()) { + server.destroy(); + } + } + } + System.exit(0); + } + +} diff --git a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/CA.java b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/CA.java new file mode 100644 index 00000000..31d21ef7 --- /dev/null +++ b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/CA.java @@ -0,0 +1,117 @@ +package at.gv.egiz.bku.local.app; + +import iaik.asn1.ObjectID; +import iaik.asn1.structures.AlgorithmID; +import iaik.asn1.structures.Name; +import iaik.x509.X509Certificate; +import iaik.x509.extensions.BasicConstraints; +import iaik.x509.extensions.KeyUsage; + +import java.math.BigInteger; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.KeyStore; +import java.security.NoSuchAlgorithmException; +import java.util.Calendar; +import java.util.GregorianCalendar; +import java.util.Random; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class CA { + private final static Log log = LogFactory.getLog(CA.class); + + private KeyPair caKeyPair; + private X509Certificate caCert; + + private KeyPair serverKeyPair; + private X509Certificate serverCert; + + public CA() { + } + + private KeyPair generateKeyPair() throws NoSuchAlgorithmException { + KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); + gen.initialize(2048); + return gen.generateKeyPair(); + } + + private void generateCA() throws GeneralSecurityException { + log.debug("Generating CA certificate"); + Name subject = new Name(); + subject.addRDN(ObjectID.country, "AT"); + subject.addRDN(ObjectID.organization, "MOCCA"); + subject.addRDN(ObjectID.organizationalUnit, "MOCCA-CA"); + + caKeyPair = generateKeyPair(); + caCert = new X509Certificate(); + caCert.setSerialNumber(new BigInteger(20, new Random())); + caCert.setSubjectDN(subject); + caCert.setPublicKey(caKeyPair.getPublic()); + caCert.setIssuerDN(subject); + + caCert.addExtension(new BasicConstraints(true)); + caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign + | KeyUsage.digitalSignature)); + + GregorianCalendar date = new GregorianCalendar(); + date.add(Calendar.HOUR_OF_DAY, -1); + caCert.setValidNotBefore(date.getTime()); + date.add(Calendar.YEAR, 7); + caCert.setValidNotAfter(date.getTime()); + caCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); + log.debug("Successfully signed CA certificate"); + } + + private void generateServerCert() throws GeneralSecurityException { + log.debug("Generating SSL certificate"); + Name subject = new Name(); + subject.addRDN(ObjectID.country, "AT"); + subject.addRDN(ObjectID.organization, "MOCCA"); + try { + subject.addRDN(ObjectID.commonName, InetAddress.getLocalHost() + .getHostName()); + } catch (UnknownHostException e) { + subject.addRDN(ObjectID.commonName, "localhost"); + } + serverKeyPair = generateKeyPair(); + serverCert = new X509Certificate(); + serverCert.setSerialNumber(new BigInteger(20, new Random())); + serverCert.setSubjectDN(subject); + serverCert.setPublicKey(serverKeyPair.getPublic()); + serverCert.setIssuerDN(caCert.getSubjectDN()); + + serverCert.addExtension(new BasicConstraints(false)); + serverCert.addExtension(new KeyUsage(KeyUsage.keyEncipherment + | KeyUsage.digitalSignature)); + + GregorianCalendar date = new GregorianCalendar(); + date.add(Calendar.HOUR_OF_DAY, -1); + serverCert.setValidNotBefore(date.getTime()); + date.add(Calendar.YEAR, 7); + date.add(Calendar.HOUR_OF_DAY, -1); + serverCert.setValidNotAfter(date.getTime()); + serverCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); + log.debug("Successfully signed server certificate"); + caKeyPair = null; + } + + public KeyStore generateKeyStore(char[] password) { + try { + generateCA(); + generateServerCert(); + KeyStore ks = KeyStore.getInstance("JKS"); + ks.load(null, null); + ks.setKeyEntry("server", serverKeyPair.getPrivate(), password, new X509Certificate[]{serverCert, caCert}); + return ks; + } catch (Exception e) { + log.error("Cannot generate certificate", e); + } + return null; + } + +} diff --git a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java new file mode 100644 index 00000000..690639f4 --- /dev/null +++ b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java @@ -0,0 +1,98 @@ +package at.gv.egiz.bku.local.app; + +import java.io.File; +import java.io.IOException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.mortbay.jetty.Connector; +import org.mortbay.jetty.Handler; +import org.mortbay.jetty.Server; +import org.mortbay.jetty.handler.DefaultHandler; +import org.mortbay.jetty.handler.HandlerCollection; +import org.mortbay.jetty.nio.SelectChannelConnector; +import org.mortbay.jetty.security.SslSocketConnector; +import org.mortbay.jetty.webapp.WebAppClassLoader; +import org.mortbay.jetty.webapp.WebAppContext; +import org.mortbay.thread.QueuedThreadPool; + +public class Container { + + private static Log log = LogFactory.getLog(Container.class); + + private Server server; + + public Container() { + } + + public void init() { + Thread.currentThread().setContextClassLoader(ClassLoader.getSystemClassLoader()); + log.debug("-----------------> "+ClassLoader.getSystemClassLoader()); + server = new Server(); + QueuedThreadPool qtp = new QueuedThreadPool(); + qtp.setMaxThreads(5); + qtp.setMinThreads(2); + qtp.setLowThreads(0); + server.setThreadPool(qtp); + server.setStopAtShutdown(true); + server.setGracefulShutdown(3000); + + SelectChannelConnector connector = new SelectChannelConnector(); + connector.setPort(3495); + connector.setAcceptors(1); + connector.setConfidentialPort(3496); + + SslSocketConnector sslConnector = new SslSocketConnector(); + sslConnector.setPort(3496); + sslConnector.setAcceptors(1); + sslConnector.setKeystore(System.getProperty("user.home") + + "/.mocca/conf/keystore/keystore.ks"); + sslConnector.setPassword("changeMe"); + sslConnector.setKeyPassword("changeMe"); + + server.setConnectors(new Connector[] { connector, sslConnector }); + HandlerCollection handlers = new HandlerCollection(); + + WebAppContext webappcontext = new WebAppContext(); + webappcontext.setContextPath("/"); + webappcontext.setExtractWAR(false); + + File tmpDir = new File(System.getProperty("user.home") + "/.mocca/tmp"); + // tmpDir.mkdirs(); + // webappcontext.setTempDirectory(tmpDir); + try { + File f = new File(System.getProperty("user.home") + + "/.mocca/war/mocca.war"); + log.debug("Deploying war: " + f.getCanonicalPath()); + if (!f.exists()) { + log.error("WAR file does not exist, cannot run MOCCA"); + } + webappcontext.setWar(f.getParent()); + } catch (IOException e) { + log.error(e); + } + handlers.setHandlers(new Handler[] { webappcontext, new DefaultHandler() }); + + server.setHandler(handlers); + } + + public void start() throws Exception { + server.start(); + } + + public boolean isRunning() { + return server.isRunning(); + } + + public void stop() throws Exception { + server.stop(); + } + + public void destroy() { + server.destroy(); + } + + public void join() throws InterruptedException { + server.join(); + } +} \ No newline at end of file diff --git a/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip new file mode 100644 index 00000000..f57e8930 Binary files /dev/null and b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip differ diff --git a/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/UIMessages.properties b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/UIMessages.properties new file mode 100644 index 00000000..873d03ef --- /dev/null +++ b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/UIMessages.properties @@ -0,0 +1,13 @@ +#-------- tray icon messages ------- +TrayMenu.Tooltip=MOCCA +TrayMenu.Shutdown=MOCCA Beenden + +Greetings.Message=MOCCA up and running +Greetings.Caption=MOCCA Started + +Message.RequestCaption=New Request +Message.InfoboxReadRequest=Reading Infobox +Message.SecureSignatureKeypair=Reading secure signature certificate +Message.CertifiedKeypair=Reading certified certificate +Message.IdentityLink=Reading Identitylink +Message.SignRequest=Creating Signature \ No newline at end of file diff --git a/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/favicon.png b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/favicon.png new file mode 100644 index 00000000..2d0276de Binary files /dev/null and b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/ui/favicon.png differ diff --git a/BKULocalApp/src/main/resources/log4j.properties b/BKULocalApp/src/main/resources/log4j.properties new file mode 100644 index 00000000..fcdcb8e8 --- /dev/null +++ b/BKULocalApp/src/main/resources/log4j.properties @@ -0,0 +1,16 @@ +# loglever DEBUG, appender STDOUT +log4j.rootLogger=TRACE, STDOUT, file + +# STDOUT appender +log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender +log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout +#log4j.appender.STDOUT.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n +#log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n +log4j.appender.STDOUT.layout.ConversionPattern=%-5p |%d | %t | %c %x- %m%n + +### FILE appender +log4j.appender.file=org.apache.log4j.DailyRollingFileAppender +log4j.appender.file.datePattern='.'yyyy-MM-dd +log4j.appender.file.File=${user.home}/.mocca/logs/mocca.log +log4j.appender.file.layout=org.apache.log4j.PatternLayout +log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n \ No newline at end of file diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java index 3d0df8c4..5795478b 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java @@ -25,7 +25,7 @@ import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; -import at.gv.egiz.bku.online.conf.Configurator; +import at.gv.egiz.bku.conf.Configurator; public class SpringSecurityManager extends SecurityManagerFacade implements ResourceLoaderAware { @@ -60,5 +60,4 @@ public class SpringSecurityManager extends SecurityManagerFacade implements public void setResourceLoader(ResourceLoader loader) { this.resourceLoader = loader; } - } diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java deleted file mode 100644 index c09abcc1..00000000 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.bku.online.conf; - -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; -import iaik.xml.crypto.XSecProvider; - -import java.io.IOException; -import java.net.HttpURLConnection; -import java.security.Provider; -import java.security.Security; -import java.util.Properties; - -import javax.net.ssl.HttpsURLConnection; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.binding.DataUrl; -import at.gv.egiz.bku.binding.DataUrlConnection; -import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; -import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; - -/** - * - * TODO currently only the code to get started. - */ -public abstract class Configurator { - - private Log log = LogFactory.getLog(Configurator.class); - - private static Configurator instance = new SpringConfigurator(); - - protected Properties properties; - - protected Configurator() { - } - - public static Configurator getInstance() { - return instance; - } - - protected void configUrlConnections() { - HttpsURLConnection.setFollowRedirects(false); - HttpURLConnection.setFollowRedirects(false); - } - - protected void configureProviders() { - log.debug("Registering security providers"); - Security.insertProviderAt(new IAIK(), 1); - Security.insertProviderAt(new ECCProvider(false), 2); - Security.addProvider(new STALProvider()); - XSecProvider.addAsProvider(false); - StringBuilder sb = new StringBuilder(); - sb.append("Registered providers: "); - int i = 1; - for (Provider prov : Security.getProviders()) { - sb.append((i++) + ". : " + prov); - } - log.debug(sb.toString()); - } - - protected void configViewer() { - DataObject.enableHashDataInputValidation(Boolean.parseBoolean(properties.getProperty("ValidateHashDataInputs"))); - } - - public void configure() { - configureProviders(); - configUrlConnections(); - configViewer(); - } - - public void setConfiguration(Properties props) { - this.properties = props; - } - - public String getProperty(String key) { - if (properties != null) { - return properties.getProperty(key); - } - return null; - } -} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index d213dd36..a369d829 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -17,31 +17,9 @@ package at.gv.egiz.bku.online.conf; import java.io.File; -import java.io.FileInputStream; import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.Security; -import java.security.cert.CertStore; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.CollectionCertStoreParameters; -import java.security.cert.PKIXBuilderParameters; -import java.security.cert.TrustAnchor; -import java.security.cert.X509CertSelector; -import java.security.cert.X509Certificate; -import java.util.HashSet; -import java.util.LinkedList; -import java.util.List; +import java.io.InputStream; import java.util.Properties; -import java.util.Set; - -import javax.net.ssl.CertPathTrustManagerParameters; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.ManagerFactoryParameters; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManagerFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -49,8 +27,8 @@ import org.springframework.context.ResourceLoaderAware; import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; -import at.gv.egiz.bku.binding.DataUrl; -import at.gv.egiz.bku.binding.DataUrlConnection; +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.online.webapp.SpringBKUServlet; import at.gv.egiz.bku.slexceptions.SLRuntimeException; import at.gv.egiz.stal.service.impl.RequestBrokerSTALFactory; @@ -76,41 +54,8 @@ public class SpringConfigurator extends Configurator implements } } - public void configureVersion() { - Properties p = new Properties(); - try { - p.load(resourceLoader.getResource("META-INF/MANIFEST.MF") - .getInputStream()); - String version = p.getProperty("Implementation-Build"); - properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, - "citizen-card-environment/1.2 MOCCA " + version); - DataUrl.setConfiguration(properties); - log.debug("Setting user agent to: " - + properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); - } catch (IOException e) { - log.error(e); - } - } - - public void configure() { - super.configure(); - configureSSL(); - configureVersion(); - configureNetwork(); - } - public void configureNetwork() { - String proxyHost = getProperty("HTTPProxyHost"); - String proxyPort = getProperty("HTTPProxyPort"); - if (proxyPort == null) { - proxyPort = "80"; - } - if (proxyHost != null) { - log.debug("Setting proxy server to: " + proxyHost + ":" + proxyPort); - System.setProperty("http.proxyHost", proxyHost); - System.setProperty("http.proxyPort", proxyPort); - } - log.debug("No proxy specified"); + super.configureNetwork(); String appletTimeout = getProperty("AppletTimeout"); if ((appletTimeout != null)) { try { @@ -122,128 +67,60 @@ public class SpringConfigurator extends Configurator implements } } - - private Set getCACerts() throws IOException, - CertificateException { - Set caCerts = new HashSet(); - String caDirectory = getProperty("SSL.caDirectory"); - if (caDirectory != null) { - Resource caDirRes = resourceLoader.getResource(caDirectory); - File caDir = caDirRes.getFile(); - if (!caDir.isDirectory()) { - log.error("Expecting directory as SSL.caDirectory parameter"); - throw new SLRuntimeException( - "Expecting directory as SSL.caDirectory parameter"); - } - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - for (File f : caDir.listFiles()) { - try { - FileInputStream fis = new FileInputStream(f); - X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); - fis.close(); - log.debug("Adding trusted cert " + cert.getSubjectDN()); - caCerts.add(new TrustAnchor(cert, null)); - } catch (Exception e) { - log.error("Cannot add trusted ca", e); - } - } - return caCerts; - - } else { - log.warn("No CA certificates configured"); - } - return null; + + public void configure() { + super.configure(); + SpringBKUServlet.setConfigurator(this); } - private CertStore getCertstore() throws IOException, CertificateException, - InvalidAlgorithmParameterException, NoSuchAlgorithmException { - String certDirectory = getProperty("SSL.certDirectory"); - if (certDirectory != null) { - Resource certDirRes = resourceLoader.getResource(certDirectory); + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } - File certDir = certDirRes.getFile(); + private File getDirectory(String property) { + if (property != null) { + Resource certDirRes = resourceLoader.getResource(property); + File certDir; + try { + certDir = certDirRes.getFile(); + } catch (IOException e) { + log.error("Cannot get cert directory", e); + throw new SLRuntimeException(e); + } if (!certDir.isDirectory()) { log.error("Expecting directory as SSL.certDirectory parameter"); throw new SLRuntimeException( "Expecting directory as SSL.certDirectory parameter"); } - List certCollection = new LinkedList(); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - for (File f : certDir.listFiles()) { - try { - FileInputStream fis = new FileInputStream(f); - X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); - certCollection.add(cert); - fis.close(); - log - .trace("Added following cert to certstore: " - + cert.getSubjectDN()); - } catch (Exception ex) { - log.error("Cannot add certificate", ex); - } - } - CollectionCertStoreParameters csp = new CollectionCertStoreParameters( - certCollection); - return CertStore.getInstance("Collection", csp); - - } else { - log.warn("No certstore configured"); + return certDir; } return null; + } - public void configureSSL() { - Set caCerts = null; - try { - caCerts = getCACerts(); - } catch (Exception e1) { - log.error("Cannot load CA certificates", e1); - } - CertStore certStore = null; - try { - certStore = getCertstore(); - } catch (Exception e1) { - log.error("Cannot load certstore certificates", e1); - } - System.setProperty("com.sun.security.enableAIAcaIssuers", "true"); - try { - X509CertSelector selector = new X509CertSelector(); - PKIXBuilderParameters pkixParams; - pkixParams = new PKIXBuilderParameters(caCerts, selector); - if ((getProperty("SSL.doRevocationChecking") != null) - && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) { - log.info("Enable revocation checking"); - pkixParams.setRevocationEnabled(true); - System.setProperty("com.sun.security.enableCRLDP", "true"); - Security.setProperty("ocsp.enable", "true"); - } else { - log.warn("Revocation checking disabled"); - pkixParams.setRevocationEnabled(false); - } - pkixParams.addCertStore(certStore); - ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters( - pkixParams); - TrustManagerFactory trustFab; - try { - trustFab = TrustManagerFactory.getInstance("PKIX"); - trustFab.init(trustParams); - KeyManager[] km = null; - SSLContext sslCtx = SSLContext - .getInstance(getProperty("SSL.sslProtocol")); - sslCtx.init(km, trustFab.getTrustManagers(), null); - HttpsURLConnection - .setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); - } catch (Exception e) { - log.error("Cannot configure SSL", e); - } + @Override + protected File getCADir() { + String caDirectory = getProperty("SSL.caDirectory"); + return getDirectory(caDirectory); + } - } catch (InvalidAlgorithmParameterException e) { - log.error("Cannot configure SSL", e); - } + @Override + protected File getCertDir() { + String certDirectory = getProperty("SSL.certDirectory"); + return getDirectory(certDirectory); } @Override - public void setResourceLoader(ResourceLoader loader) { - this.resourceLoader = loader; + protected InputStream getManifest() { + Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF"); + if (r != null) { + try { + return r.getInputStream(); + } catch (IOException e) { + log.error("Cannot read manifest data:", e); + } + } + return null; } } \ No newline at end of file diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index b70a6274..9e69099d 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -31,7 +31,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.HTTPBindingProcessor; import at.gv.egiz.bku.binding.HttpUtil; import at.gv.egiz.bku.binding.IdFactory; -import at.gv.egiz.bku.online.conf.Configurator; +import at.gv.egiz.bku.conf.Configurator; /** * Delivers the result to the browser @@ -108,8 +108,8 @@ public class ResultServlet extends SpringBKUServlet { resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1 resp.setHeader("Pragma", "no-cache"); // HTTP 1.0 resp.setDateHeader("Expires", 0); - if (Configurator.getInstance().getProperty(USER_AGENT_PROPERTY_KEY) != null) { - resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.getInstance().getProperty( + if (configurator.getProperty(USER_AGENT_PROPERTY_KEY) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, configurator.getProperty( USER_AGENT_PROPERTY_KEY)); } else { resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java index ec062e42..2c6f522e 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java @@ -16,16 +16,22 @@ */ package at.gv.egiz.bku.online.webapp; -import javax.servlet.http.HttpServlet; - -import at.gv.egiz.bku.binding.BindingProcessorManager; -import at.gv.egiz.bku.online.conf.Configurator; +import javax.servlet.http.HttpServlet; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.conf.Configurator; public abstract class SpringBKUServlet extends HttpServlet { public final static String BEAN_NAME="bindingProcessorManager"; + protected static Configurator configurator; + protected BindingProcessorManager getBindingProcessorManager() { return (BindingProcessorManager) getServletContext().getAttribute(BEAN_NAME); + } + + public static void setConfigurator(Configurator conf) { + configurator = conf; } } diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties index 73d89f22..d7fc5ae9 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -36,6 +36,10 @@ SSL.caDirectory=classpath:at/gv/egiz/bku/online/conf/certs/CACerts SSL.doRevocationChecking=true SSL.sslProtocol=TLS +SSL.cache.lifetime=3600 + +# use authority info access extension to find ca certs. +SSL.useAIA=true # ------------ END SSL Config -------------------- @@ -44,3 +48,4 @@ AppletTimeout=300000 #HTTPProxyHost=taranis.iaik.tugraz.at #HTTPProxyPort=8888 +#DefaultSocketTimeout=200 diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index 04b07ba4..b074da59 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -45,8 +45,8 @@ - + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java new file mode 100644 index 00000000..9a1e7020 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -0,0 +1,351 @@ +package at.gv.egiz.bku.conf; + +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; +import iaik.xml.crypto.XSecProvider; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.HttpURLConnection; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.Security; +import java.security.cert.CertStore; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.CollectionCertStoreParameters; +import java.security.cert.LDAPCertStoreParameters; +import java.security.cert.PKIXBuilderParameters; +import java.security.cert.TrustAnchor; +import java.security.cert.X509CertSelector; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Properties; +import java.util.Set; + +import javax.net.ssl.CertPathTrustManagerParameters; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.KeyManager; +import javax.net.ssl.ManagerFactoryParameters; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.DataUrl; +import at.gv.egiz.bku.binding.DataUrlConnection; +import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; +import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +public abstract class Configurator { + private Log log = LogFactory.getLog(Configurator.class); + + protected Properties properties; + + protected Configurator() { + } + + protected abstract File getCertDir(); + + protected abstract File getCADir(); + + protected abstract InputStream getManifest(); + + private Set getCACerts() throws IOException, + CertificateException { + Set caCerts = new HashSet(); + File caDir = getCADir(); + if (caDir != null) { + if (!caDir.isDirectory()) { + log.error("Expecting directory as SSL.caDirectory parameter"); + throw new SLRuntimeException( + "Expecting directory as SSL.caDirectory parameter"); + } + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + for (File f : caDir.listFiles()) { + try { + FileInputStream fis = new FileInputStream(f); + X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); + fis.close(); + log.debug("Adding trusted cert " + cert.getSubjectDN()); + caCerts.add(new TrustAnchor(cert, null)); + } catch (Exception e) { + log.error("Cannot add trusted ca", e); + } + } + return caCerts; + + } else { + log.warn("No CA certificates configured"); + } + return null; + } + + protected List getCertstore() throws IOException, + CertificateException, InvalidAlgorithmParameterException, + NoSuchAlgorithmException { + List resultList = new ArrayList(); + File certDir = getCertDir(); + if (certDir != null) { + if (!certDir.isDirectory()) { + log.error("Expecting directory as SSL.certDirectory parameter"); + throw new SLRuntimeException( + "Expecting directory as SSL.certDirectory parameter"); + } + List certCollection = new LinkedList(); + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + for (File f : certDir.listFiles()) { + try { + FileInputStream fis = new FileInputStream(f); + X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); + certCollection.add(cert); + fis.close(); + log + .trace("Added following cert to certstore: " + + cert.getSubjectDN()); + } catch (Exception ex) { + log.error("Cannot add certificate", ex); + } + } + CollectionCertStoreParameters csp = new CollectionCertStoreParameters( + certCollection); + resultList.add(CertStore.getInstance("Collection", csp)); + log.info("Added collection certstore"); + } else { + log.warn("No certstore directory configured"); + } + String ldapHost = getProperty("SSL.ldapServer"); + if ((ldapHost != null) && (!"".equals(ldapHost))) { + String ldapPortString = getProperty("SSL.ldapPort"); + int ldapPort = 389; + if (ldapPortString != null) { + try { + ldapPort = Integer.parseInt(ldapPortString); + } catch (NumberFormatException nfe) { + log.error("Invalid ldap port, using default 389"); + } + } else { + log.warn("ldap port not specified, using default 389"); + } + LDAPCertStoreParameters ldapParams = new LDAPCertStoreParameters( + ldapHost, ldapPort); + resultList.add(CertStore.getInstance("LDAP", ldapParams)); + log.info("Added LDAP certstore"); + } + return resultList; + } + + protected void configUrlConnections() { + HttpsURLConnection.setFollowRedirects(false); + HttpURLConnection.setFollowRedirects(false); + } + + protected void configureProviders() { + log.debug("Registering security providers"); + Security.insertProviderAt(new IAIK(), 1); + Security.insertProviderAt(new ECCProvider(false), 2); + Security.addProvider(new STALProvider()); + XSecProvider.addAsProvider(false); + StringBuilder sb = new StringBuilder(); + sb.append("Registered providers: "); + int i = 1; + for (Provider prov : Security.getProviders()) { + sb.append((i++) + ". : " + prov); + } + log.debug(sb.toString()); + } + + protected void configViewer() { + String bv = properties.getProperty("ValidateHashDataInputs"); + if (bv != null) { + DataObject.enableHashDataInputValidation(Boolean.parseBoolean(bv)); + } else { + log.warn("ValidateHashDataInputs not set, falling back to default"); + } + } + + public void configureNetwork() { + String proxy = getProperty("HTTPProxyHost"); + String portString = getProperty("HTTPProxyPort"); + if ((proxy == null) || (proxy.equals(""))) { + log.info("No proxy configured"); + } else { + log.info("Setting proxy to: " + proxy + ":" + portString); + System.setProperty("proxyHost", proxy); + System.setProperty("proxyPort", portString); + } + String timeout = getProperty("DefaultSocketTimeout"); + if ((timeout != null) && (!timeout.equals(""))) { + System.setProperty("sun.net.client.defaultConnectTimeout", timeout); + } + } + + public void configureVersion() { + Properties p = new Properties(); + try { + InputStream is = getManifest(); + if (is != null) { + p.load(getManifest()); + String version = p.getProperty("Implementation-Build"); + properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, + "citizen-card-environment/1.2 MOCCA " + version); + DataUrl.setConfiguration(properties); + log + .debug("Setting user agent to: " + + properties + .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); + } else { + log.warn("Cannot read manifest"); + properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, + "citizen-card-environment/1.2 MOCCA UNKNOWN"); + DataUrl.setConfiguration(properties); + } + } catch (IOException e) { + log.error(e); + } + } + + public void configure() { + configureProviders(); + configUrlConnections(); + configViewer(); + configureSSL(); + configureVersion(); + configureNetwork(); + } + + public void setConfiguration(Properties props) { + this.properties = props; + } + + public String getProperty(String key) { + if (properties != null) { + return properties.getProperty(key); + } + return null; + } + + public void configureSSL() { + Set caCerts = null; + try { + caCerts = getCACerts(); + } catch (Exception e1) { + log.error("Cannot load CA certificates", e1); + } + List certStoreList = null; + try { + certStoreList = getCertstore(); + } catch (Exception e1) { + log.error("Cannot load certstore certificates", e1); + } + String aia = getProperty("SSL.useAIA"); + if ((aia == null) || (aia.equals(""))) { + System.setProperty("com.sun.security.enableAIAcaIssuers", "true"); + } else { + System.setProperty("com.sun.security.enableAIAcaIssuers", aia); + } + String lifetime = getProperty("SSL.cache.lifetime"); + if ((lifetime == null) || (lifetime.equals(""))) { + System.setProperty("sun.security.certpath.ldap.cache.lifetime", "0"); + } else { + System.setProperty("sun.security.certpath.ldap.cache.lifetime", lifetime); + } + X509CertSelector selector = new X509CertSelector(); + PKIXBuilderParameters pkixParams; + try { + pkixParams = new PKIXBuilderParameters(caCerts, selector); + if ((getProperty("SSL.doRevocationChecking") != null) + && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) { + log.info("Enable revocation checking"); + System.setProperty("com.sun.security.enableCRLDP", "true"); + Security.setProperty("ocsp.enable", "true"); + } else { + log.warn("Revocation checking disabled"); + } + for (CertStore cs : certStoreList) { + pkixParams.addCertStore(cs); + } + ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters( + pkixParams); + TrustManagerFactory trustFab; + trustFab = TrustManagerFactory.getInstance("PKIX"); + trustFab.init(trustParams); + KeyManager[] km = null; + SSLContext sslCtx = SSLContext + .getInstance(getProperty("SSL.sslProtocol")); + String disableAll = getProperty("SSL.disableAllChecks"); + if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { + log.warn("--------------------------------------"); + log.warn(" Disabling SSL Certificate Validation "); + log.warn("--------------------------------------"); + + sslCtx.init(km, new TrustManager[] { new MyTrustManager(caCerts, + certStoreList) }, null); + } else { + sslCtx.init(km, trustFab.getTrustManagers(), null); + } + HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); + } catch (Exception e) { + log.error("Cannot configure SSL", e); + } + String disableAll = getProperty("SSL.disableAllChecks"); + if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { + log.warn("---------------------------------"); + log.warn(" Disabling Hostname Verification "); + log.warn("---------------------------------"); + HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { + @Override + public boolean verify(String hostname, SSLSession session) { + return true; + } + }); + } + } + + private static class MyTrustManager implements X509TrustManager { + private static Log log = LogFactory.getLog(MyTrustManager.class); + private X509Certificate[] trustedCerts; + + public MyTrustManager(Set caCerts, List cs) { + trustedCerts = new X509Certificate[caCerts.size()]; + int i = 0; + for (Iterator it = caCerts.iterator(); it.hasNext();) { + TrustAnchor ta = it.next(); + trustedCerts[i++] = ta.getTrustedCert(); + } + } + + @Override + public void checkClientTrusted(X509Certificate[] arg0, String arg1) + throws CertificateException { + log.error("Did not expect this method to get called"); + throw new CertificateException("Method not implemented"); + } + + @Override + public void checkServerTrusted(X509Certificate[] certs, String arg1) + throws CertificateException { + log.warn("-------------------------------------"); + log.warn("SSL Certificate Validation Disabled !"); + log.warn("-------------------------------------"); + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return trustedCerts; + } + } +} diff --git a/pom.xml b/pom.xml index dbe2812e..c18a4c2c 100644 --- a/pom.xml +++ b/pom.xml @@ -19,6 +19,7 @@ STALService BKUCommonGUI BKUViewer + BKULocalApp diff --git a/utils/src/main/java/at/gv/egiz/bku/local/ui/TrayIconDialog.java b/utils/src/main/java/at/gv/egiz/bku/local/ui/TrayIconDialog.java index 5aa74d99..c7aae215 100644 --- a/utils/src/main/java/at/gv/egiz/bku/local/ui/TrayIconDialog.java +++ b/utils/src/main/java/at/gv/egiz/bku/local/ui/TrayIconDialog.java @@ -107,7 +107,7 @@ public class TrayIconDialog implements TrayIconDialogInterface { if (isSupported) { SystemTray tray = SystemTray.getSystemTray(); Image image = ImageIO.read(getClass().getClassLoader() - .getResourceAsStream("at/gv/egiz/bku/local/ui/chipperling.png")); + .getResourceAsStream("at/gv/egiz/bku/local/ui/favicon.png")); PopupMenu popup = new PopupMenu(); MenuItem exitItem = new MenuItem(resourceBundel .getString("TrayMenu.Shutdown")); -- cgit v1.2.3 From 5702f241064f90106e8495f3cf23b6e6798d6501 Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 1 Oct 2008 10:49:31 +0000 Subject: added project for local MOCCA git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@79 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKULocalApp/pom.xml | 93 ++++------- .../java/at/gv/egiz/bku/local/app/BKULauncher.java | 15 -- .../java/at/gv/egiz/bku/local/app/Container.java | 23 +-- BKULocalApp/src/main/resources/splash.png | Bin 0 -> 54978 bytes .../egiz/bku/online/conf/SpringConfigurator.java | 1 + .../service/impl/RequestBrokerSTALFactory.java | 2 +- .../egiz/stal/service/impl/STALRequestBroker.java | 2 +- .../stal/service/impl/STALRequestBrokerImpl.java | 2 +- .../gv/egiz/bku/online/conf/defaultConf.properties | 2 +- .../slexceptions/SLExceptionMessages.properties | 3 +- .../slexceptions/SLExceptionMessages_de.properties | 3 +- .../slexceptions/SLExceptionMessages_en.properties | 1 + utils/pom.xml | 181 +++++++++------------ 13 files changed, 119 insertions(+), 209 deletions(-) create mode 100644 BKULocalApp/src/main/resources/splash.png (limited to 'bkucommon/src/main') diff --git a/BKULocalApp/pom.xml b/BKULocalApp/pom.xml index e2d17d7c..9ad6f50b 100644 --- a/BKULocalApp/pom.xml +++ b/BKULocalApp/pom.xml @@ -28,76 +28,41 @@ + + org.apache.maven.plugins + maven-jar-plugin + + + + true + at.gv.egiz.bku.local.app.BKULauncher + + + + - maven-dependency-plugin - - - - copywar - - copy - - - - - at.gv.egiz - BKULocal - 1.0-SNAPSHOT - war - - - - ${project.build.directory}/classes - - - - - unpack-dependencies - - unpack-dependencies - - - javax/xml/crypto/**, demo/**, - junit/**, w3/**, org/etsi/**, META-INF/** - ${project.build.directory}/classes - true - true - - - - + maven-dependency-plugin + + + copy-dependencies + package + + copy-dependencies + + + ${project.build.directory} + false + false + true + + + + - - maven-jar-plugin - - - - sign - - - - - - false - false - - false - true - - - test-applet signer - ./keystore.ks - storepass - keypass - true - - - - commons-logging commons-logging diff --git a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java index 091843e1..9a953f9e 100644 --- a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java +++ b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java @@ -168,20 +168,6 @@ public class BKULauncher implements BKUControllerInterface { } } - public void jwsHack() { - InputStream is = getClass().getClassLoader().getResourceAsStream( - "BKULocal-1.0-SNAPSHOT.war"); - File f = new File(System.getProperty("user.home") + "/.mocca/war"); - f.mkdirs(); - try { - OutputStream os = new FileOutputStream(new File(f, "mocca.war")); - StreamUtil.copyStream(is, os); - os.close(); - } catch (Exception e) { - log.error(e); - } - } - /** * @param args */ @@ -189,7 +175,6 @@ public class BKULauncher implements BKUControllerInterface { try { BKULauncher launcher = new BKULauncher(); - //launcher.jwsHack(); launcher.checkConfig(args); launcher.startUpServer(); launcher.initTrayIcon(); diff --git a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java index 690639f4..a8a6431a 100644 --- a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java +++ b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/Container.java @@ -2,6 +2,8 @@ package at.gv.egiz.bku.local.app; import java.io.File; import java.io.IOException; +import java.net.URL; +import java.net.URLClassLoader; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -12,7 +14,6 @@ import org.mortbay.jetty.handler.DefaultHandler; import org.mortbay.jetty.handler.HandlerCollection; import org.mortbay.jetty.nio.SelectChannelConnector; import org.mortbay.jetty.security.SslSocketConnector; -import org.mortbay.jetty.webapp.WebAppClassLoader; import org.mortbay.jetty.webapp.WebAppContext; import org.mortbay.thread.QueuedThreadPool; @@ -26,8 +27,6 @@ public class Container { } public void init() { - Thread.currentThread().setContextClassLoader(ClassLoader.getSystemClassLoader()); - log.debug("-----------------> "+ClassLoader.getSystemClassLoader()); server = new Server(); QueuedThreadPool qtp = new QueuedThreadPool(); qtp.setMaxThreads(5); @@ -56,21 +55,9 @@ public class Container { WebAppContext webappcontext = new WebAppContext(); webappcontext.setContextPath("/"); webappcontext.setExtractWAR(false); - - File tmpDir = new File(System.getProperty("user.home") + "/.mocca/tmp"); - // tmpDir.mkdirs(); - // webappcontext.setTempDirectory(tmpDir); - try { - File f = new File(System.getProperty("user.home") - + "/.mocca/war/mocca.war"); - log.debug("Deploying war: " + f.getCanonicalPath()); - if (!f.exists()) { - log.error("WAR file does not exist, cannot run MOCCA"); - } - webappcontext.setWar(f.getParent()); - } catch (IOException e) { - log.error(e); - } + System.out.println(getClass().getClassLoader().getResource("log4j.properties")); + webappcontext.setWar("BKULocal-1.0-SNAPSHOT.war"); + handlers.setHandlers(new Handler[] { webappcontext, new DefaultHandler() }); server.setHandler(handlers); diff --git a/BKULocalApp/src/main/resources/splash.png b/BKULocalApp/src/main/resources/splash.png new file mode 100644 index 00000000..72c1d868 Binary files /dev/null and b/BKULocalApp/src/main/resources/splash.png differ diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index a369d829..6030c1c0 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -60,6 +60,7 @@ public class SpringConfigurator extends Configurator implements if ((appletTimeout != null)) { try { long ato = Long.parseLong(appletTimeout); + log.debug("Setting applet timeout to:"+ato); RequestBrokerSTALFactory.setTimeout(ato); } catch (NumberFormatException nfe) { log.error("Cannot set Applettimeout", nfe); diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java index 45ee67d0..9c4aca28 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java @@ -32,7 +32,7 @@ import at.gv.egiz.stal.STALFactory; */ public class RequestBrokerSTALFactory implements STALFactory { - private static long timeout; + private static long timeout = -1; @Override public STAL createSTAL() { diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java index af886eec..63eac311 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java @@ -32,7 +32,7 @@ import java.util.List; */ public interface STALRequestBroker extends STAL { - public static final int ERR_6000 = 6000; + public static final int ERR_4500 = 4500; public static final long DEFAULT_TIMEOUT_MS = 1000*60*5; //5mn public List connect(); diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java index bfa83dd4..4aa5130a 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java @@ -150,7 +150,7 @@ public class STALRequestBrokerImpl implements STALRequestBroker { // reqMon.setHashDataInput(null); requests.clear(); //TODO sync on requests? hashDataInputs.clear(); - return Collections.singletonList((STALResponse) new ErrorResponse(ERR_6000)); + return Collections.singletonList((STALResponse) new ErrorResponse(ERR_4500)); } } log.trace("consuming responses"); diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties index d7fc5ae9..9766ae26 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -48,4 +48,4 @@ AppletTimeout=300000 #HTTPProxyHost=taranis.iaik.tugraz.at #HTTPProxyPort=8888 -#DefaultSocketTimeout=200 +DefaultSocketTimeout=200 diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties index cf52a4c3..73409c8b 100644 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties @@ -68,7 +68,8 @@ ec4119=Datum, f ec4120=Gewählter Infoboxbezeichner bereits vergeben. ec4121=Infobox mit spezifiziertem Bezeichner existiert nicht. ec4122=Inhalt der ausgewählten Infobox kann nicht als XML dargestellt werden. -ec4123=Assoziatives Array: Zum spezifizierten Schlüssel existiert kein Eintrag. +ec4123=Assoziatives Array: Zum spezifizierten Schlüssel existiert kein Eintrag. +ec4500=Die Sitzung ist abgelaufen. ec5000=Unklassifizierter Fehler in der Anzeigekomponente. ec5001=Anzeige von Daten des in der Befehlsanfrage angegebenen Mime-Types wird nicht unterstützt. ec5002=Zeichenkodierung der anzuzeigenden Daten ist fehlerhaft oder wird nicht unterstützt. diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties index cf52a4c3..73409c8b 100644 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_de.properties @@ -68,7 +68,8 @@ ec4119=Datum, f ec4120=Gewählter Infoboxbezeichner bereits vergeben. ec4121=Infobox mit spezifiziertem Bezeichner existiert nicht. ec4122=Inhalt der ausgewählten Infobox kann nicht als XML dargestellt werden. -ec4123=Assoziatives Array: Zum spezifizierten Schlüssel existiert kein Eintrag. +ec4123=Assoziatives Array: Zum spezifizierten Schlüssel existiert kein Eintrag. +ec4500=Die Sitzung ist abgelaufen. ec5000=Unklassifizierter Fehler in der Anzeigekomponente. ec5001=Anzeige von Daten des in der Befehlsanfrage angegebenen Mime-Types wird nicht unterstützt. ec5002=Zeichenkodierung der anzuzeigenden Daten ist fehlerhaft oder wird nicht unterstützt. diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties index 8e0a09bc..91ca20e8 100644 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties @@ -69,6 +69,7 @@ ec4120=Selected info box identifier already allocated. ec4121=Info box with specified identifier does not exist. ec4122=Contents of the selected info box cannot be displayed as XML. ec4123=Associative array: No entry for the specified key. +ec4500=The session expired. ec5000=Unclassified error in the viewer component. ec5001=Display of data of the mime type specified in the command request not supported. ec5002=Character encoding of the data to be displayed is invalid or not supported. diff --git a/utils/pom.xml b/utils/pom.xml index 7408f12b..d6b58234 100644 --- a/utils/pom.xml +++ b/utils/pom.xml @@ -1,108 +1,77 @@ - - - bku - at.gv.egiz - 1.0-SNAPSHOT - - 4.0.0 - at.gv.egiz - utils - BKU Utils - jar - 1.0-SNAPSHOT - http://bku.egiz.gv.at - - - - - - - - commons-logging - commons-logging - - - iaik - iaik_jce_full_signed - - - iaik - iaik_ecc_signed - - - iaik - iaik_xsect - - - - + + + bku + at.gv.egiz + 1.0-SNAPSHOT + + 4.0.0 + at.gv.egiz + utils + BKU Utils + jar + 1.0-SNAPSHOT + http://bku.egiz.gv.at + + + + + + + + commons-logging + commons-logging + + + iaik + iaik_jce_full_signed + + + iaik + iaik_ecc_signed + + + iaik + iaik_xsect + + + + -- cgit v1.2.3 From 27d91275555207f9e152c2867d52fbbf83f92ba7 Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 8 Oct 2008 08:39:17 +0000 Subject: changed ssl certificate validation, now using iaik_pki git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@83 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/webapp/WEB-INF/applicationContext.xml | 2 + .../at/gv/egiz/bku/local/defaultConf/template.zip | Bin 17759 -> 23517 bytes .../egiz/bku/online/webapp/BKURequestHandler.java | 4 +- .../bku/online/webapp/HashDataInputServlet.java | 96 +++++ .../stal/service/impl/STALRequestBrokerImpl.java | 6 +- .../online/conf/certs/certStore/a-sign-SSL-03.cer | 26 -- .../conf/certs/certStore/a-sign-corporate-03.cer | 27 -- .../certs/certStore/a-sign-corporate-light-01a.cer | 21 - .../certs/certStore/a-sign-corporate-light-02a.cer | 27 -- .../certs/certStore/a-sign-corporate-light-03.cer | 27 -- .../certStore/a-sign-corporate-medium-01a.cer | 21 - .../certStore/a-sign-corporate-medium-02a.cer | 27 -- .../certs/certStore/tobeadded/A-Trust-Qual-01a.cer | Bin 0 -> 1111 bytes .../certs/certStore/tobeadded/A-Trust-Qual-02a.cer | Bin 0 -> 975 bytes .../certs/certStore/tobeadded/A-Trust-Qual-03a.cer | Bin 0 -> 975 bytes .../certStore/tobeadded/A-Trust-nQual-01a.cer | Bin 0 -> 865 bytes .../certs/certStore/tobeadded/A-Trust-nQual-03.cer | Bin 0 -> 979 bytes .../certs/certStore/tobeadded/a-sign-SSL-03.cer | 26 ++ .../certStore/tobeadded/a-sign-corporate-03.cer | 27 ++ .../tobeadded/a-sign-corporate-light-01a.cer | 21 + .../tobeadded/a-sign-corporate-light-02a.cer | 27 ++ .../tobeadded/a-sign-corporate-light-03.cer | 27 ++ .../tobeadded/a-sign-corporate-medium-01a.cer | 21 + .../tobeadded/a-sign-corporate-medium-02a.cer | 27 ++ .../gv/egiz/bku/online/conf/defaultConf.properties | 10 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 4 + BKUOnline/src/main/webapp/WEB-INF/web.xml | 191 +++++----- .../src/test/resources/applicationContext.xml | 2 + STALService/pom.xml | 5 + .../at/gv/egiz/stal/util/HashDataInputProxy.java | 67 ++++ bkucommon/pom.xml | 159 ++++---- .../java/at/gv/egiz/bku/conf/CertValidator.java | 13 + .../at/gv/egiz/bku/conf/CertValidatorImpl.java | 83 ++++ .../java/at/gv/egiz/bku/conf/Configurator.java | 140 +++---- .../at/gv/egiz/bku/conf/CertValidatorTest.java | 32 ++ .../bku/conf/certs/CACerts/A-Trust-Qual-01a.cer | Bin 0 -> 1111 bytes .../bku/conf/certs/CACerts/A-Trust-Qual-02a.cer | Bin 0 -> 975 bytes .../bku/conf/certs/CACerts/A-Trust-Qual-03a.cer | Bin 0 -> 975 bytes .../bku/conf/certs/CACerts/A-Trust-nQual-01a.cer | Bin 0 -> 865 bytes .../bku/conf/certs/CACerts/A-Trust-nQual-03.cer | Bin 0 -> 979 bytes .../bku/conf/certs/certStore/A-Trust-Qual-01a.cer | Bin 0 -> 1111 bytes .../bku/conf/certs/certStore/A-Trust-Qual-02a.cer | Bin 0 -> 975 bytes .../bku/conf/certs/certStore/A-Trust-Qual-03a.cer | Bin 0 -> 975 bytes .../bku/conf/certs/certStore/A-Trust-nQual-01a.cer | Bin 0 -> 865 bytes .../bku/conf/certs/certStore/A-Trust-nQual-03.cer | Bin 0 -> 979 bytes .../bku/conf/certs/certStore/a-sign-SSL-03.cer | 26 ++ .../conf/certs/certStore/a-sign-corporate-03.cer | 27 ++ .../certs/certStore/a-sign-corporate-light-01a.cer | 21 + .../certs/certStore/a-sign-corporate-light-02a.cer | 27 ++ .../certs/certStore/a-sign-corporate-light-03.cer | 27 ++ .../certStore/a-sign-corporate-medium-01a.cer | 21 + .../certStore/a-sign-corporate-medium-02a.cer | 27 ++ .../bku/conf/certs/testCerts/www.a-trust.at.der | Bin 0 -> 1230 bytes pom.xml | 424 +++++++++++---------- 54 files changed, 1142 insertions(+), 624 deletions(-) create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/HashDataInputServlet.java delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer delete mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-01a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-02a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-03a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-01a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-03.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-SSL-03.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-03.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-01a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-02a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-03.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-01a.cer create mode 100644 BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-02a.cer create mode 100644 STALService/src/main/java/at/gv/egiz/stal/util/HashDataInputProxy.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/conf/CertValidatorTest.java create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-01a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-02a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-03a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-01a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-03.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-01a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-02a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-03a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-01a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-03.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-SSL-03.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-03.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-01a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-02a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-03.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-01a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-02a.cer create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/testCerts/www.a-trust.at.der (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index a4003a2a..a951f056 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -48,11 +48,13 @@ + + diff --git a/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip index f57e8930..8bdcbb0d 100644 Binary files a/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip and b/BKULocalApp/src/main/resources/at/gv/egiz/bku/local/defaultConf/template.zip differ diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index 20320d8e..544bbc99 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -31,6 +31,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.HTTPBindingProcessor; import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.binding.IdFactory; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; /** @@ -51,7 +52,8 @@ public class BKURequestHandler extends SpringBKUServlet { log.debug("Using locale: " + locale); HttpSession session = req.getSession(); if (session != null) { - session.invalidate(); + log.warn("Already a session with id: "+session.getId()+ " active, deleting this one"); + getBindingProcessorManager().removeBindingProcessor(IdFactory.getInstance().createId(session.getId())); } String id = req.getSession(true).getId(); log.debug("Using session id: " + id); diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/HashDataInputServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/HashDataInputServlet.java new file mode 100644 index 00000000..59766586 --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/HashDataInputServlet.java @@ -0,0 +1,96 @@ +package at.gv.egiz.bku.online.webapp; + +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.io.Reader; +import java.io.Writer; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.BindingProcessor; +import at.gv.egiz.bku.binding.Id; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.service.impl.STALRequestBroker; +import at.gv.egiz.stal.service.impl.STALRequestBrokerImpl; +import at.gv.egiz.stal.service.impl.STALServiceImpl; + +public class HashDataInputServlet extends SpringBKUServlet { + + private static Log log = LogFactory.getLog(HashDataInputServlet.class); + + public HashDataInputServlet() { + } + + private STALRequestBroker getSTAL(Id id) { + BindingProcessor bp = getBindingProcessorManager().getBindingProcessor(id); + if (bp == null) { + return null; + } + STAL stal = bp.getSTAL(); + if (stal instanceof STALRequestBroker) { + return (STALRequestBroker) stal; + } else { + throw new SLRuntimeException("Unexpected STAL type"); + } + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + if ((req.getSession() == null) && (req.getSession().getId() != null)) { + log.warn("Got request for hashdatainput without session info"); + resp.sendRedirect("expired.html"); + return; + } + Id sessionId = IdFactory.getInstance().createId(req.getSession().getId()); + log.debug("Got request for hashdata for session " + sessionId); + STALRequestBroker rb = getSTAL(sessionId); + if (rb == null) { + log.info("STAL instance not found for session: " + sessionId); + resp.sendRedirect("expired.html"); + return; + } + List hdi = rb.getHashDataInput(); + log.debug("Got hashdata list with " + hdi.size() + " entries"); + String param = req.getParameter("number"); + int num = 0; + if (param != null) { + log.debug("Got request for hashdata#" + num); + num = Integer.parseInt(param); + } + if ((hdi.size() <= num) || (num < 0)){ + log.warn("Requested hashdatainput exceeds listsize"); + resp.sendError(-1); + return; + } + resp.setCharacterEncoding(req.getCharacterEncoding()); + resp.setContentType(hdi.get(num).getMimeType()); + String charSet = req.getCharacterEncoding(); + if (charSet == null) { + charSet = "UTF-8"; + } + Reader r = new InputStreamReader(hdi.get(num).getHashDataInput(), charSet); + Writer w = new OutputStreamWriter(resp.getOutputStream(), charSet); + StreamUtil.copyStream(r, w); + w.close(); + return; + } + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + doGet(req, resp); + } + +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java index 4aa5130a..074aff2d 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java @@ -32,6 +32,7 @@ import at.gv.egiz.stal.service.types.QuitRequestType; import at.gv.egiz.stal.service.types.RequestType; import at.gv.egiz.stal.service.types.ResponseType; import at.gv.egiz.stal.service.types.SignRequestType; +import at.gv.egiz.stal.util.HashDataInputProxy; import at.gv.egiz.stal.util.STALTranslator; import java.util.ArrayList; import java.util.Collections; @@ -108,7 +109,10 @@ public class STALRequestBrokerImpl implements STALRequestBroker { req.setKeyIdentifier(((SignRequest) stalRequest).getKeyIdentifier()); req.setSignedInfo(((SignRequest) stalRequest).getSignedInfo()); requests.add(req); - hashDataInputs.addAll(((SignRequest) stalRequest).getHashDataInput()); + for (HashDataInput hdi : ((SignRequest) stalRequest).getHashDataInput()) { + hashDataInputs.add(new HashDataInputProxy(hdi)); + } + //hashDataInputs.addAll(((SignRequest) stalRequest).getHashDataInput()); break; } else if (stalRequest instanceof InfoboxReadRequest) { log.trace("Received InfoboxReadRequest"); diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer deleted file mode 100644 index ee859434..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEdzCCA1+gAwIBAgIDAmU4MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R -dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA2MDgxNjIyMDAw -MFoXDTE2MDgxNjIyMDAwMFowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy -dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 -ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt -c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6 -PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK -k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj -r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG -AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt -Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd -LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E -CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG -MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv -b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl -dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1 -dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAHKlnV3R9sbXojtONugyazkZCEzmC -nZF1Dz4cOL0vPzzvS8MVWtG43zAgVI1NT/0ETSWsXD3YfzRi+f+/CxrGn0gwZX2t -VGx+Z9w5ufiy1vuhxDUPmpos1TbJ4Wv3Une0E7iuHmNLg5qVlKeHWpcU8t1Y0nCt -eRz34Qm87AVAykta33XST1fYvGoPKsDtn3qx9ye/pcbDvWjPwmqF2UUoql+d5hmJ -Umgzwezqk4I+FS98BrnaPgC5UVFHg+yUjiUDLjYy7UvDZ5Led6kkLXuzVhQolLvr -KTrGp5k42PG2MMkw8f6GMF/6yePXgzFMCRN8ReR7J5Htv33SytLRmFRd8g== ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer deleted file mode 100644 index 7e67be95..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEgzCCA2ugAwIBAgIDAarsMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R -dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw -MFoXDTE1MTExMzIzMDAwMFowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy -dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 -ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1jb3Jwb3JhdGUtMDMxHDAaBgNV -BAMME2Etc2lnbi1jb3Jwb3JhdGUtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQCp44qY+AiVXlcnHoKvch9s3ujoWFNktvcteIPwK7s0mb/uxTUW9UIF -Die9n3AbyTsJE6R3nZYSJVHHi+1DKD72/WEo/B5NOOtd6KUMfJgca1tDmcsIwhFn -82qkZrbNQwdIIdLe6+nDmjd9UBIaKv7yy1kq20jh09HOK3/bWhafVQE7EAgDfNrn -8f0JfnnF0EA/La5kkg878L22fh9lRzt8H21THqJPtK4/e9SttjrJnPhFk2/MjAGS -uaDufG6BV5Hnn7klR5qm5q32ypleLA6Zi4m9jRCVtPd4jRPYM40XpRkrJuFw+lxp -rejfEZt/SRh1eQXiXDUgtgX8OaIylH9pAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUw -AwEB/zARBgNVHQ4ECgQIQj75YZ1a5XIwEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYD -VR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFw -LmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9j -ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy -dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEARu7e1SyBRjlA -g/thtFwtKQRvopTZKWj2LWpEdvPvwThOvf8Depnas+ly5af8r8YzsqJzfX3XWvhN -qOOI24g5FmXfCUTq/kbtaeTq/AqV94793IJfcilPnpMOEHMqXNDiRUoAgR/9EVj8 -mDVvL2lLlJzeAltqOD5Bi9QwguaD2/3/E5ymFnqkf1dnlXbo8AhcwPEzReNKn1eM -Ilg4FwP1bP0HUK3Fyz1UQ/Hncg+MS7c+SkjpNEd4sH7/GdxuQs5Sk7IRwot1+sbX -3CkkPhSqiUzig9raxJYrtbb2kyiUO8+d5HzRyoP4BNzsdZdPc0gDYweXg5qarHOQ -16IEOtBmKg== ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer deleted file mode 100644 index 0c68e593..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEJjCCAw6gAwIBAgIDAOJEMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK -EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R -dWFsLTAxMB4XDTA0MTEzMDIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgw -RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 -ZW52ZXJrZWhyIEdtYkgxIjAgBgNVBAsTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDExIjAgBgNV -BAMTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQDGC65v8rni63DojEBriynPwRqNCp14/SkN5ROkTUGNvLSabfSJV4PKGLTzasPAaChwX0g/ -kebahFM3R7nIyeVx2YB8VRvC4I/spP/mCs5+6pf1N+6Kiq4NcswgNBBfqAteaQIylBMy6HDkjoXY -X/c+SxjyrqAkeZCK+SHMOraXCO1PZHWbYwleKXf4R2Z6ayEfJ2XWeVuqqon76WHp/POI0RADBchA -6Vm1ROzSAHz39bay1TZunQXSs3VQ9cE3uQPjN+80efmf0ZgNF0sXsDTssoZg2feTANSOkTGM1bMC -5xe1hWFL8MZNe4yZ+NSgFN2fofb8BPvyQAW0no2PNA6PAgMBAAGjgbMwgbAwDwYDVR0TAQH/BAUw -AwEB/zARBgNVHQ4ECgQITp5/1C/JHx8wEwYDVR0jBAwwCoAITlnOxwIyhzAwDgYDVR0PAQH/BAQD -AgEGMGUGA1UdHwReMFwwWqBYoFaGVGxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1u -UXVhbC0wMSxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0PzANBgkqhkiG -9w0BAQUFAAOCAQEAOtuz2GqnTibk/poCLrdYKpZSrLyfWFsJJpfBYA9HMasnfpJBCHgRHJud6DAO -xD900Vhmwy66D8dqsN3+fR8Bx8ZMKspnFN1B2Wz7LWOxMaKqP3JolJ/oVwzJRm0afcUMAfAumkc5 -Yqu0nC5qCF9zYY9YbJklh84uEzEg9j85kuRBHOCUc+5MVrnv7WPbirx6c95YFqXBQ0arA5QE9zYq -MDO8aUYPOWEHgtrVI+kMwELYHqLDX7i9VqsXhgFPeVz1wIV7s/i3budGeHMS6hjnyIc30FqM7CTY -fcvqVNZliErbjD1k1W1gMgvjLJowNvQC0W7K9/yoQhwTqtNMR4WZwA== ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer deleted file mode 100644 index c300891d..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEizCCA3OgAwIBAgIDAOSoMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 -YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa -Fw0xNDEyMTMyMzAwMDBaMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz -dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy -a2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIw -IAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAk6V4oEauvXgEICqgjTbGHaiDhBVo2nosX23osoKM -LTkkO/nOCgpdCYpLKgURxwrgHgVh9XT99yxhy6lDwt2rASajj0sQ1fY5BmWVyrXS -dQ78ISMPb73XaG4M8H7PJFcsVEo9n8veVQwnMY5mSWy0r1IO8n93Bjbmmi4Zt8oS -p9olWo5/8ByYW8S/AKZuQx+q+bFJv7geuApVjK2iVFe8yQqHhAgDsAsDlMvxDAQ/ -vhrGwHRv8N3sLsjirnbf5S2dGLDjASOMUFvwfLQd7gHH7PV37Xa+aQqa97eE6O4O -sIhcGRYhoLk/tWTBDapcgHJ0yTtrftuwORVteLUAy0gBNwIDAQABo4HhMIHeMA8G -A1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEkcWDpP6A0DMBMGA1UdIwQMMAqACEI9 -KySmwUXOMA4GA1UdDwEB/wQEAwIBBjCBkgYDVR0fBIGKMIGHMIGEoIGBoH+GfWxk -YXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1RdWFsLTAyLG89QS1UcnVz -dCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFzZT9vYmplY3RjbGFz -cz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBBQUAA4IBAQBH -opWG7LKmPBvuGjZnRV4KGKzzUYVuxSRS1E0VIUPbVLf5xW2r5uUpR8ud5EpiPrcw -k6K0dzu2Vb4ZbMIP+6J16S/0qvTp/3A/3q87+nJ+ot+IT8GZFJfSw18th2WmZdzR -ShbM6sgViPtGsFROCdWeiHl248w2+zG+09sf8Bu3UyvwLRAiiKaxuwVdQ9kc0TL3 -gvv+K5eisWWthQOX2IF2jGSEqoAVwfHhl7bc9Vt7XnJSpQFebHnsIVuV4Mv6w4ww -86hQPCLLvvV7wWDiBQ8l2FWneX0pNH3Wg+A1TRUoptc+pPDdpoP272MDm4fXyPKV -7QgIaIK+gXNUj2GGt1K9 ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer deleted file mode 100644 index 2251ca22..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEjzCCA3egAwIBAgIDAartMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R -dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw -MFoXDTE1MTExMzIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy -dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 -ZXJrZWhyIEdtYkgxIjAgBgNVBAsMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMx -IjAgBgNVBAMMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQC359oitbHkkEgdErRPeBdkcYRK2DLdxfcnn+SI -umSEYzWVscRTchPKSzb7f1a6EHPbB5WZsGJaUDX9KfTqsJNMo+7bASKk3gsLVxNZ -qY2t2G+y8HvREYYejDOIzjAkcBQrt+nvuBUlGYVJQjEuyAn18f2vG0Y3VNvZFGKn -PK8AVycUMk0Uw21RbK3vX5tbbPgQ/kcZkN4czi5VHepMvf6hAwwLoJj+KL9zxm8j -yPK88qCBKAjMNCpZKsEhyanw1CjYbVmHs45Q5W6FBtqDcS6Iq4mC6TtUPGtCTuoH -7/JLuhEp075ohp87v3fSlzeLJjBpkUDP9U8Tv7l2euD0t1UVAgMBAAGjgeMwgeAw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIQZFpHL+t2JgwEwYDVR0jBAwwCoAI -RGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCG -fmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEt -VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0 -Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC -AQEADTRIaQtPwoPS6/TpyBhOw4wAHk/RM4gkLT76URPY2sUHihxqy+8qEElN+f5l -I61myCP3IFTClflcHVR1QCoMg0ZI5/EcQTI8Dgd5iQkXuVjh3wCj87Ka2Tu7d1K+ -i9VJ4BR/ph/qmPKR7Lx/PtATw/vWo4k2rbt5o1QwixZ7CPt+BF9xCaAC4uL0bB0M -9M3i9W2ePmqX6WIB3jMkT9FQC0KihPPfw/17KddNi4rFMMEiTyKvJTtTqDnIAwWW -TqsL1G7oxMMtnnYaKWMQ6gQiOiRzCY7efcAi/3YwUX6ULW5zxqapNs1vqEbSGsQE -l1eFl67HBZHYAPdoHGUnZF0KaQ== ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer deleted file mode 100644 index 2d7f1a03..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEKDCCAxCgAwIBAgIDAOKKMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK -EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R -dWFsLTAxMB4XDTA0MTIwNTIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgaExCzAJBgNVBAYTAkFUMUgw -RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 -ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1jb3Jwb3JhdGUtbWVkaXVtLTAxMSMwIQYD -VQQDExphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBANEbZyIMIXZYBjTj/+3TrNGssRKNNdTedQlWB3vJQWLzeG89Kzmhy1WDX8IqDrMtvpXH -5w6urK3ZT7HGu2Jldrib8rkEOdE9+uNGRtkP8Kuz//CvdXCbIDvBLqgvWn9a3Sl/rUicPqKwcEcN -bP2Q0iU6NvvALmoqs93PymfTZlkGOwzUe+O88huXkauGWT/DkJd4JYDNJ0wlaGrJa+OorT4Izk1J -EipqqedUjsAj4Gq3SKrZKG/H/CkoH9uWTzrzFgg8zQhCES4AClo84XVk//EIv3ABDw4hr+lqV1nF -eXch9o4mLIe5u045471YLJLmyuCPDopb8U2VUoyldpMx+Y8CAwEAAaOBszCBsDAPBgNVHRMBAf8E -BTADAQH/MBEGA1UdDgQKBAhOuHKxmCmfZDATBgNVHSMEDDAKgAhOWc7HAjKHMDAOBgNVHQ8BAf8E -BAMCAQYwZQYDVR0fBF4wXDBaoFigVoZUbGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0 -LW5RdWFsLTAxLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/MA0GCSqG -SIb3DQEBBQUAA4IBAQDaukYSeJVxWAh8QShqGqA6Plp9aXCTzwl9hE2gb+/xGPASo+NVQi/sUa0+ -bx29oSJaW6lKzdHQLAx4dwW9XTpJ+0mebB4fQfYHH0lGc1O4au/4O9k+C3SrD6x4WeY9k/SpUFu1 -qjzH+tjta81UWtU7Jve1BhckNwdOFx7cR8fdW+pUQSDV9XnPJfyb+gb9KWhvX+XAbgJoXW1HjJOO -P5sx6mFhMb3UqAfKQVoAuGbl4+uxIThBTqpICkaaD8WLdukqQjomUMDRbWIf6SblPuOEpPi1G/WM -qkTkpqX77Wkj08QY/yj5DDrsYJ5NymnWvu7jcoxCFCKvEQ8Q4g7AYKnG ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer deleted file mode 100644 index 194d4d7c..00000000 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEjTCCA3WgAwIBAgIDAOSpMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB -VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp -bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 -YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa -Fw0xNDEyMTMyMzAwMDBaMIGhMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz -dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy -a2VociBHbWJIMSMwIQYDVQQLDBphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMjEj -MCEGA1UEAwwaYS1zaWduLWNvcnBvcmF0ZS1tZWRpdW0tMDIwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCuaTBb6rHd5JZqAdvpmGIl5ne0Hg6GbpJvBeCI -U6l9Rs8ebMY6aIS++qJOE9rnJHdfZNzLzduuoWEzEuwm9a/azQThM+eT+xlG/Vcf -NuOQTTjAuXHLvYQ7WxSrBIT/kmAyqJgq/DEPvdX4jmCtVkuZ1gbxYIChLOVBWkVC -FCK49BuXECtNy5fzK/GyfouZOVoQgiQ1YfecqzibcwO0t+f68Pvp/s6HESAH5tXY -PdENDw4c/W/qKaeR87jPq98AJ8Lr4bmjWLjK8/ITtGglnJy8osFz22oR7f6fbWl6 -5LdhJ3giM68WEabQcZkw8cx3RDOzbnL2Kn+PVNHHyp3Wh849AgMBAAGjgeEwgd4w -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISoLnpz/+q98wEwYDVR0jBAwwCoAI -Qj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMIGSBgNVHR8EgYowgYcwgYSggYGgf4Z9 -bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0LVF1YWwtMDIsbz1BLVRy -dXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdD9iYXNlP29iamVjdGNs -YXNzPWVpZENlcnRpZmljYXRpb25BdXRob3JpdHkwDQYJKoZIhvcNAQEFBQADggEB -ABqg1oRs/TZ0hJLJRV/xJglFzgn2fDAXeoVvWnAE09F1d0n+ZorKAKbMfiZ2CuKs -M0AhU23/5zM90DdrtYWXpa+P8ONALZtHJIqGfVuRKYJq7jY5TpE3yRkTcrp47smp -WqTwUgG+0aBeU9m+ZtGUFOsBkq+MudD8IZGc7VcLd1n4ltND9ITjX20hu01ju56c -YC69vFa5hmIccXg/Q3dGEV5Amx8MTQJluG3QvqBOY74yrAFICvK1zsvu+vOGvJQj -i+PxKlbQdehrV82VDxyfSjpEUADWMGRfE5vg4YBGgfRosh4w7a6ThD2LMLFPmIhy -P6+VGUBCm2tMDDOo9DVkXFs= ------END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-01a.cer new file mode 100644 index 00000000..f9fef65f Binary files /dev/null and b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-01a.cer differ diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-02a.cer new file mode 100644 index 00000000..36a442b8 Binary files /dev/null and b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-02a.cer differ diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-03a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-03a.cer new file mode 100644 index 00000000..ab9e0cd7 Binary files /dev/null and b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-Qual-03a.cer differ diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-01a.cer new file mode 100644 index 00000000..efa28178 Binary files /dev/null and b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-01a.cer differ diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-03.cer new file mode 100644 index 00000000..33e77636 Binary files /dev/null and b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/A-Trust-nQual-03.cer differ diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-SSL-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-SSL-03.cer new file mode 100644 index 00000000..ee859434 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-SSL-03.cer @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEdzCCA1+gAwIBAgIDAmU4MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA2MDgxNjIyMDAw +MFoXDTE2MDgxNjIyMDAwMFowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt +c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6 +PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK +k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj +r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG +AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt +Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd +LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E +CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG +MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv +b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl +dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1 +dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAHKlnV3R9sbXojtONugyazkZCEzmC +nZF1Dz4cOL0vPzzvS8MVWtG43zAgVI1NT/0ETSWsXD3YfzRi+f+/CxrGn0gwZX2t +VGx+Z9w5ufiy1vuhxDUPmpos1TbJ4Wv3Une0E7iuHmNLg5qVlKeHWpcU8t1Y0nCt +eRz34Qm87AVAykta33XST1fYvGoPKsDtn3qx9ye/pcbDvWjPwmqF2UUoql+d5hmJ +Umgzwezqk4I+FS98BrnaPgC5UVFHg+yUjiUDLjYy7UvDZ5Led6kkLXuzVhQolLvr +KTrGp5k42PG2MMkw8f6GMF/6yePXgzFMCRN8ReR7J5Htv33SytLRmFRd8g== +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-03.cer new file mode 100644 index 00000000..7e67be95 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-03.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEgzCCA2ugAwIBAgIDAarsMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw +MFoXDTE1MTExMzIzMDAwMFowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1jb3Jwb3JhdGUtMDMxHDAaBgNV +BAMME2Etc2lnbi1jb3Jwb3JhdGUtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQCp44qY+AiVXlcnHoKvch9s3ujoWFNktvcteIPwK7s0mb/uxTUW9UIF +Die9n3AbyTsJE6R3nZYSJVHHi+1DKD72/WEo/B5NOOtd6KUMfJgca1tDmcsIwhFn +82qkZrbNQwdIIdLe6+nDmjd9UBIaKv7yy1kq20jh09HOK3/bWhafVQE7EAgDfNrn +8f0JfnnF0EA/La5kkg878L22fh9lRzt8H21THqJPtK4/e9SttjrJnPhFk2/MjAGS +uaDufG6BV5Hnn7klR5qm5q32ypleLA6Zi4m9jRCVtPd4jRPYM40XpRkrJuFw+lxp +rejfEZt/SRh1eQXiXDUgtgX8OaIylH9pAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUw +AwEB/zARBgNVHQ4ECgQIQj75YZ1a5XIwEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYD +VR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFw +LmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9j +ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy +dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEARu7e1SyBRjlA +g/thtFwtKQRvopTZKWj2LWpEdvPvwThOvf8Depnas+ly5af8r8YzsqJzfX3XWvhN +qOOI24g5FmXfCUTq/kbtaeTq/AqV94793IJfcilPnpMOEHMqXNDiRUoAgR/9EVj8 +mDVvL2lLlJzeAltqOD5Bi9QwguaD2/3/E5ymFnqkf1dnlXbo8AhcwPEzReNKn1eM +Ilg4FwP1bP0HUK3Fyz1UQ/Hncg+MS7c+SkjpNEd4sH7/GdxuQs5Sk7IRwot1+sbX +3CkkPhSqiUzig9raxJYrtbb2kyiUO8+d5HzRyoP4BNzsdZdPc0gDYweXg5qarHOQ +16IEOtBmKg== +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-01a.cer new file mode 100644 index 00000000..0c68e593 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-01a.cer @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIEJjCCAw6gAwIBAgIDAOJEMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK +EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R +dWFsLTAxMB4XDTA0MTEzMDIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgw +RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 +ZW52ZXJrZWhyIEdtYkgxIjAgBgNVBAsTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDExIjAgBgNV +BAMTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDGC65v8rni63DojEBriynPwRqNCp14/SkN5ROkTUGNvLSabfSJV4PKGLTzasPAaChwX0g/ +kebahFM3R7nIyeVx2YB8VRvC4I/spP/mCs5+6pf1N+6Kiq4NcswgNBBfqAteaQIylBMy6HDkjoXY +X/c+SxjyrqAkeZCK+SHMOraXCO1PZHWbYwleKXf4R2Z6ayEfJ2XWeVuqqon76WHp/POI0RADBchA +6Vm1ROzSAHz39bay1TZunQXSs3VQ9cE3uQPjN+80efmf0ZgNF0sXsDTssoZg2feTANSOkTGM1bMC +5xe1hWFL8MZNe4yZ+NSgFN2fofb8BPvyQAW0no2PNA6PAgMBAAGjgbMwgbAwDwYDVR0TAQH/BAUw +AwEB/zARBgNVHQ4ECgQITp5/1C/JHx8wEwYDVR0jBAwwCoAITlnOxwIyhzAwDgYDVR0PAQH/BAQD +AgEGMGUGA1UdHwReMFwwWqBYoFaGVGxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1u +UXVhbC0wMSxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0PzANBgkqhkiG +9w0BAQUFAAOCAQEAOtuz2GqnTibk/poCLrdYKpZSrLyfWFsJJpfBYA9HMasnfpJBCHgRHJud6DAO +xD900Vhmwy66D8dqsN3+fR8Bx8ZMKspnFN1B2Wz7LWOxMaKqP3JolJ/oVwzJRm0afcUMAfAumkc5 +Yqu0nC5qCF9zYY9YbJklh84uEzEg9j85kuRBHOCUc+5MVrnv7WPbirx6c95YFqXBQ0arA5QE9zYq +MDO8aUYPOWEHgtrVI+kMwELYHqLDX7i9VqsXhgFPeVz1wIV7s/i3budGeHMS6hjnyIc30FqM7CTY +fcvqVNZliErbjD1k1W1gMgvjLJowNvQC0W7K9/yoQhwTqtNMR4WZwA== +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-02a.cer new file mode 100644 index 00000000..c300891d --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-02a.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEizCCA3OgAwIBAgIDAOSoMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa +Fw0xNDEyMTMyMzAwMDBaMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIw +IAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAk6V4oEauvXgEICqgjTbGHaiDhBVo2nosX23osoKM +LTkkO/nOCgpdCYpLKgURxwrgHgVh9XT99yxhy6lDwt2rASajj0sQ1fY5BmWVyrXS +dQ78ISMPb73XaG4M8H7PJFcsVEo9n8veVQwnMY5mSWy0r1IO8n93Bjbmmi4Zt8oS +p9olWo5/8ByYW8S/AKZuQx+q+bFJv7geuApVjK2iVFe8yQqHhAgDsAsDlMvxDAQ/ +vhrGwHRv8N3sLsjirnbf5S2dGLDjASOMUFvwfLQd7gHH7PV37Xa+aQqa97eE6O4O +sIhcGRYhoLk/tWTBDapcgHJ0yTtrftuwORVteLUAy0gBNwIDAQABo4HhMIHeMA8G +A1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEkcWDpP6A0DMBMGA1UdIwQMMAqACEI9 +KySmwUXOMA4GA1UdDwEB/wQEAwIBBjCBkgYDVR0fBIGKMIGHMIGEoIGBoH+GfWxk +YXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1RdWFsLTAyLG89QS1UcnVz +dCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFzZT9vYmplY3RjbGFz +cz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBBQUAA4IBAQBH +opWG7LKmPBvuGjZnRV4KGKzzUYVuxSRS1E0VIUPbVLf5xW2r5uUpR8ud5EpiPrcw +k6K0dzu2Vb4ZbMIP+6J16S/0qvTp/3A/3q87+nJ+ot+IT8GZFJfSw18th2WmZdzR +ShbM6sgViPtGsFROCdWeiHl248w2+zG+09sf8Bu3UyvwLRAiiKaxuwVdQ9kc0TL3 +gvv+K5eisWWthQOX2IF2jGSEqoAVwfHhl7bc9Vt7XnJSpQFebHnsIVuV4Mv6w4ww +86hQPCLLvvV7wWDiBQ8l2FWneX0pNH3Wg+A1TRUoptc+pPDdpoP272MDm4fXyPKV +7QgIaIK+gXNUj2GGt1K9 +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-03.cer new file mode 100644 index 00000000..2251ca22 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-light-03.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEjzCCA3egAwIBAgIDAartMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw +MFoXDTE1MTExMzIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxIjAgBgNVBAsMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMx +IjAgBgNVBAMMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC359oitbHkkEgdErRPeBdkcYRK2DLdxfcnn+SI +umSEYzWVscRTchPKSzb7f1a6EHPbB5WZsGJaUDX9KfTqsJNMo+7bASKk3gsLVxNZ +qY2t2G+y8HvREYYejDOIzjAkcBQrt+nvuBUlGYVJQjEuyAn18f2vG0Y3VNvZFGKn +PK8AVycUMk0Uw21RbK3vX5tbbPgQ/kcZkN4czi5VHepMvf6hAwwLoJj+KL9zxm8j +yPK88qCBKAjMNCpZKsEhyanw1CjYbVmHs45Q5W6FBtqDcS6Iq4mC6TtUPGtCTuoH +7/JLuhEp075ohp87v3fSlzeLJjBpkUDP9U8Tv7l2euD0t1UVAgMBAAGjgeMwgeAw +DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIQZFpHL+t2JgwEwYDVR0jBAwwCoAI +RGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCG +fmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEt +VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0 +Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC +AQEADTRIaQtPwoPS6/TpyBhOw4wAHk/RM4gkLT76URPY2sUHihxqy+8qEElN+f5l +I61myCP3IFTClflcHVR1QCoMg0ZI5/EcQTI8Dgd5iQkXuVjh3wCj87Ka2Tu7d1K+ +i9VJ4BR/ph/qmPKR7Lx/PtATw/vWo4k2rbt5o1QwixZ7CPt+BF9xCaAC4uL0bB0M +9M3i9W2ePmqX6WIB3jMkT9FQC0KihPPfw/17KddNi4rFMMEiTyKvJTtTqDnIAwWW +TqsL1G7oxMMtnnYaKWMQ6gQiOiRzCY7efcAi/3YwUX6ULW5zxqapNs1vqEbSGsQE +l1eFl67HBZHYAPdoHGUnZF0KaQ== +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-01a.cer new file mode 100644 index 00000000..2d7f1a03 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-01a.cer @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIEKDCCAxCgAwIBAgIDAOKKMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK +EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R +dWFsLTAxMB4XDTA0MTIwNTIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgaExCzAJBgNVBAYTAkFUMUgw +RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 +ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1jb3Jwb3JhdGUtbWVkaXVtLTAxMSMwIQYD +VQQDExphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBANEbZyIMIXZYBjTj/+3TrNGssRKNNdTedQlWB3vJQWLzeG89Kzmhy1WDX8IqDrMtvpXH +5w6urK3ZT7HGu2Jldrib8rkEOdE9+uNGRtkP8Kuz//CvdXCbIDvBLqgvWn9a3Sl/rUicPqKwcEcN +bP2Q0iU6NvvALmoqs93PymfTZlkGOwzUe+O88huXkauGWT/DkJd4JYDNJ0wlaGrJa+OorT4Izk1J +EipqqedUjsAj4Gq3SKrZKG/H/CkoH9uWTzrzFgg8zQhCES4AClo84XVk//EIv3ABDw4hr+lqV1nF +eXch9o4mLIe5u045471YLJLmyuCPDopb8U2VUoyldpMx+Y8CAwEAAaOBszCBsDAPBgNVHRMBAf8E +BTADAQH/MBEGA1UdDgQKBAhOuHKxmCmfZDATBgNVHSMEDDAKgAhOWc7HAjKHMDAOBgNVHQ8BAf8E +BAMCAQYwZQYDVR0fBF4wXDBaoFigVoZUbGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0 +LW5RdWFsLTAxLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/MA0GCSqG +SIb3DQEBBQUAA4IBAQDaukYSeJVxWAh8QShqGqA6Plp9aXCTzwl9hE2gb+/xGPASo+NVQi/sUa0+ +bx29oSJaW6lKzdHQLAx4dwW9XTpJ+0mebB4fQfYHH0lGc1O4au/4O9k+C3SrD6x4WeY9k/SpUFu1 +qjzH+tjta81UWtU7Jve1BhckNwdOFx7cR8fdW+pUQSDV9XnPJfyb+gb9KWhvX+XAbgJoXW1HjJOO +P5sx6mFhMb3UqAfKQVoAuGbl4+uxIThBTqpICkaaD8WLdukqQjomUMDRbWIf6SblPuOEpPi1G/WM +qkTkpqX77Wkj08QY/yj5DDrsYJ5NymnWvu7jcoxCFCKvEQ8Q4g7AYKnG +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-02a.cer new file mode 100644 index 00000000..194d4d7c --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/tobeadded/a-sign-corporate-medium-02a.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEjTCCA3WgAwIBAgIDAOSpMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa +Fw0xNDEyMTMyMzAwMDBaMIGhMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMSMwIQYDVQQLDBphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMjEj +MCEGA1UEAwwaYS1zaWduLWNvcnBvcmF0ZS1tZWRpdW0tMDIwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCuaTBb6rHd5JZqAdvpmGIl5ne0Hg6GbpJvBeCI +U6l9Rs8ebMY6aIS++qJOE9rnJHdfZNzLzduuoWEzEuwm9a/azQThM+eT+xlG/Vcf +NuOQTTjAuXHLvYQ7WxSrBIT/kmAyqJgq/DEPvdX4jmCtVkuZ1gbxYIChLOVBWkVC +FCK49BuXECtNy5fzK/GyfouZOVoQgiQ1YfecqzibcwO0t+f68Pvp/s6HESAH5tXY +PdENDw4c/W/qKaeR87jPq98AJ8Lr4bmjWLjK8/ITtGglnJy8osFz22oR7f6fbWl6 +5LdhJ3giM68WEabQcZkw8cx3RDOzbnL2Kn+PVNHHyp3Wh849AgMBAAGjgeEwgd4w +DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISoLnpz/+q98wEwYDVR0jBAwwCoAI +Qj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMIGSBgNVHR8EgYowgYcwgYSggYGgf4Z9 +bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0LVF1YWwtMDIsbz1BLVRy +dXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdD9iYXNlP29iamVjdGNs +YXNzPWVpZENlcnRpZmljYXRpb25BdXRob3JpdHkwDQYJKoZIhvcNAQEFBQADggEB +ABqg1oRs/TZ0hJLJRV/xJglFzgn2fDAXeoVvWnAE09F1d0n+ZorKAKbMfiZ2CuKs +M0AhU23/5zM90DdrtYWXpa+P8ONALZtHJIqGfVuRKYJq7jY5TpE3yRkTcrp47smp +WqTwUgG+0aBeU9m+ZtGUFOsBkq+MudD8IZGc7VcLd1n4ltND9ITjX20hu01ju56c +YC69vFa5hmIccXg/Q3dGEV5Amx8MTQJluG3QvqBOY74yrAFICvK1zsvu+vOGvJQj +i+PxKlbQdehrV82VDxyfSjpEUADWMGRfE5vg4YBGgfRosh4w7a6ThD2LMLFPmIhy +P6+VGUBCm2tMDDOo9DVkXFs= +-----END CERTIFICATE----- diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties index 9766ae26..eebe36cd 100644 --- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -28,18 +28,18 @@ AccessController.policyResource=classpath:at/gv/egiz/bku/online/conf/accessContr # directory where certificates for # chain constructions can be placed +#SSL.certDirectory=classpath:at/gv/egiz/bku/online/conf/certs/certStore SSL.certDirectory=classpath:at/gv/egiz/bku/online/conf/certs/certStore + # Directory where trusted CA # certificates are placed SSL.caDirectory=classpath:at/gv/egiz/bku/online/conf/certs/CACerts - -SSL.doRevocationChecking=true SSL.sslProtocol=TLS -SSL.cache.lifetime=3600 -# use authority info access extension to find ca certs. -SSL.useAIA=true +# warning do not set the following property to true +# its intended for debugging and testing only +SSL.disableAllChecks=false # ------------ END SSL Config -------------------- diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index b074da59..4069cdc9 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -45,9 +45,13 @@ + + + + diff --git a/BKUOnline/src/main/webapp/WEB-INF/web.xml b/BKUOnline/src/main/webapp/WEB-INF/web.xml index 282d4db2..6b2ec35c 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/web.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/web.xml @@ -1,97 +1,104 @@ - + + http-security-layer-request - http://www.apache.org/licenses/LICENSE-2.0 + + + contextConfigLocation + /WEB-INF/applicationContext.xml + + + org.springframework.web.context.ContextLoaderListener + + - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> - - http-security-layer-request - - - - contextConfigLocation - /WEB-INF/applicationContext.xml - - - - org.springframework.web.context.ContextLoaderListener - - - - - - - at.gv.egiz.bku.online.webapp.SessionTimeout - - - BKUServlet - at.gv.egiz.bku.online.webapp.BKURequestHandler - - - ResultServlet - at.gv.egiz.bku.online.webapp.ResultServlet - - responseEncoding - UTF-8 - - - expiredPage - - expired.html - - - - BKUServlet - /http-security-layer-request - - - BKUServlet - /https-security-layer-request - - - ResultServlet - /bkuResult - - - - - - - - com.sun.xml.ws.transport.http.servlet.WSServletContextListener - - - STALPort - com.sun.xml.ws.transport.http.servlet.WSServlet - 1 - - - STALPort - /stal - - - - index.html - index.htm - index.jsp - default.html - default.htm - default.jsp - - - 5 - + + + at.gv.egiz.bku.online.webapp.SessionTimeout + + + BKUServlet + at.gv.egiz.bku.online.webapp.BKURequestHandler + + + ResultServlet + at.gv.egiz.bku.online.webapp.ResultServlet + + responseEncoding + UTF-8 + + + expiredPage + + expired.html + + + + HashDataInputServlet + at.gv.egiz.bku.online.webapp.HashDataInputServlet + + + BKUServlet + /http-security-layer-request + + + BKUServlet + /https-security-layer-request + + + ResultServlet + /bkuResult + + + HashDataInputServlet + /hashDataInput + + + + + + + + + + + com.sun.xml.ws.transport.http.servlet.WSServletContextListener + + + STALPort + com.sun.xml.ws.transport.http.servlet.WSServlet + 1 + + + STALPort + /stal + + + + + index.html + index.htm + index.jsp + default.html + default.htm + default.jsp + + + 5 + \ No newline at end of file diff --git a/BKUOnline/src/test/resources/applicationContext.xml b/BKUOnline/src/test/resources/applicationContext.xml index 4bb5e8e2..5f2487bf 100644 --- a/BKUOnline/src/test/resources/applicationContext.xml +++ b/BKUOnline/src/test/resources/applicationContext.xml @@ -45,9 +45,11 @@ + + \ No newline at end of file diff --git a/STALService/pom.xml b/STALService/pom.xml index 93181adb..e9c573f1 100644 --- a/STALService/pom.xml +++ b/STALService/pom.xml @@ -18,5 +18,10 @@ STAL 1.0-SNAPSHOT + + at.gv.egiz + utils + 1.0-SNAPSHOT + \ No newline at end of file diff --git a/STALService/src/main/java/at/gv/egiz/stal/util/HashDataInputProxy.java b/STALService/src/main/java/at/gv/egiz/stal/util/HashDataInputProxy.java new file mode 100644 index 00000000..dda20968 --- /dev/null +++ b/STALService/src/main/java/at/gv/egiz/stal/util/HashDataInputProxy.java @@ -0,0 +1,67 @@ +package at.gv.egiz.stal.util; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.stal.HashDataInput; + +/** + * Enables multiple read requests. + * + */ +public class HashDataInputProxy implements HashDataInput { + + private static Log log = LogFactory.getLog(HashDataInputProxy.class); + + private HashDataInput delegate; + private byte[] hashInput; + + /** + * + * @param delegate + * != null + */ + public HashDataInputProxy(HashDataInput delegate) { + if (delegate == null) { + throw new NullPointerException("Constructor argument must not be null"); + } + this.delegate = delegate; + } + + @Override + public String getEncoding() { + return delegate.getEncoding(); + } + + @Override + public InputStream getHashDataInput() { + if (hashInput == null) { + ByteArrayOutputStream os = new ByteArrayOutputStream(); + try { + StreamUtil.copyStream(delegate.getHashDataInput(), os); + hashInput = os.toByteArray(); + } catch (IOException e) { + log.error("Cannot access hashdatainput stream", e); + hashInput = new byte[0]; + } + } + return new ByteArrayInputStream(hashInput); + } + + @Override + public String getMimeType() { + return delegate.getMimeType(); + } + + @Override + public String getReferenceId() { + return delegate.getReferenceId(); + } + +} diff --git a/bkucommon/pom.xml b/bkucommon/pom.xml index 40b73e48..a90aebf5 100644 --- a/bkucommon/pom.xml +++ b/bkucommon/pom.xml @@ -1,78 +1,85 @@ - - - bku - at.gv.egiz - 1.0-SNAPSHOT - - 4.0.0 - at.gv.egiz - bkucommon - BKU Common - 1.0-SNAPSHOT - http://maven.apache.org - - - at.gv.egiz - utils - 1.0-SNAPSHOT - - - at.gv.egiz - STAL - 1.0-SNAPSHOT - - - commons-logging - commons-logging - - - iaik - iaik_jce_full_signed - - - commons-fileupload - commons-fileupload - compile - - - commons-httpclient - commons-httpclient - compile - - - xerces - xercesImpl - - - xalan - xalan - - - iaik - iaik_xsect - - - - - - - - + + + bku + at.gv.egiz + 1.0-SNAPSHOT + + 4.0.0 + at.gv.egiz + bkucommon + BKU Common + 1.0-SNAPSHOT + http://maven.apache.org + + + at.gv.egiz + utils + 1.0-SNAPSHOT + + + at.gv.egiz + STAL + 1.0-SNAPSHOT + + + commons-logging + commons-logging + + + iaik + iaik_jce_full_signed + + + commons-fileupload + commons-fileupload + compile + + + commons-httpclient + commons-httpclient + compile + + + xerces + xercesImpl + + + xalan + xalan + + + iaik + iaik_xsect + + + iaik + iaik_pki + compile + + + + + + + + \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java new file mode 100644 index 00000000..6a95b369 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java @@ -0,0 +1,13 @@ +package at.gv.egiz.bku.conf; + +import iaik.x509.X509Certificate; + +import java.io.File; + +public interface CertValidator { + + public abstract void init(File certDir, File caDir); + + public abstract boolean isCertificateValid(String transactionId, X509Certificate[] certs); + +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java new file mode 100644 index 00000000..125233c1 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java @@ -0,0 +1,83 @@ +package at.gv.egiz.bku.conf; + +import iaik.logging.TransactionId; +import iaik.logging.impl.TransactionIdImpl; +import iaik.pki.DefaultPKIConfiguration; +import iaik.pki.DefaultPKIProfile; +import iaik.pki.PKIConfiguration; +import iaik.pki.PKIException; +import iaik.pki.PKIFactory; +import iaik.pki.PKIModule; +import iaik.pki.PKIProfile; +import iaik.pki.store.certstore.CertStoreParameters; +import iaik.pki.store.certstore.directory.DefaultDirectoryCertStoreParameters; +import iaik.pki.store.truststore.DefaultTrustStoreProfile; +import iaik.pki.store.truststore.TrustStoreProfile; +import iaik.pki.store.truststore.TrustStoreTypes; +import iaik.x509.X509Certificate; + +import java.io.File; +import java.util.Date; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class CertValidatorImpl implements CertValidator { + + private static Log log = LogFactory.getLog(CertValidatorImpl.class); + + private PKIFactory pkiFactory; + private PKIProfile profile; + + public CertValidatorImpl() { + + } + + /* (non-Javadoc) + * @see at.gv.egiz.bku.conf.CertValidator#init(java.io.File, java.io.File) + */ + public void init(File certDir, File caDir) { + // the parameters specifying the directory certstore + CertStoreParameters[] certStoreParameters = { new DefaultDirectoryCertStoreParameters( + "CS-001", certDir.getAbsolutePath(), true, false) }; + + // create a new PKI configuration using the certstore parameters + PKIConfiguration pkiConfig = new DefaultPKIConfiguration( + certStoreParameters); + + // Transaction ID for logging + TransactionId tid = new TransactionIdImpl("Configure-PKI"); + // get PKI factory for creating PKI module(s) + pkiFactory = PKIFactory.getInstance(); + // configure the factory + try { + pkiFactory.configure(pkiConfig, tid); + } catch (PKIException e) { + log.error("Cannot configure PKI module", e); + } + // the truststore to be used + TrustStoreProfile trustProfile = new DefaultTrustStoreProfile("TS-001", + TrustStoreTypes.DIRECTORY, caDir.getAbsolutePath()); + profile = new DefaultPKIProfile(trustProfile); + ((DefaultPKIProfile)profile).setAutoAddCertificates(true); + } + + /* (non-Javadoc) + * @see at.gv.egiz.bku.conf.CertValidator#isCertificateValid(java.lang.String, iaik.x509.X509Certificate[]) + */ + public boolean isCertificateValid(String transactionId, + X509Certificate[] certs) { + // Transaction ID for logging + TransactionId tid = new TransactionIdImpl(transactionId); + // get a PKIModule + PKIModule pkiModule; + try { + pkiModule = pkiFactory.getPKIModule(profile); + return pkiModule.validateCertificate(new Date(), certs[0], certs, null, + tid).isCertificateValid(); + } catch (PKIException e) { + log.error("Cannot validate certificate", e); + } + return false; + } +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 9a1e7020..9ed99190 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -9,6 +9,7 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.HttpURLConnection; +import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.security.Provider; @@ -18,27 +19,18 @@ import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.CollectionCertStoreParameters; import java.security.cert.LDAPCertStoreParameters; -import java.security.cert.PKIXBuilderParameters; -import java.security.cert.TrustAnchor; -import java.security.cert.X509CertSelector; import java.security.cert.X509Certificate; import java.util.ArrayList; -import java.util.HashSet; -import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Properties; -import java.util.Set; -import javax.net.ssl.CertPathTrustManagerParameters; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; -import javax.net.ssl.ManagerFactoryParameters; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import org.apache.commons.logging.Log; @@ -55,6 +47,8 @@ public abstract class Configurator { protected Properties properties; + protected CertValidator certValidator; + protected Configurator() { } @@ -64,9 +58,9 @@ public abstract class Configurator { protected abstract InputStream getManifest(); - private Set getCACerts() throws IOException, + private X509Certificate[] getCACerts() throws IOException, CertificateException { - Set caCerts = new HashSet(); + List caCerts = new ArrayList(); File caDir = getCADir(); if (caDir != null) { if (!caDir.isDirectory()) { @@ -81,13 +75,12 @@ public abstract class Configurator { X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); fis.close(); log.debug("Adding trusted cert " + cert.getSubjectDN()); - caCerts.add(new TrustAnchor(cert, null)); + caCerts.add(cert); } catch (Exception e) { log.error("Cannot add trusted ca", e); } } - return caCerts; - + return caCerts.toArray(new X509Certificate[caCerts.size()]); } else { log.warn("No CA certificates configured"); } @@ -239,69 +232,33 @@ public abstract class Configurator { } public void configureSSL() { - Set caCerts = null; + X509Certificate[] caCerts = null; try { caCerts = getCACerts(); } catch (Exception e1) { log.error("Cannot load CA certificates", e1); } - List certStoreList = null; - try { - certStoreList = getCertstore(); - } catch (Exception e1) { - log.error("Cannot load certstore certificates", e1); - } - String aia = getProperty("SSL.useAIA"); - if ((aia == null) || (aia.equals(""))) { - System.setProperty("com.sun.security.enableAIAcaIssuers", "true"); - } else { - System.setProperty("com.sun.security.enableAIAcaIssuers", aia); - } - String lifetime = getProperty("SSL.cache.lifetime"); - if ((lifetime == null) || (lifetime.equals(""))) { - System.setProperty("sun.security.certpath.ldap.cache.lifetime", "0"); - } else { - System.setProperty("sun.security.certpath.ldap.cache.lifetime", lifetime); - } - X509CertSelector selector = new X509CertSelector(); - PKIXBuilderParameters pkixParams; + String disableAll = getProperty("SSL.disableAllChecks"); try { - pkixParams = new PKIXBuilderParameters(caCerts, selector); - if ((getProperty("SSL.doRevocationChecking") != null) - && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) { - log.info("Enable revocation checking"); - System.setProperty("com.sun.security.enableCRLDP", "true"); - Security.setProperty("ocsp.enable", "true"); - } else { - log.warn("Revocation checking disabled"); - } - for (CertStore cs : certStoreList) { - pkixParams.addCertStore(cs); - } - ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters( - pkixParams); - TrustManagerFactory trustFab; - trustFab = TrustManagerFactory.getInstance("PKIX"); - trustFab.init(trustParams); KeyManager[] km = null; SSLContext sslCtx = SSLContext .getInstance(getProperty("SSL.sslProtocol")); - String disableAll = getProperty("SSL.disableAllChecks"); if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { log.warn("--------------------------------------"); log.warn(" Disabling SSL Certificate Validation "); log.warn("--------------------------------------"); - sslCtx.init(km, new TrustManager[] { new MyTrustManager(caCerts, - certStoreList) }, null); + sslCtx.init(km, + new TrustManager[] { new MyAlwaysTrustManager(caCerts) }, null); } else { - sslCtx.init(km, trustFab.getTrustManagers(), null); + MyPKITrustManager pkixTM = new MyPKITrustManager(certValidator, + getCertDir(), getCADir(), caCerts); + sslCtx.init(km, new TrustManager[] { pkixTM }, null); } HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); } catch (Exception e) { log.error("Cannot configure SSL", e); } - String disableAll = getProperty("SSL.disableAllChecks"); if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { log.warn("---------------------------------"); log.warn(" Disabling Hostname Verification "); @@ -315,19 +272,74 @@ public abstract class Configurator { } } - private static class MyTrustManager implements X509TrustManager { - private static Log log = LogFactory.getLog(MyTrustManager.class); + + + public void setCertValidator(CertValidator certValidator) { + this.certValidator = certValidator; + } + + private static class MyPKITrustManager implements X509TrustManager { + private static Log log = LogFactory.getLog(MyPKITrustManager.class); + + private CertValidator certValidator; private X509Certificate[] trustedCerts; - public MyTrustManager(Set caCerts, List cs) { - trustedCerts = new X509Certificate[caCerts.size()]; + public MyPKITrustManager(CertValidator cv, File certStore, File trustStore, + X509Certificate[] trustedCerts) { + certValidator = cv; + certValidator.init(certStore, trustStore); + this.trustedCerts = trustedCerts; + } + + @Override + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + log.error("Did not expect this method to get called"); + throw new CertificateException("Method not implemented"); + } + + private static iaik.x509.X509Certificate[] convertCerts( + X509Certificate[] certs) throws GeneralSecurityException { + iaik.x509.X509Certificate[] retVal = new iaik.x509.X509Certificate[certs.length]; int i = 0; - for (Iterator it = caCerts.iterator(); it.hasNext();) { - TrustAnchor ta = it.next(); - trustedCerts[i++] = ta.getTrustedCert(); + for (X509Certificate cert : certs) { + if (cert instanceof iaik.x509.X509Certificate) { + retVal[i++] = (iaik.x509.X509Certificate) cert; + } else { + retVal[i++] = new iaik.x509.X509Certificate(cert.getEncoded()); + } + } + return retVal; + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + try { + boolean valid = certValidator.isCertificateValid(Thread.currentThread() + .getName(), convertCerts(chain)); + if (!valid) { + throw new CertificateException("Certificate not valid"); + } + } catch (GeneralSecurityException e) { + throw new CertificateException(e); } } + @Override + public X509Certificate[] getAcceptedIssuers() { + return trustedCerts; + } + } + + private static class MyAlwaysTrustManager implements X509TrustManager { + private static Log log = LogFactory.getLog(MyAlwaysTrustManager.class); + private X509Certificate[] trustedCerts; + + public MyAlwaysTrustManager(X509Certificate[] trustedCerts) { + this.trustedCerts = trustedCerts; + } + @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/conf/CertValidatorTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/conf/CertValidatorTest.java new file mode 100644 index 00000000..7bc0daa5 --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/conf/CertValidatorTest.java @@ -0,0 +1,32 @@ +package at.gv.egiz.bku.conf; + +import iaik.x509.X509Certificate; + +import java.io.File; +import java.io.IOException; +import java.security.cert.CertificateException; + +import static org.junit.Assert.*; + +import org.junit.Before; +import org.junit.Test; + +public class CertValidatorTest { + + private CertValidator cv; + + @Before + public void setUp() { + cv = new CertValidatorImpl(); + String caDir = getClass().getClassLoader().getResource("at/gv/egiz/bku/conf/certs/CACerts").getPath(); + String certDir = getClass().getClassLoader().getResource("at/gv/egiz/bku/conf/certs/certStore").getPath(); + cv.init(new File(caDir), new File(certDir)); + } + + @Test + public void testValid() throws CertificateException, IOException { + X509Certificate cert = new X509Certificate(getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/conf/certs/testCerts/www.a-trust.at.der")); + assertTrue(cv.isCertificateValid("TID", new X509Certificate[]{cert})); + } + +} diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-01a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-01a.cer new file mode 100644 index 00000000..f9fef65f Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-01a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-02a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-02a.cer new file mode 100644 index 00000000..36a442b8 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-02a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-03a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-03a.cer new file mode 100644 index 00000000..ab9e0cd7 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-Qual-03a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-01a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-01a.cer new file mode 100644 index 00000000..efa28178 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-01a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-03.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-03.cer new file mode 100644 index 00000000..33e77636 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/CACerts/A-Trust-nQual-03.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-01a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-01a.cer new file mode 100644 index 00000000..f9fef65f Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-01a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-02a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-02a.cer new file mode 100644 index 00000000..36a442b8 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-02a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-03a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-03a.cer new file mode 100644 index 00000000..ab9e0cd7 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-Qual-03a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-01a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-01a.cer new file mode 100644 index 00000000..efa28178 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-01a.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-03.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-03.cer new file mode 100644 index 00000000..33e77636 Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/A-Trust-nQual-03.cer differ diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-SSL-03.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-SSL-03.cer new file mode 100644 index 00000000..ee859434 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-SSL-03.cer @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEdzCCA1+gAwIBAgIDAmU4MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA2MDgxNjIyMDAw +MFoXDTE2MDgxNjIyMDAwMFowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt +c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6 +PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK +k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj +r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG +AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt +Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd +LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E +CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG +MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv +b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl +dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1 +dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAHKlnV3R9sbXojtONugyazkZCEzmC +nZF1Dz4cOL0vPzzvS8MVWtG43zAgVI1NT/0ETSWsXD3YfzRi+f+/CxrGn0gwZX2t +VGx+Z9w5ufiy1vuhxDUPmpos1TbJ4Wv3Une0E7iuHmNLg5qVlKeHWpcU8t1Y0nCt +eRz34Qm87AVAykta33XST1fYvGoPKsDtn3qx9ye/pcbDvWjPwmqF2UUoql+d5hmJ +Umgzwezqk4I+FS98BrnaPgC5UVFHg+yUjiUDLjYy7UvDZ5Led6kkLXuzVhQolLvr +KTrGp5k42PG2MMkw8f6GMF/6yePXgzFMCRN8ReR7J5Htv33SytLRmFRd8g== +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-03.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-03.cer new file mode 100644 index 00000000..7e67be95 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-03.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEgzCCA2ugAwIBAgIDAarsMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw +MFoXDTE1MTExMzIzMDAwMFowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1jb3Jwb3JhdGUtMDMxHDAaBgNV +BAMME2Etc2lnbi1jb3Jwb3JhdGUtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQCp44qY+AiVXlcnHoKvch9s3ujoWFNktvcteIPwK7s0mb/uxTUW9UIF +Die9n3AbyTsJE6R3nZYSJVHHi+1DKD72/WEo/B5NOOtd6KUMfJgca1tDmcsIwhFn +82qkZrbNQwdIIdLe6+nDmjd9UBIaKv7yy1kq20jh09HOK3/bWhafVQE7EAgDfNrn +8f0JfnnF0EA/La5kkg878L22fh9lRzt8H21THqJPtK4/e9SttjrJnPhFk2/MjAGS +uaDufG6BV5Hnn7klR5qm5q32ypleLA6Zi4m9jRCVtPd4jRPYM40XpRkrJuFw+lxp +rejfEZt/SRh1eQXiXDUgtgX8OaIylH9pAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUw +AwEB/zARBgNVHQ4ECgQIQj75YZ1a5XIwEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYD +VR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFw +LmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9j +ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy +dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEARu7e1SyBRjlA +g/thtFwtKQRvopTZKWj2LWpEdvPvwThOvf8Depnas+ly5af8r8YzsqJzfX3XWvhN +qOOI24g5FmXfCUTq/kbtaeTq/AqV94793IJfcilPnpMOEHMqXNDiRUoAgR/9EVj8 +mDVvL2lLlJzeAltqOD5Bi9QwguaD2/3/E5ymFnqkf1dnlXbo8AhcwPEzReNKn1eM +Ilg4FwP1bP0HUK3Fyz1UQ/Hncg+MS7c+SkjpNEd4sH7/GdxuQs5Sk7IRwot1+sbX +3CkkPhSqiUzig9raxJYrtbb2kyiUO8+d5HzRyoP4BNzsdZdPc0gDYweXg5qarHOQ +16IEOtBmKg== +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-01a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-01a.cer new file mode 100644 index 00000000..0c68e593 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-01a.cer @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIEJjCCAw6gAwIBAgIDAOJEMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK +EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R +dWFsLTAxMB4XDTA0MTEzMDIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgw +RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 +ZW52ZXJrZWhyIEdtYkgxIjAgBgNVBAsTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDExIjAgBgNV +BAMTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDGC65v8rni63DojEBriynPwRqNCp14/SkN5ROkTUGNvLSabfSJV4PKGLTzasPAaChwX0g/ +kebahFM3R7nIyeVx2YB8VRvC4I/spP/mCs5+6pf1N+6Kiq4NcswgNBBfqAteaQIylBMy6HDkjoXY +X/c+SxjyrqAkeZCK+SHMOraXCO1PZHWbYwleKXf4R2Z6ayEfJ2XWeVuqqon76WHp/POI0RADBchA +6Vm1ROzSAHz39bay1TZunQXSs3VQ9cE3uQPjN+80efmf0ZgNF0sXsDTssoZg2feTANSOkTGM1bMC +5xe1hWFL8MZNe4yZ+NSgFN2fofb8BPvyQAW0no2PNA6PAgMBAAGjgbMwgbAwDwYDVR0TAQH/BAUw +AwEB/zARBgNVHQ4ECgQITp5/1C/JHx8wEwYDVR0jBAwwCoAITlnOxwIyhzAwDgYDVR0PAQH/BAQD +AgEGMGUGA1UdHwReMFwwWqBYoFaGVGxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1u +UXVhbC0wMSxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0PzANBgkqhkiG +9w0BAQUFAAOCAQEAOtuz2GqnTibk/poCLrdYKpZSrLyfWFsJJpfBYA9HMasnfpJBCHgRHJud6DAO +xD900Vhmwy66D8dqsN3+fR8Bx8ZMKspnFN1B2Wz7LWOxMaKqP3JolJ/oVwzJRm0afcUMAfAumkc5 +Yqu0nC5qCF9zYY9YbJklh84uEzEg9j85kuRBHOCUc+5MVrnv7WPbirx6c95YFqXBQ0arA5QE9zYq +MDO8aUYPOWEHgtrVI+kMwELYHqLDX7i9VqsXhgFPeVz1wIV7s/i3budGeHMS6hjnyIc30FqM7CTY +fcvqVNZliErbjD1k1W1gMgvjLJowNvQC0W7K9/yoQhwTqtNMR4WZwA== +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-02a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-02a.cer new file mode 100644 index 00000000..c300891d --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-02a.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEizCCA3OgAwIBAgIDAOSoMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa +Fw0xNDEyMTMyMzAwMDBaMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIw +IAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAk6V4oEauvXgEICqgjTbGHaiDhBVo2nosX23osoKM +LTkkO/nOCgpdCYpLKgURxwrgHgVh9XT99yxhy6lDwt2rASajj0sQ1fY5BmWVyrXS +dQ78ISMPb73XaG4M8H7PJFcsVEo9n8veVQwnMY5mSWy0r1IO8n93Bjbmmi4Zt8oS +p9olWo5/8ByYW8S/AKZuQx+q+bFJv7geuApVjK2iVFe8yQqHhAgDsAsDlMvxDAQ/ +vhrGwHRv8N3sLsjirnbf5S2dGLDjASOMUFvwfLQd7gHH7PV37Xa+aQqa97eE6O4O +sIhcGRYhoLk/tWTBDapcgHJ0yTtrftuwORVteLUAy0gBNwIDAQABo4HhMIHeMA8G +A1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEkcWDpP6A0DMBMGA1UdIwQMMAqACEI9 +KySmwUXOMA4GA1UdDwEB/wQEAwIBBjCBkgYDVR0fBIGKMIGHMIGEoIGBoH+GfWxk +YXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1RdWFsLTAyLG89QS1UcnVz +dCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFzZT9vYmplY3RjbGFz +cz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBBQUAA4IBAQBH +opWG7LKmPBvuGjZnRV4KGKzzUYVuxSRS1E0VIUPbVLf5xW2r5uUpR8ud5EpiPrcw +k6K0dzu2Vb4ZbMIP+6J16S/0qvTp/3A/3q87+nJ+ot+IT8GZFJfSw18th2WmZdzR +ShbM6sgViPtGsFROCdWeiHl248w2+zG+09sf8Bu3UyvwLRAiiKaxuwVdQ9kc0TL3 +gvv+K5eisWWthQOX2IF2jGSEqoAVwfHhl7bc9Vt7XnJSpQFebHnsIVuV4Mv6w4ww +86hQPCLLvvV7wWDiBQ8l2FWneX0pNH3Wg+A1TRUoptc+pPDdpoP272MDm4fXyPKV +7QgIaIK+gXNUj2GGt1K9 +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-03.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-03.cer new file mode 100644 index 00000000..2251ca22 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-light-03.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEjzCCA3egAwIBAgIDAartMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw +MFoXDTE1MTExMzIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxIjAgBgNVBAsMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMx +IjAgBgNVBAMMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC359oitbHkkEgdErRPeBdkcYRK2DLdxfcnn+SI +umSEYzWVscRTchPKSzb7f1a6EHPbB5WZsGJaUDX9KfTqsJNMo+7bASKk3gsLVxNZ +qY2t2G+y8HvREYYejDOIzjAkcBQrt+nvuBUlGYVJQjEuyAn18f2vG0Y3VNvZFGKn +PK8AVycUMk0Uw21RbK3vX5tbbPgQ/kcZkN4czi5VHepMvf6hAwwLoJj+KL9zxm8j +yPK88qCBKAjMNCpZKsEhyanw1CjYbVmHs45Q5W6FBtqDcS6Iq4mC6TtUPGtCTuoH +7/JLuhEp075ohp87v3fSlzeLJjBpkUDP9U8Tv7l2euD0t1UVAgMBAAGjgeMwgeAw +DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIQZFpHL+t2JgwEwYDVR0jBAwwCoAI +RGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCG +fmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEt +VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0 +Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC +AQEADTRIaQtPwoPS6/TpyBhOw4wAHk/RM4gkLT76URPY2sUHihxqy+8qEElN+f5l +I61myCP3IFTClflcHVR1QCoMg0ZI5/EcQTI8Dgd5iQkXuVjh3wCj87Ka2Tu7d1K+ +i9VJ4BR/ph/qmPKR7Lx/PtATw/vWo4k2rbt5o1QwixZ7CPt+BF9xCaAC4uL0bB0M +9M3i9W2ePmqX6WIB3jMkT9FQC0KihPPfw/17KddNi4rFMMEiTyKvJTtTqDnIAwWW +TqsL1G7oxMMtnnYaKWMQ6gQiOiRzCY7efcAi/3YwUX6ULW5zxqapNs1vqEbSGsQE +l1eFl67HBZHYAPdoHGUnZF0KaQ== +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-01a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-01a.cer new file mode 100644 index 00000000..2d7f1a03 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-01a.cer @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIEKDCCAxCgAwIBAgIDAOKKMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK +EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R +dWFsLTAxMB4XDTA0MTIwNTIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgaExCzAJBgNVBAYTAkFUMUgw +RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 +ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1jb3Jwb3JhdGUtbWVkaXVtLTAxMSMwIQYD +VQQDExphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBANEbZyIMIXZYBjTj/+3TrNGssRKNNdTedQlWB3vJQWLzeG89Kzmhy1WDX8IqDrMtvpXH +5w6urK3ZT7HGu2Jldrib8rkEOdE9+uNGRtkP8Kuz//CvdXCbIDvBLqgvWn9a3Sl/rUicPqKwcEcN +bP2Q0iU6NvvALmoqs93PymfTZlkGOwzUe+O88huXkauGWT/DkJd4JYDNJ0wlaGrJa+OorT4Izk1J +EipqqedUjsAj4Gq3SKrZKG/H/CkoH9uWTzrzFgg8zQhCES4AClo84XVk//EIv3ABDw4hr+lqV1nF +eXch9o4mLIe5u045471YLJLmyuCPDopb8U2VUoyldpMx+Y8CAwEAAaOBszCBsDAPBgNVHRMBAf8E +BTADAQH/MBEGA1UdDgQKBAhOuHKxmCmfZDATBgNVHSMEDDAKgAhOWc7HAjKHMDAOBgNVHQ8BAf8E +BAMCAQYwZQYDVR0fBF4wXDBaoFigVoZUbGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0 +LW5RdWFsLTAxLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/MA0GCSqG +SIb3DQEBBQUAA4IBAQDaukYSeJVxWAh8QShqGqA6Plp9aXCTzwl9hE2gb+/xGPASo+NVQi/sUa0+ +bx29oSJaW6lKzdHQLAx4dwW9XTpJ+0mebB4fQfYHH0lGc1O4au/4O9k+C3SrD6x4WeY9k/SpUFu1 +qjzH+tjta81UWtU7Jve1BhckNwdOFx7cR8fdW+pUQSDV9XnPJfyb+gb9KWhvX+XAbgJoXW1HjJOO +P5sx6mFhMb3UqAfKQVoAuGbl4+uxIThBTqpICkaaD8WLdukqQjomUMDRbWIf6SblPuOEpPi1G/WM +qkTkpqX77Wkj08QY/yj5DDrsYJ5NymnWvu7jcoxCFCKvEQ8Q4g7AYKnG +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-02a.cer b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-02a.cer new file mode 100644 index 00000000..194d4d7c --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/certStore/a-sign-corporate-medium-02a.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEjTCCA3WgAwIBAgIDAOSpMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa +Fw0xNDEyMTMyMzAwMDBaMIGhMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMSMwIQYDVQQLDBphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMjEj +MCEGA1UEAwwaYS1zaWduLWNvcnBvcmF0ZS1tZWRpdW0tMDIwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCuaTBb6rHd5JZqAdvpmGIl5ne0Hg6GbpJvBeCI +U6l9Rs8ebMY6aIS++qJOE9rnJHdfZNzLzduuoWEzEuwm9a/azQThM+eT+xlG/Vcf +NuOQTTjAuXHLvYQ7WxSrBIT/kmAyqJgq/DEPvdX4jmCtVkuZ1gbxYIChLOVBWkVC +FCK49BuXECtNy5fzK/GyfouZOVoQgiQ1YfecqzibcwO0t+f68Pvp/s6HESAH5tXY +PdENDw4c/W/qKaeR87jPq98AJ8Lr4bmjWLjK8/ITtGglnJy8osFz22oR7f6fbWl6 +5LdhJ3giM68WEabQcZkw8cx3RDOzbnL2Kn+PVNHHyp3Wh849AgMBAAGjgeEwgd4w +DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISoLnpz/+q98wEwYDVR0jBAwwCoAI +Qj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMIGSBgNVHR8EgYowgYcwgYSggYGgf4Z9 +bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0LVF1YWwtMDIsbz1BLVRy +dXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdD9iYXNlP29iamVjdGNs +YXNzPWVpZENlcnRpZmljYXRpb25BdXRob3JpdHkwDQYJKoZIhvcNAQEFBQADggEB +ABqg1oRs/TZ0hJLJRV/xJglFzgn2fDAXeoVvWnAE09F1d0n+ZorKAKbMfiZ2CuKs +M0AhU23/5zM90DdrtYWXpa+P8ONALZtHJIqGfVuRKYJq7jY5TpE3yRkTcrp47smp +WqTwUgG+0aBeU9m+ZtGUFOsBkq+MudD8IZGc7VcLd1n4ltND9ITjX20hu01ju56c +YC69vFa5hmIccXg/Q3dGEV5Amx8MTQJluG3QvqBOY74yrAFICvK1zsvu+vOGvJQj +i+PxKlbQdehrV82VDxyfSjpEUADWMGRfE5vg4YBGgfRosh4w7a6ThD2LMLFPmIhy +P6+VGUBCm2tMDDOo9DVkXFs= +-----END CERTIFICATE----- diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/testCerts/www.a-trust.at.der b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/testCerts/www.a-trust.at.der new file mode 100644 index 00000000..61ce8dff Binary files /dev/null and b/bkucommon/src/test/resources/at/gv/egiz/bku/conf/certs/testCerts/www.a-trust.at.der differ diff --git a/pom.xml b/pom.xml index c18a4c2c..d2fe06a1 100644 --- a/pom.xml +++ b/pom.xml @@ -1,211 +1,217 @@ - - 4.0.0 - at.gv.egiz - bku - pom - 1.0-SNAPSHOT - BKU - http://bku.egiz.gv.at - - utils - bkucommon - STAL - BKUOnline - smcc - BKULocal - BKUApplet - smccSTAL - STALService - BKUCommonGUI - BKUViewer - BKULocalApp - - - - mcentner - Martin Centner - mcentner@egiz.gv.at - - - wbauer - Wolfgang Bauer - wbauer@egiz.gv.at - - - corthacker - Clemens Orthacker - corthacker@egiz.gv.at - - - - svn://svn.egovlabs.gv.at/svnroot/mocca - - - E-Government Innovation Center (EGIZ) - http://www.egiz.gv.at - - - - - - maven-compiler-plugin - org.apache.maven.plugins - 2.0.2 - - - 1.6 - 1.6 - true - true - - - - maven-assembly-plugin - org.apache.maven.plugins - 2.2-beta-2 - - - maven-dependency-plugin - org.apache.maven.plugins - 2.0 - - - - jaxws-maven-plugin - org.codehaus.mojo - 1.10 - - - - - - maven-assembly-plugin - - - ${basedir}/src/main/assemblies/assembly-test.xml - - - - - - - - - - mocca-egovlabs - MOCCA EGovLabs - http://mocca.egovlabs.gv.at/m2/repository/ - - - maven2-repository.dev.java.net - Java.net Repository for Maven 2 - http://download.java.net/maven/2/ - - - maven1-repository.dev.java.net - Java.net Repository for Maven 1 - http://download.java.net/maven/1/ - legacy - - - - - log4j - log4j - runtime - - - junit - junit - test - - - - - - log4j - log4j - 1.2.12 - runtime - - - commons-logging - commons-logging - 1.1.1 - compile - - - junit - junit - 4.4 - test - - - xerces - xercesImpl - 2.9.1 - - - xalan - xalan - 2.7.0 - - - iaik - iaik_jce_full_signed - 3.16 - compile - - - iaik - iaik_jce_me4se - 3.04 - - - iaik - iaik_ecc_signed - 2.15 - - - iaik - iaik_xsect - 1.14 - - - commons-fileupload - commons-fileupload - 1.2.1 - compile - - - commons-httpclient - commons-httpclient - 3.1 - compile - - - + + 4.0.0 + at.gv.egiz + bku + pom + 1.0-SNAPSHOT + BKU + http://bku.egiz.gv.at + + utils + bkucommon + STAL + BKUOnline + smcc + BKULocal + BKUApplet + smccSTAL + STALService + BKUCommonGUI + BKUViewer + BKULocalApp + + + + mcentner + Martin Centner + mcentner@egiz.gv.at + + + wbauer + Wolfgang Bauer + wbauer@egiz.gv.at + + + corthacker + Clemens Orthacker + corthacker@egiz.gv.at + + + + svn://svn.egovlabs.gv.at/svnroot/mocca + + + E-Government Innovation Center (EGIZ) + http://www.egiz.gv.at + + + + + + maven-compiler-plugin + org.apache.maven.plugins + 2.0.2 + + + 1.6 + 1.6 + true + true + + + + maven-assembly-plugin + org.apache.maven.plugins + 2.2-beta-2 + + + maven-dependency-plugin + org.apache.maven.plugins + 2.0 + + + + jaxws-maven-plugin + org.codehaus.mojo + 1.10 + + + + + + maven-assembly-plugin + + + ${basedir}/src/main/assemblies/assembly-test.xml + + + + + + + + + + mocca-egovlabs + MOCCA EGovLabs + http://mocca.egovlabs.gv.at/m2/repository/ + + + maven2-repository.dev.java.net + Java.net Repository for Maven 2 + http://download.java.net/maven/2/ + + + maven1-repository.dev.java.net + Java.net Repository for Maven 1 + http://download.java.net/maven/1/ + legacy + + + + + log4j + log4j + runtime + + + junit + junit + test + + + + + + log4j + log4j + 1.2.12 + runtime + + + commons-logging + commons-logging + 1.1.1 + compile + + + junit + junit + 4.4 + test + + + xerces + xercesImpl + 2.9.1 + + + xalan + xalan + 2.7.0 + + + iaik + iaik_jce_full_signed + 3.16 + compile + + + iaik + iaik_jce_me4se + 3.04 + + + iaik + iaik_ecc_signed + 2.15 + + + iaik + iaik_xsect + 1.14 + + + iaik + iaik_pki + 1.0-SNAPSHOT + compile + + + commons-fileupload + commons-fileupload + 1.2.1 + compile + + + commons-httpclient + commons-httpclient + 3.1 + compile + + + \ No newline at end of file -- cgit v1.2.3 From bd7c3ec609f1527db42601c65c3990423300ceca Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 21 Oct 2008 15:00:33 +0000 Subject: Simplified IdentityLinkTransformer. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@124 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../slcommands/impl/InfoboxReadCommandImpl.java | 20 +- .../at/gv/egiz/idlink/IdentityLinkTransformer.java | 223 +++++---------------- 2 files changed, 71 insertions(+), 172 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index b6c89e5b..d23c0598 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -23,6 +23,7 @@ import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStream; +import java.net.MalformedURLException; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -415,11 +416,22 @@ public class InfoboxReadCommandImpl extends SLCommandImpltrue if this transformer is in use, or false otherwise - */ - public boolean isInUse() { - return inUse; - } - - @Override - public String toString() { - StringBuffer str = new StringBuffer(); - str.append("Transformer ").append(stylesheetURL) - .append("\n created ").append(new Date(created)).append(" used ").append( - timesUsed).append(" times, (init ").append(initTime).append("ms / ") - .append(((float) time) / timesUsed).append("ms avg) last time ").append(new Date(lastTimeUsed)); - return str.toString(); - } - - } - /** - * The transfomer factory. + * The transformer factory. */ private static SAXTransformerFactory factory; @@ -232,70 +122,67 @@ public class IdentityLinkTransformer { } - /** - * The pool of Transformer. - */ - private Map> pool; + /** + * Mapping of issuer template URIs to transformation templates. + */ + private Map templates = new HashMap(); /** * Private constructor. */ private IdentityLinkTransformer() { - pool = new HashMap>(); - } - - private IdLTransformer getFreeTransfomer(String stylesheetURL) throws TransformerConfigurationException, IOException { - - IdLTransformer transformer = null; - - List transfomerList = pool.get(stylesheetURL); - if (transfomerList == null) { - transfomerList = new ArrayList(); - pool.put(stylesheetURL, transfomerList); - } - - for (IdLTransformer candTransformer : transfomerList) { - if (!candTransformer.inUse) { - transformer = candTransformer; - break; - } - } - - if (transformer == null) { - transformer = new IdLTransformer(stylesheetURL); - transfomerList.add(transformer); - } - - transformer.inUse = true; - return transformer; - - } - + } + + /** + * Transforms an identity link source to result with + * the given issuer template from the stylesheetURL. + * + * @param stylesheetURL + * the URL of the issuer template to be used for transformation + * @param source + * the compressed identity link source + * @param result + * the transformed identity link result + * + * @throws MalformedURLException + * if the given stylesheetURL is not a valid + * http or https URL. + * @throws IOException + * if dereferencing the stylesheetURL fails. + * @throws TransformerConfigurationException + * if creating a transformation template from the dereferenced + * stylesheet fails. + * @throws TransformerException + * if transforming the identity link fails. + */ public void transformIdLink(String stylesheetURL, Source source, Result result) throws IOException, TransformerException { - log.trace("Trying to get free IdentityLinkTransformer for issuer template '" + stylesheetURL + "'."); - IdLTransformer transformer = getFreeTransfomer(stylesheetURL); - log.trace("Trying to transform IdentityLink."); + + Templates templ = templates.get(stylesheetURL); + + if (templ == null) { + + // TODO: implement stylesheet cache + URL url = new URL(stylesheetURL); + + if (!"http".equalsIgnoreCase(url.getProtocol()) && !"https".equalsIgnoreCase(url.getProtocol())) { + throw new MalformedURLException("Protocol " + url.getProtocol() + " not supported for IssuerTemplate URL."); + } + + URLDereferencer dereferencer = URLDereferencer.getInstance(); + StreamData data = dereferencer.dereference(url.toExternalForm(), null); + + log.trace("Trying to create issuer template."); + templ = factory.newTemplates(new StreamSource(data.getStream())); + log.trace("Successfully created issuer template"); + + templates.put(stylesheetURL, templ); + + } + + Transformer transformer = templ.newTransformer(); + transformer.transform(source, result); - log.trace("IdentityLink transformed successfully. " + getStatistics()); - } - - public String getStatistics() { - - StringBuffer str = new StringBuffer(); - Iterator keys = pool.keySet().iterator(); - int count = 0; - while (keys.hasNext()) { - String stylesheetURL = (String) keys.next(); - str.append("Stylesheet URL: ").append(stylesheetURL); - Iterator transformer = pool.get(stylesheetURL).iterator(); - while (transformer.hasNext()) { - IdLTransformer idLTransformer = (IdLTransformer) transformer.next(); - str.append("\n ").append(idLTransformer); - count++; - } - } - str.append("\n(").append(count).append(" transformer)"); - return str.toString(); + } } -- cgit v1.2.3 From 990e50c61d1b92dbd0e063fe6811783c2d479e42 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 28 Oct 2008 10:56:44 +0000 Subject: ProcessingContext removed old background imgs git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@125 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/resources/images/chipperling_only.png | Bin 3291 -> 0 bytes BKUCommonGUI/src/main/resources/images/logo.png | Bin 4035 -> 0 bytes BKUCommonGUI/src/main/resources/images/mocca.png | Bin 1450 -> 0 bytes .../main/resources/images/mocca_chipperling.png | Bin 4103 -> 0 bytes .../src/main/resources/images/mocca_default.png | Bin 1287 -> 0 bytes .../src/main/resources/images/mocca_tiny.png | Bin 1025 -> 0 bytes BKUOnline/src/main/webapp/META-INF/context.xml | 4 +- .../egiz/bku/binding/BindingProcessorManager.java | 172 +++++++++++---------- .../bku/binding/BindingProcessorManagerImpl.java | 153 +++++++++++------- .../at/gv/egiz/bku/binding/ProcessingContext.java | 39 +++++ 10 files changed, 221 insertions(+), 147 deletions(-) delete mode 100644 BKUCommonGUI/src/main/resources/images/chipperling_only.png delete mode 100644 BKUCommonGUI/src/main/resources/images/logo.png delete mode 100644 BKUCommonGUI/src/main/resources/images/mocca.png delete mode 100644 BKUCommonGUI/src/main/resources/images/mocca_chipperling.png delete mode 100644 BKUCommonGUI/src/main/resources/images/mocca_default.png delete mode 100644 BKUCommonGUI/src/main/resources/images/mocca_tiny.png create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java (limited to 'bkucommon/src/main') diff --git a/BKUCommonGUI/src/main/resources/images/chipperling_only.png b/BKUCommonGUI/src/main/resources/images/chipperling_only.png deleted file mode 100644 index 57063b9a..00000000 Binary files a/BKUCommonGUI/src/main/resources/images/chipperling_only.png and /dev/null differ diff --git a/BKUCommonGUI/src/main/resources/images/logo.png b/BKUCommonGUI/src/main/resources/images/logo.png deleted file mode 100644 index eee4be4f..00000000 Binary files a/BKUCommonGUI/src/main/resources/images/logo.png and /dev/null differ diff --git a/BKUCommonGUI/src/main/resources/images/mocca.png b/BKUCommonGUI/src/main/resources/images/mocca.png deleted file mode 100644 index 881a65c1..00000000 Binary files a/BKUCommonGUI/src/main/resources/images/mocca.png and /dev/null differ diff --git a/BKUCommonGUI/src/main/resources/images/mocca_chipperling.png b/BKUCommonGUI/src/main/resources/images/mocca_chipperling.png deleted file mode 100644 index 4ee2d054..00000000 Binary files a/BKUCommonGUI/src/main/resources/images/mocca_chipperling.png and /dev/null differ diff --git a/BKUCommonGUI/src/main/resources/images/mocca_default.png b/BKUCommonGUI/src/main/resources/images/mocca_default.png deleted file mode 100644 index 349d9ff0..00000000 Binary files a/BKUCommonGUI/src/main/resources/images/mocca_default.png and /dev/null differ diff --git a/BKUCommonGUI/src/main/resources/images/mocca_tiny.png b/BKUCommonGUI/src/main/resources/images/mocca_tiny.png deleted file mode 100644 index 1f125d9b..00000000 Binary files a/BKUCommonGUI/src/main/resources/images/mocca_tiny.png and /dev/null differ diff --git a/BKUOnline/src/main/webapp/META-INF/context.xml b/BKUOnline/src/main/webapp/META-INF/context.xml index cd11ce8e..f38215a1 100644 --- a/BKUOnline/src/main/webapp/META-INF/context.xml +++ b/BKUOnline/src/main/webapp/META-INF/context.xml @@ -15,5 +15,5 @@ See the License for the specific language governing permissions and limitations under the License. --> - - + + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java index aaf81e51..9cad95a4 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManager.java @@ -14,92 +14,94 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - +package at.gv.egiz.bku.binding; + import java.net.MalformedURLException; -import java.util.Locale; -import java.util.Set; - -import at.gv.egiz.bku.slcommands.SLCommandInvoker; -import at.gv.egiz.stal.STALFactory; - -/** - * Central player that handles the protocol binding. - * - * @author wbauer - * - */ -public interface BindingProcessorManager { - - /** - * FactoryMethod creating a new BindingProcessor object. - * The created binding processor must be passed to the process method to execute. - * - * @param urlString - * the source url - * @param aSessionId - * optional an external sessionId (e.g. http session) could be - * provided. This parameter may be null. - * @param locale the locale used for user interaction, may be null - */ - public BindingProcessor createBindingProcessor(String urlString, - String aSessionId, Locale locale) throws MalformedURLException; - - /** - * FactoryMethod creating a new BindingProcessor object. - * The created binding processor must be passed to the process method to execute. - * - * @param protcol - * the source url - * @param aSessionId - * optional an external sessionId (e.g. http session) could be - * provided. This parameter may be null. - */ - public BindingProcessor createBindingProcessor(String urlString, - String aSessionId) throws MalformedURLException; - - - /** - * Gets the binding processor with a certain id. The binding processor must be passed to the - * process method before it is managed and thus returned by this method. - * @param aId must not be null - * @return null if the binding processor was not "processed" before. - */ - public BindingProcessor getBindingProcessor(Id aId); - - /** - * Sets the STAL factory that is used for creating STAL objects that are used by BindingProcessor objects. - * For each new BindingProcessor a new STAL object is created. - * @param aStalFactory the factory to be used. Must not be null. - */ - public void setSTALFactory(STALFactory aStalFactory); - - /** - * Sets the invoker to be used. - * @param invoker - */ - public void setSLCommandInvoker(SLCommandInvoker invoker); - - /** - * Schedules the provided binding processor for processing and immediately returns. - * - * @param aBindingProcessor - */ - public void process(BindingProcessor aBindingProcessor); - - /** - * Removes a formerly added (by calling the process method) binding processor. - * @param bindingProcessor must not be null - */ - public void removeBindingProcessor(Id sessionId); - - /** - * A set of all managed binding processors. - * @return - */ - public Set getManagedIds(); - +import java.util.Locale; +import java.util.Set; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.stal.STALFactory; + +/** + * Central player that handles the protocol binding. + * + * @author wbauer + * + */ +public interface BindingProcessorManager { + + /** + * FactoryMethod creating a new BindingProcessor object. + * The created binding processor must be passed to the process method to execute. + * + * @param urlString + * the source url + * @param aSessionId + * optional an external sessionId (e.g. http session) could be + * provided. This parameter may be null. + * @param locale the locale used for user interaction, may be null + */ + public BindingProcessor createBindingProcessor(String urlString, + String aSessionId, Locale locale) throws MalformedURLException; + + /** + * FactoryMethod creating a new BindingProcessor object. + * The created binding processor must be passed to the process method to execute. + * + * @param protcol + * the source url + * @param aSessionId + * optional an external sessionId (e.g. http session) could be + * provided. This parameter may be null. + */ + public BindingProcessor createBindingProcessor(String urlString, + String aSessionId) throws MalformedURLException; + + + /** + * Gets the binding processor with a certain id. The binding processor must be passed to the + * process method before it is managed and thus returned by this method. + * @param aId must not be null + * @return null if the binding processor was not "processed" before. + */ + public BindingProcessor getBindingProcessor(Id aId); + + /** + * Sets the STAL factory that is used for creating STAL objects that are used by BindingProcessor objects. + * For each new BindingProcessor a new STAL object is created. + * @param aStalFactory the factory to be used. Must not be null. + */ + public void setSTALFactory(STALFactory aStalFactory); + + /** + * Sets the invoker to be used. + * @param invoker + */ + public void setSLCommandInvoker(SLCommandInvoker invoker); + + /** + * Creates a processing context, + * schedules the provided binding processor for processing and + * immediately returns the context. + * + * @param aBindingProcessor + */ + public ProcessingContext process(BindingProcessor aBindingProcessor); + + /** + * Removes a formerly added (by calling the process method) binding processor. + * @param bindingProcessor must not be null + */ + public void removeBindingProcessor(Id sessionId); + + /** + * A set of all managed binding processors. + * @return + */ + public Set getManagedIds(); + public void shutdown(); - public void shutdownNow(); + public void shutdownNow(); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 11f5a160..cc1b7532 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -53,8 +53,9 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { private STALFactory stalFactory; private SLCommandInvoker commandInvokerClass; private ExecutorService executorService; - private Map bindingProcessorMap = Collections - .synchronizedMap(new HashMap()); + private Map contextMap = Collections.synchronizedMap(new HashMap()); +// private Map bindingProcessorMap = Collections +// .synchronizedMap(new HashMap()); /** * Container to hold a Future and Bindingprocessor object as map value. @@ -62,39 +63,39 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { * @author wbauer * @see BindingProcessorManagerImpl#bindingProcessorMap */ - static class MapEntityWrapper { - private Future future; - private BindingProcessor bindingProcessor; - - public MapEntityWrapper(Future future, BindingProcessor bindingProcessor) { - if ((bindingProcessor == null) || (future == null)) { - throw new NullPointerException("Argument must not be null"); - } - this.bindingProcessor = bindingProcessor; - this.future = future; - } - - public Future getFuture() { - return future; - } - - public BindingProcessor getBindingProcessor() { - return bindingProcessor; - } - - public int hashCode() { - return bindingProcessor.getId().hashCode(); - } - - public boolean equals(Object other) { - if (other instanceof MapEntityWrapper) { - MapEntityWrapper o = (MapEntityWrapper) other; - return (o.bindingProcessor.getId().equals(bindingProcessor.getId())); - } else { - return false; - } - } - } +// static class MapEntityWrapper { +// private Future future; +// private BindingProcessor bindingProcessor; +// +// public MapEntityWrapper(Future future, BindingProcessor bindingProcessor) { +// if ((bindingProcessor == null) || (future == null)) { +// throw new NullPointerException("Argument must not be null"); +// } +// this.bindingProcessor = bindingProcessor; +// this.future = future; +// } +// +// public Future getFuture() { +// return future; +// } +// +// public BindingProcessor getBindingProcessor() { +// return bindingProcessor; +// } +// +// public int hashCode() { +// return bindingProcessor.getId().hashCode(); +// } +// +// public boolean equals(Object other) { +// if (other instanceof MapEntityWrapper) { +// MapEntityWrapper o = (MapEntityWrapper) other; +// return (o.bindingProcessor.getId().equals(bindingProcessor.getId())); +// } else { +// return false; +// } +// } +// } /** * @@ -157,17 +158,24 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { public void shutdownNow() { log.info("Shutting down the BindingProcessorManager NOW!"); executorService.shutdownNow(); - log.debug("Number of binding prcessors currently managed: " - + bindingProcessorMap.size()); + log.debug("Number of binding contexts currently managed: " + + contextMap.size()); +// + bindingProcessorMap.size()); if (log.isDebugEnabled()) { - for (Iterator it = bindingProcessorMap.values() - .iterator(); it.hasNext();) { - MapEntityWrapper entry = it.next(); - log.debug(entry.getBindingProcessor().getId() + ": isDone: " - + entry.getFuture().isDone()); - log.debug(entry.getBindingProcessor().getId() + ": isCanceled: " - + entry.getFuture().isCancelled()); + for (ProcessingContext ctx : contextMap.values()) { + Id bpId = ctx.getBindingProcessor().getId(); + Future future = ctx.getFuture(); + log.debug(bpId + " cancelled: " + future.isCancelled()); + log.debug(bpId + " done: " + future.isDone()); } +// for (Iterator it = bindingProcessorMap.values() +// .iterator(); it.hasNext();) { +// MapEntityWrapper entry = it.next(); +// log.debug(entry.getBindingProcessor().getId() + ": isDone: " +// + entry.getFuture().isDone()); +// log.debug(entry.getBindingProcessor().getId() + ": isCanceled: " +// + entry.getFuture().isCancelled()); +// } } } @@ -216,17 +224,22 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { * @return the bindingprocessor object for this id or null if no * bindingprocessor was found. */ + @Override public BindingProcessor getBindingProcessor(Id aId) { - if (bindingProcessorMap.get(aId) != null) { - return bindingProcessorMap.get(aId).getBindingProcessor(); +// if (bindingProcessorMap.get(aId) != null) { +// return bindingProcessorMap.get(aId).getBindingProcessor(); + ProcessingContext ctx = contextMap.get(aId); + if (ctx != null) { + return ctx.getBindingProcessor(); } else { return null; } } - /** - * + /** + * */ + @Override public void setSTALFactory(STALFactory aStalFactory) { if (aStalFactory == null) { throw new NullPointerException("Cannot set STALFactory to null"); @@ -236,12 +249,17 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { /** * Causes the BindingProcessorManager to manage the provided BindingProcessor + * Creates a processing context, + * schedules the provided binding processor for processing and + * immediately returns the context. * * @param aBindingProcessor * must not be null */ - public void process(BindingProcessor aBindingProcessor) { - if (bindingProcessorMap.containsKey(aBindingProcessor.getId())) { + @Override + public ProcessingContext process(BindingProcessor aBindingProcessor) { + if (contextMap.containsKey(aBindingProcessor.getId())) { +// if (bindingProcessorMap.containsKey(aBindingProcessor.getId())) { log.fatal("Clashing ids, cannot process bindingprocessor with id:" + aBindingProcessor.getId()); throw new SLRuntimeException( @@ -250,8 +268,11 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { } log.debug("processing bindingprocessor: " + aBindingProcessor.getId()); Future f = executorService.submit(aBindingProcessor); - bindingProcessorMap.put(aBindingProcessor.getId(), new MapEntityWrapper(f, - aBindingProcessor)); + ProcessingContext ctx = new ProcessingContext(aBindingProcessor, f); + contextMap.put(aBindingProcessor.getId(), ctx); +// bindingProcessorMap.put(aBindingProcessor.getId(), new MapEntityWrapper(f, +// aBindingProcessor)); + return ctx; } @Override @@ -262,26 +283,38 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { @Override public void removeBindingProcessor(Id sessionId) { log.debug("Removing binding processor: " + sessionId); - MapEntityWrapper wrapper = bindingProcessorMap.get(sessionId); - if (wrapper == null) { + ProcessingContext ctx = contextMap.get(sessionId); + if (ctx == null) { return; } - Future f = wrapper.getFuture(); + Future f = ctx.getFuture(); + +// MapEntityWrapper wrapper = bindingProcessorMap.get(sessionId); +// if (wrapper == null) { +// return; +// } +// Future f = wrapper.getFuture(); if (!f.isDone()) { f.cancel(true); } - bindingProcessorMap.remove(sessionId); + contextMap.remove(sessionId); +// bindingProcessorMap.remove(sessionId); } @Override public Set getManagedIds() { Set result = new HashSet(); - synchronized (bindingProcessorMap) { - for (Iterator it = bindingProcessorMap.keySet().iterator(); it - .hasNext();) { - result.add(it.next()); + synchronized (contextMap) { + for (Id id : contextMap.keySet()) { + result.add(id); } } +// synchronized (bindingProcessorMap) { +// for (Iterator it = bindingProcessorMap.keySet().iterator(); it +// .hasNext();) { +// result.add(it.next()); +// } +// } return result; } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java new file mode 100644 index 00000000..ae7f01eb --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java @@ -0,0 +1,39 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +package at.gv.egiz.bku.binding; + +import java.util.Hashtable; +import java.util.Map; +import java.util.concurrent.Future; + +/** + * BindingContext? + * RequestBindingContext? + * + * @author clemens + */ +public class ProcessingContext { + + public static final String BINDING_PROCESSOR = "binding.processor"; + public static final String FUTURE = "future"; + + protected Map properties = new Hashtable(); + + public ProcessingContext(BindingProcessor bp, Future future) { + properties.put(BINDING_PROCESSOR, bp); + properties.put(FUTURE, future); + } + + + + public BindingProcessor getBindingProcessor() { + return (BindingProcessor) properties.get(BINDING_PROCESSOR); + } + + public Future getFuture() { + return (Future) properties.get(FUTURE); + } +} -- cgit v1.2.3 From c2ae3db1bc6dcb8ba3eb3461c05e293917c004ca Mon Sep 17 00:00:00 2001 From: mcentner Date: Thu, 30 Oct 2008 10:33:29 +0000 Subject: Updated SMCC to use exclusive access and to throw exceptions upon locked or not activated cards. Improved locale support in the security layer request and response processing. Fixed issue in STAL which prevented the use of RSA-SHA1 signatures. Added additional parameters to the applet test pages. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@128 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../main/java/at/gv/egiz/bku/gui/PinDocument.java | 2 +- .../egiz/bku/online/webapp/BKURequestHandler.java | 20 +- BKUOnline/src/main/webapp/HTTP-ohne.html | 11 +- BKUOnline/src/main/webapp/appletPage.jsp | 29 +- .../at/gv/egiz/stal/util/JCEAlgorithmNames.java | 4 +- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 3 +- .../gv/egiz/bku/slcommands/SLCommandContext.java | 17 +- .../impl/CreateXMLSignatureCommandImpl.java | 4 +- .../egiz/bku/slcommands/impl/ErrorResultImpl.java | 42 ++- .../slcommands/impl/InfoboxReadCommandImpl.java | 2 +- .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 8 +- .../bku/slcommands/impl/ErrorResultImplTest.java | 3 +- smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java | 348 ++++++++++++--------- .../at/gv/egiz/smcc/AbstractSignatureCard.java | 169 +++++++--- .../at/gv/egiz/smcc/FileNotFoundException.java | 38 +++ .../main/java/at/gv/egiz/smcc/LockedException.java | 38 +++ .../at/gv/egiz/smcc/NotActivatedException.java | 44 +++ .../src/main/java/at/gv/egiz/smcc/STARCOSCard.java | 339 ++++++++++++-------- smcc/src/main/java/at/gv/egiz/smcc/SWCard.java | 79 ++++- .../at/gv/egiz/smcc/SignatureCardException.java | 2 +- .../java/at/gv/egiz/smcc/SignatureCardFactory.java | 223 +++++++++++-- .../java/at/gv/egiz/smcc/util/SmartCardIO.java | 3 +- .../test/java/at/gv/egiz/smcc/STARCOSCardTest.java | 92 ++++++ .../bku/smccstal/InfoBoxReadRequestHandler.java | 8 + .../gv/egiz/bku/smccstal/SignRequestHandler.java | 10 +- 25 files changed, 1149 insertions(+), 389 deletions(-) create mode 100644 smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java create mode 100644 smcc/src/main/java/at/gv/egiz/smcc/LockedException.java create mode 100644 smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java create mode 100644 smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java (limited to 'bkucommon/src/main') diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/PinDocument.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/PinDocument.java index 8ae9d7a3..2054ae86 100644 --- a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/PinDocument.java +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/PinDocument.java @@ -46,7 +46,7 @@ class PINDocument extends PlainDocument { @Override public void insertString(int offs, String str, AttributeSet a) throws BadLocationException { - if (pinSpec.getMaxLength() >= (getLength() + str.length())) { + if (pinSpec.getMaxLength() < 0 || pinSpec.getMaxLength() >= (getLength() + str.length())) { boolean matches = true; for (int i = 0; i < str.length(); i++) { Matcher m = pinPattern.matcher(str.substring(i, i + 1)); diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index 6f3b9d7f..9092e3f9 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -44,6 +44,8 @@ import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; */ public class BKURequestHandler extends SpringBKUServlet { + private static final long serialVersionUID = 1L; + public final static String REDIRECT_URL = "appletPage.jsp"; protected Log log = LogFactory.getLog(BKURequestHandler.class); @@ -105,6 +107,8 @@ public class BKURequestHandler extends SpringBKUServlet { String width = getStringFromStream(bindingProcessor.getFormData("appletWidth"), charset); String height = getStringFromStream(bindingProcessor.getFormData("appletHeight"), charset); String background = getStringFromStream(bindingProcessor.getFormData("appletBackground"), charset); + String guiStyle = getStringFromStream(bindingProcessor.getFormData("appletGuiStyle"), charset); + String hashDataDisplay = getStringFromStream(bindingProcessor.getFormData("appletHashDataDisplay"), charset); if (width != null) { try { log.trace("Found applet width parameter: " + width); @@ -124,12 +128,16 @@ public class BKURequestHandler extends SpringBKUServlet { } } if (background != null) { - try { - log.trace("Found applet background parameter: " + background); - session.setAttribute("appletBackground", background); - } catch (NumberFormatException nfe) { - log.warn(nfe); - } + log.trace("Found applet background parameter: " + background); + session.setAttribute("appletBackground", background); + } + if (guiStyle != null) { + log.trace("Found applet GUI style parameter: " + guiStyle); + session.setAttribute("appletGuiStyle", guiStyle); + } + if (hashDataDisplay != null) { + log.trace("Found applet hash data display parameter: " + hashDataDisplay); + session.setAttribute("appletHashDataDisplay", hashDataDisplay); } resp.sendRedirect(REDIRECT_URL); diff --git a/BKUOnline/src/main/webapp/HTTP-ohne.html b/BKUOnline/src/main/webapp/HTTP-ohne.html index 1923113e..044432ce 100644 --- a/BKUOnline/src/main/webapp/HTTP-ohne.html +++ b/BKUOnline/src/main/webapp/HTTP-ohne.html @@ -92,8 +92,17 @@ legend { name="appletHeight" value="130" id="appletHeight">

+

+ + simple + advanced +

+

+ + external + internal +

-

- \ No newline at end of file + -- cgit v1.2.3 From 7201a18efa2f9aac4109b1accb5de9d8449dd558 Mon Sep 17 00:00:00 2001 From: wbauer Date: Fri, 14 Nov 2008 10:34:30 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@169 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUOnline/src/main/resources/log4j.properties | 5 +- .../webapp/helpfiles/de/help.hashdataviewer.html | 39 ++ .../webapp/helpfiles/de/help.hashdataviewer.png | Bin 0 -> 11310 bytes .../impl/CreateXMLSignatureCommandImpl.java | 446 +++++++++++---------- 4 files changed, 273 insertions(+), 217 deletions(-) create mode 100644 BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.html create mode 100644 BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.png (limited to 'bkucommon/src/main') diff --git a/BKUOnline/src/main/resources/log4j.properties b/BKUOnline/src/main/resources/log4j.properties index 58f09511..f608c83d 100644 --- a/BKUOnline/src/main/resources/log4j.properties +++ b/BKUOnline/src/main/resources/log4j.properties @@ -14,7 +14,10 @@ # limitations under the License. -log4j.rootLogger=TRACE, STDOUT, file +#log4j.rootLogger=INFO, STDOUT, file +log4j.rootLogger=INFO, file +#log4j.logger.at.gv = INFO + # STDOUT appender log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender diff --git a/BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.html b/BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.html new file mode 100644 index 00000000..3a56e88a --- /dev/null +++ b/BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.html @@ -0,0 +1,39 @@ + + + + +Untitled Document + + + + + + +
+ +
+

Bildschirmfoto des Applets

+

Hinweis: Das Bildschirmfoto oben kann von der Darstellung in der Webseite abweichen.

+
+
+

Anzeige der Signaturdaten

+

Dieses Fenster zeigt die zu signierenden Daten an. Dies können entweder reine Textdaten oder XHTML sein. Im Falle von XHML erhalten Sie den Hinweis, dass es sich bei den dargestellten Daten nur um eine Voransicht handelt. Um die Daten gesetzeskonform darzustellen, müssen diese abgespeichert und mit einem geeigneten XHTML Betrachter geöffnen werden.

+

In jedem Fall können die zu signierenden abgespeichert werden.

+
+ +
+ + diff --git a/BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.png b/BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.png new file mode 100644 index 00000000..83004322 Binary files /dev/null and b/BKUOnline/src/main/webapp/helpfiles/de/help.hashdataviewer.png differ diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java index 6462bcf6..b2e3b303 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java @@ -1,230 +1,244 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.slcommands.impl; - -import java.io.ByteArrayInputStream; -import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.Collections; -import java.util.Date; - -import javax.xml.crypto.MarshalException; -import javax.xml.crypto.URIReferenceException; -import javax.xml.crypto.dsig.XMLSignatureException; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.w3c.dom.ls.DOMImplementationLS; -import org.w3c.dom.ls.LSSerializer; - -import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureRequestType; -import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; -import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand; -import at.gv.egiz.bku.slcommands.SLCommandContext; -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory; -import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl; -import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory; -import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl; -import at.gv.egiz.bku.slcommands.impl.xsect.Signature; -import at.gv.egiz.bku.slexceptions.SLCommandException; + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayInputStream; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Collections; +import java.util.Date; + +import javax.xml.crypto.MarshalException; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.dsig.XMLSignatureException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.ls.DOMImplementationLS; +import org.w3c.dom.ls.LSSerializer; + +import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureRequestType; +import at.buergerkarte.namespaces.securitylayer._1.DataObjectInfoType; +import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory; +import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl; +import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory; +import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl; +import at.gv.egiz.bku.slcommands.impl.xsect.Signature; +import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLException; -import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLViewerException; -import at.gv.egiz.dom.DOMUtils; -import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; - -/** - * This class implements the security layer command CreateXMLSignatureRequest. - * - * @author mcentner - */ -public class CreateXMLSignatureCommandImpl extends SLCommandImpl implements - CreateXMLSignatureCommand { - - /** - * Logging facility. - */ - protected static Log log = LogFactory.getLog(CreateXMLSignatureCommandImpl.class); - - /** - * The signing certificate. - */ - protected X509Certificate signingCertificate; - - /** - * The keybox identifier of the key used for signing. - */ - protected String keyboxIdentifier; - - /** - * The to-be signed signature. - */ - protected Signature signature; - - @Override - public void init(SLCommandContext ctx, Object unmarshalledRequest) - throws SLCommandException { - super.init(ctx, unmarshalledRequest); - } - - @Override - public void prepareXMLSignature() throws SLCommandException, SLRequestException { - - CreateXMLSignatureRequestType request = getRequestValue(); - +import at.gv.egiz.dom.DOMUtils; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +/** + * This class implements the security layer command + * CreateXMLSignatureRequest. + * + * @author mcentner + */ +public class CreateXMLSignatureCommandImpl extends + SLCommandImpl implements + CreateXMLSignatureCommand { + + /** + * Logging facility. + */ + protected static Log log = LogFactory + .getLog(CreateXMLSignatureCommandImpl.class); + + /** + * The signing certificate. + */ + protected X509Certificate signingCertificate; + + /** + * The keybox identifier of the key used for signing. + */ + protected String keyboxIdentifier; + + /** + * The to-be signed signature. + */ + protected Signature signature; + + @Override + public void init(SLCommandContext ctx, Object unmarshalledRequest) + throws SLCommandException { + super.init(ctx, unmarshalledRequest); + } + + @Override + public void prepareXMLSignature() throws SLCommandException, + SLRequestException { + + CreateXMLSignatureRequestType request = getRequestValue(); + // TODO: make configurable? - IdValueFactory idValueFactory = new IdValueFactoryImpl(); - + IdValueFactory idValueFactory = new IdValueFactoryImpl(); + // TODO: make configurable? - AlgorithmMethodFactory algorithmMethodFactory; - try { - algorithmMethodFactory = new AlgorithmMethodFactoryImpl(signingCertificate); - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get DigestMethod.", e); - throw new SLCommandException(4006); - } - - signature = new Signature(getCmdCtx().getURLDereferencerContext(), idValueFactory, algorithmMethodFactory); - + AlgorithmMethodFactory algorithmMethodFactory; + try { + algorithmMethodFactory = new AlgorithmMethodFactoryImpl( + signingCertificate); + } catch (NoSuchAlgorithmException e) { + log.error("Failed to get DigestMethod.", e); + throw new SLCommandException(4006); + } + + signature = new Signature(getCmdCtx().getURLDereferencerContext(), + idValueFactory, algorithmMethodFactory); + // SigningTime - signature.setSigningTime(new Date()); - + signature.setSigningTime(new Date()); + // SigningCertificate - signature.setSignerCeritifcate(signingCertificate); - + signature.setSignerCeritifcate(signingCertificate); + // SignatureInfo - if (request.getSignatureInfo() != null) { - signature.setSignatureInfo(request.getSignatureInfo()); - } - + if (request.getSignatureInfo() != null) { + signature.setSignatureInfo(request.getSignatureInfo()); + } + // DataObjects - for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) { - signature.addDataObject(dataObjectInfo); - } - - signature.buildXMLSignature(); - - } - - /** - * Gets the signing certificate from STAL. - * - * @throws SLCommandException - * if getting the singing certificate fails - */ - private void getSigningCertificate() throws SLCommandException { - - CreateXMLSignatureRequestType request = getRequestValue(); - keyboxIdentifier = request.getKeyboxIdentifier(); - - InfoboxReadRequest stalRequest = new InfoboxReadRequest(); - stalRequest.setInfoboxIdentifier(keyboxIdentifier); - - requestSTAL(Collections.singletonList((STALRequest) stalRequest)); - - STALResponse stalResponse = stalResponses.next(); - - if (stalResponse instanceof InfoboxReadResponse) { - byte[] infobox = ((InfoboxReadResponse) stalResponse).getInfoboxValue(); - - try { - CertificateFactory certFactory = CertificateFactory.getInstance("X509"); - signingCertificate = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(infobox)); - } catch (CertificateException e) { - log.info("Failed to decode signing certificate.", e); + for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) { + signature.addDataObject(dataObjectInfo); + } + + signature.buildXMLSignature(); + + } + + /** + * Gets the signing certificate from STAL. + * + * @throws SLCommandException + * if getting the singing certificate fails + */ + private void getSigningCertificate() throws SLCommandException { + + CreateXMLSignatureRequestType request = getRequestValue(); + keyboxIdentifier = request.getKeyboxIdentifier(); + + InfoboxReadRequest stalRequest = new InfoboxReadRequest(); + stalRequest.setInfoboxIdentifier(keyboxIdentifier); + + requestSTAL(Collections.singletonList((STALRequest) stalRequest)); + + STALResponse stalResponse = stalResponses.next(); + + if (stalResponse instanceof InfoboxReadResponse) { + byte[] infobox = ((InfoboxReadResponse) stalResponse).getInfoboxValue(); + + try { + CertificateFactory certFactory = CertificateFactory.getInstance("X509"); + signingCertificate = (X509Certificate) certFactory + .generateCertificate(new ByteArrayInputStream(infobox)); + } catch (CertificateException e) { + log.info("Failed to decode signing certificate.", e); // TODO: issue appropriate error - throw new SLCommandException(4000); - } - - } else { - log.info("Failed to get signing certificate."); - // TODO: issue appropriate error - throw new SLCommandException(4000); - } - - } - - /** - * Signs the signature. - * - * @throws SLCommandException + throw new SLCommandException(4000); + } + + } else if (stalResponse instanceof ErrorResponse) { + ErrorResponse err = (ErrorResponse) stalResponse; + log.info("Received an error response from STAL with code: " + + err.getErrorCode()); + throw new SLCommandException(err.getErrorCode()); + + } else { + log.info("Failed to get signing certificate."); + throw new SLCommandException(4000); + } + + } + + /** + * Signs the signature. + * + * @throws SLCommandException * if signing the signature fails - * @throws SLViewerException - */ - private void signXMLSignature() throws SLCommandException, SLViewerException { - - try { - signature.sign(getCmdCtx().getSTAL(), keyboxIdentifier); - } catch (MarshalException e) { - log.error("Failed to marshall XMLSignature.", e); - throw new SLCommandException(4000); - } catch (XMLSignatureException e) { - if (e.getCause() instanceof URIReferenceException) { - URIReferenceException uriReferenceException = (URIReferenceException) e.getCause(); - if (uriReferenceException.getCause() instanceof SLCommandException) { - throw (SLCommandException) uriReferenceException.getCause(); - } - } - log.error("Failed to sign XMLSignature.", e); - throw new SLCommandException(4000); - } - - } - - @Override - public SLResult execute() { - try { - - // get certificate in order to select appropriate algorithms for hashing and signing - getSigningCertificate(); - + * @throws SLViewerException + */ + private void signXMLSignature() throws SLCommandException, SLViewerException { + + try { + signature.sign(getCmdCtx().getSTAL(), keyboxIdentifier); + } catch (MarshalException e) { + log.error("Failed to marshall XMLSignature.", e); + throw new SLCommandException(4000); + } catch (XMLSignatureException e) { + if (e.getCause() instanceof URIReferenceException) { + URIReferenceException uriReferenceException = (URIReferenceException) e + .getCause(); + if (uriReferenceException.getCause() instanceof SLCommandException) { + throw (SLCommandException) uriReferenceException.getCause(); + } + } + log.error("Failed to sign XMLSignature.", e); + throw new SLCommandException(4000); + } + + } + + @Override + public SLResult execute() { + try { + + // get certificate in order to select appropriate algorithms for hashing + // and signing + getSigningCertificate(); + // prepare the XMLSignature for signing - prepareXMLSignature(); - + prepareXMLSignature(); + // sign the XMLSignature - signXMLSignature(); - - if (log.isTraceEnabled()) { - - DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS(); - LSSerializer serializer = domImplLS.createLSSerializer(); - String debugString = serializer.writeToString(signature.getDocument()); - - log.trace(debugString); - - } - - return new CreateXMLSignatureResultImpl(signature.getDocument()); - + signXMLSignature(); + + if (log.isTraceEnabled()) { + + DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS(); + LSSerializer serializer = domImplLS.createLSSerializer(); + String debugString = serializer.writeToString(signature.getDocument()); + + log.trace(debugString); + + } + + return new CreateXMLSignatureResultImpl(signature.getDocument()); + } catch (SLException e) { - return new ErrorResultImpl(e, cmdCtx.getLocale()); - } - } - - @Override - public String getName() { - return "CreateXMLSignatureRequest"; - } - - -} + return new ErrorResultImpl(e, cmdCtx.getLocale()); + } + } + + @Override + public String getName() { + return "CreateXMLSignatureRequest"; + } + +} -- cgit v1.2.3 From d379980f1c64bcf174c9706ff5aa746314a6666f Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 27 Nov 2008 15:21:37 +0000 Subject: typo git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@220 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 58 +++++++++++----------- 1 file changed, 29 insertions(+), 29 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 4a22874c..98b5b775 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -139,8 +139,8 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceIsDataURL(false); } - //---------------------------------------------------------------------------- - // ----------- BEGIN CONVENIENCE METHODS ----------- + //---------------------------------------------------------------------------- + // ----------- BEGIN CONVENIENCE METHODS ----------- protected void sendSTALQuit() { log.info("Sending QUIT command to STAL"); @@ -217,24 +217,24 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } } - //---------------------------------------------------------------------------- - // ----------- END CONVENIENCE METHODS ----------- + //---------------------------------------------------------------------------- + // ----------- END CONVENIENCE METHODS ----------- - //---------------------------------------------------------------------------- - // -- BEGIN Methods that handle the http binding activities as defined in the - // activity diagram -- + //---------------------------------------------------------------------------- + // -- BEGIN Methods that handle the http binding activities as defined in the + // activity diagram -- protected void init() { log.info("Starting Bindingprocessor in Thread: " + Thread.currentThread().getId()); if (bindingProcessorError != null) { log.debug("Detected binding processor error, sending quit command"); - // sendSTALQuit(); + // sendSTALQuit(); currentState = State.FINISHED; } else if (slCommand == null) { log.error("SLCommand not set (consumeRequest not called ??)"); bindingProcessorError = new SLException(2000); - // sendSTALQuit(); + // sendSTALQuit(); currentState = State.FINISHED; } else { currentState = State.PROCESS; @@ -270,7 +270,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements DataUrl dataUrl = new DataUrl(getDataUrl()); DataUrlConnection conn = dataUrl.openConnection(); - // set transfer headers + // set transfer headers for (FormParameter fp : getTransferHeaders()) { String paramString = getFormParameterAsString(fp); if (paramString == null) { @@ -288,7 +288,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } } - // set transfer form parameters + // set transfer form parameters for (FormParameter fp : getTransferForms()) { String contentTransferEncoding = null; String contentType = fp.getFormParameterContentType(); @@ -311,18 +311,18 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements contentTransferEncoding); } - // connect + // connect conn.connect(); - // fetch and set SL result + // fetch and set SL result targetContext.setTargetIsDataURL(true); targetContext.setTargetCertificate(conn.getServerCertificate()); targetContext.setTargetUrl(conn.getUrl()); SLResult result = commandInvoker.getResult(targetContext); - // transfer result + // transfer result conn.transmit(result); - // process Dataurl response + // process Dataurl response dataUrlResponse = conn.getResponse(); log.debug("Received data url response code: " + dataUrlResponse.getResponseCode()); @@ -335,7 +335,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements if ((contentType.startsWith(HttpUtil.APPLICATION_URL_ENCODED)) || (contentType.startsWith(HttpUtil.MULTIPART_FOTMDATA))) { log.debug("Detected SL Request in dataurl response"); - // process headers and request + // process headers and request setHTTPHeaders(dataUrlResponse.getResponseHeaders()); consumeRequestStream(dataUrlResponse.getStream()); closeDataUrlConnection(); @@ -363,7 +363,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceIsDataURL(true); srcContex.setSourceUrl(conn.getUrl()); currentState = State.PROCESS; - // just to be complete, actually not used + // just to be complete, actually not used srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() .get(HttpUtil.HTTP_HEADER_REFERER)); } else { @@ -390,7 +390,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements .error("Did not get a location header for a 307 data url response"); throw new SLBindingException(2003); } - // consumeRequestStream(dataUrlResponse.getStream()); + // consumeRequestStream(dataUrlResponse.getStream()); FormParameterStore fp = new FormParameterStore(); fp.init(location.getBytes(HttpUtil.DEFAULT_CHARSET), FixedFormParameters.DATAURL, null, null); @@ -403,7 +403,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceIsDataURL(true); srcContex.setSourceUrl(conn.getUrl()); currentState = State.PROCESS; - // just to be complete, actually not used + // just to be complete, actually not used srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() .get(HttpUtil.HTTP_HEADER_REFERER)); @@ -427,7 +427,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements break; default: - // issue error + // issue error log.info("Unexpected response code from dataurl server: " + dataUrlResponse.getResponseCode()); throw new SLBindingException(2007); @@ -499,9 +499,9 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements finished = true; } - // -- END Methods that handle the http binding activities as defined in the - // activity diagram -- - //---------------------------------------------------------------------------- + // -- END Methods that handle the http binding activities as defined in the + // activity diagram -- + //---------------------------------------------------------------------------- /** * Sets the headers of the SL Request. IMPORTANT: make sure to set all headers @@ -512,7 +512,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements */ public void setHTTPHeaders(Map aHeaderMap) { headerMap = new HashMap(); - // ensure lowercase keys + // ensure lowercase keys if (aHeaderMap != null) { for (String s : aHeaderMap.keySet()) { if (s != null) { @@ -673,7 +673,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements FormParameterStore fps = new FormParameterStore(); fps.init(fp); if (!fps.isEmpty()) { - log.debug("Setting from parameter: " + fps.getFormParameterName()); + log.debug("Setting form parameter: " + fps.getFormParameterName()); formParameterMap.put(fps.getFormParameterName(), fps); } } @@ -683,7 +683,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } if (is.read() != -1) { log.error("Request input stream not completely read"); - // consume rest of stream, should never occur + // consume rest of stream, should never occur throw new SLRuntimeException( "request input stream not consumed till end"); } @@ -761,15 +761,15 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements transformer.transform(new StreamSource(isr), new StreamResult(osw)); } catch (TransformerException e) { log.fatal("Exception occured during result transformation", e); - // bindingProcessorError = new SLException(2008); - // handleBindingProcessorError(os, encoding, null); + // bindingProcessorError = new SLException(2008); + // handleBindingProcessorError(os, encoding, null); return; } } osw.flush(); isr.close(); } else if (slResult == null) { - // result not yet assigned -> must be a cancel + // result not yet assigned -> must be a cancel bindingProcessorError = new SLException(6001); handleBindingProcessorError(os, encoding, templates); return; -- cgit v1.2.3 From 06ae669734a4888432db83599b2bb259a3164021 Mon Sep 17 00:00:00 2001 From: clemenso Date: Mon, 1 Dec 2008 12:40:23 +0000 Subject: set/get property git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@227 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/binding/ProcessingContext.java | 44 ++++++++++++++++------ 1 file changed, 32 insertions(+), 12 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java index ae7f01eb..913259f6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java @@ -1,6 +1,18 @@ /* - * To change this template, choose Tools | Templates - * and open the template in the editor. + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package at.gv.egiz.bku.binding; @@ -8,32 +20,40 @@ package at.gv.egiz.bku.binding; import java.util.Hashtable; import java.util.Map; import java.util.concurrent.Future; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; /** - * BindingContext? - * RequestBindingContext? - * - * @author clemens + * + * @author Clemens Orthacker */ public class ProcessingContext { public static final String BINDING_PROCESSOR = "binding.processor"; public static final String FUTURE = "future"; - + + protected static final Log log = LogFactory.getLog(ProcessingContext.class); + protected Map properties = new Hashtable(); public ProcessingContext(BindingProcessor bp, Future future) { properties.put(BINDING_PROCESSOR, bp); properties.put(FUTURE, future); } - - - + public BindingProcessor getBindingProcessor() { return (BindingProcessor) properties.get(BINDING_PROCESSOR); } - + public Future getFuture() { - return (Future) properties.get(FUTURE); + return (Future) properties.get(FUTURE); + } + + public Object get(String key) { + return properties.get(key); + } + + public void put(String key, Object value) { + properties.put(key, value); } } -- cgit v1.2.3 From 99134c1be5db0fedadc051922e70c9bf563ce16d Mon Sep 17 00:00:00 2001 From: wbauer Date: Tue, 2 Dec 2008 10:13:09 +0000 Subject: Changed SLCommandFactory configuration mechanism and moved the actual configuration to spring's application context git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@231 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUOnline/pom.xml | 1 - .../src/main/webapp/WEB-INF/applicationContext.xml | 41 +++++-- .../webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar | Bin 0 -> 182140 bytes bkucommon/pom.xml | 5 + .../gv/egiz/bku/slcommands/SLCommandFactory.java | 124 ++++++++++----------- .../impl/CreateXMLSignatureResultImpl.java | 2 +- .../slcommands/impl/InfoboxReadResultFileImpl.java | 2 +- .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 2 +- .../egiz/bku/slcommands/testApplicationContext.xml | 36 ++++++ .../egiz/bku/binding/HttpBindingProcessorTest.java | 13 ++- .../egiz/bku/slcommands/SLCommandFactoryTest.java | 9 ++ pom.xml | 51 ++++++--- 12 files changed, 189 insertions(+), 97 deletions(-) create mode 100644 BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml (limited to 'bkucommon/src/main') diff --git a/BKUOnline/pom.xml b/BKUOnline/pom.xml index 53025800..1ea2c1a1 100644 --- a/BKUOnline/pom.xml +++ b/BKUOnline/pom.xml @@ -37,7 +37,6 @@ org.springframework spring-core - 2.5.5 javax.servlet diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index 4069cdc9..9c7194dd 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -18,15 +18,33 @@ - - - + + + + + + + + + + + + @@ -46,16 +64,17 @@ - - + + - + init-method="configure" scope="singleton"> + - + - - - + + + \ No newline at end of file diff --git a/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar b/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar new file mode 100644 index 00000000..74f00509 Binary files /dev/null and b/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar differ diff --git a/bkucommon/pom.xml b/bkucommon/pom.xml index e0cb1f7c..beb4b3c7 100644 --- a/bkucommon/pom.xml +++ b/bkucommon/pom.xml @@ -57,6 +57,11 @@ iaik_pki compile + + org.springframework + spring-context + test + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java index e13b29a1..9c98ef8a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -16,40 +16,37 @@ */ package at.gv.egiz.bku.slcommands; -import java.io.IOException; -import java.net.URL; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.XMLConstants; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.UnmarshalException; -import javax.xml.bind.Unmarshaller; -import javax.xml.namespace.QName; -import javax.xml.stream.XMLEventReader; -import javax.xml.stream.XMLInputFactory; -import javax.xml.stream.XMLStreamException; -import javax.xml.transform.Source; -import javax.xml.transform.stream.StreamSource; -import javax.xml.validation.Schema; -import javax.xml.validation.SchemaFactory; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.xml.sax.SAXException; -import org.xml.sax.SAXParseException; - -import at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl; -import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl; -import at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl; -import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLExceptionMessages; -import at.gv.egiz.bku.slexceptions.SLRequestException; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.slbinding.RedirectEventFilter; -import at.gv.egiz.slbinding.RedirectUnmarshallerListener; +import java.io.IOException; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.XMLConstants; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.UnmarshalException; +import javax.xml.bind.Unmarshaller; +import javax.xml.namespace.QName; +import javax.xml.stream.XMLEventReader; +import javax.xml.stream.XMLInputFactory; +import javax.xml.stream.XMLStreamException; +import javax.xml.transform.Source; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.slbinding.RedirectEventFilter; +import at.gv.egiz.slbinding.RedirectUnmarshallerListener; public class SLCommandFactory { @@ -72,29 +69,30 @@ public class SLCommandFactory { /** * Schema for Security Layer command validation. */ - private static Schema slSchema; + private Schema slSchema; /** * The JAXBContext. */ - private static JAXBContext jaxbContext; + private JAXBContext jaxbContext; /** * The map of : to implementation class of the * corresponding {@link SLCommand}. */ - private static Map> slRequestTypeMap = new HashMap>(); - - - static { - - // TODO: implement dynamic registration - - // register all known implementation classes - putImplClass(SLCommand.NAMESPACE_URI, "NullOperationRequest", - NullOperationCommandImpl.class); - putImplClass(SLCommand.NAMESPACE_URI, "InfoboxReadRequest", - InfoboxReadCommandImpl.class); - putImplClass(SLCommand.NAMESPACE_URI, "CreateXMLSignatureRequest", - CreateXMLSignatureCommandImpl.class); + private Map> slRequestTypeMap = new HashMap>(); + + /** + * Configures the singleton instance with command implementations + * @param commandImplMap + * @throws ClassNotFoundException + */ + @SuppressWarnings("unchecked") + public void setCommandImpl(Map commandImplMap) throws ClassNotFoundException { + ClassLoader cl = getClass().getClassLoader(); + for (String key : commandImplMap.keySet()) { + Class impl = (Class) cl.loadClass(commandImplMap.get(key)); + log.debug("Registering sl command implementation for :"+key+ "; implementation class: "+impl.getCanonicalName()); + slRequestTypeMap.put(key, impl); + } } /** @@ -110,7 +108,7 @@ public class SLCommandFactory { * the implementation class, or null to deregister a * currently registered class */ - public static void putImplClass(String namespaceUri, String localname, + public void setImplClass(String namespaceUri, String localname, Class slCommandClass) { if (slCommandClass != null) { slRequestTypeMap.put(namespaceUri + ":" + localname, slCommandClass); @@ -128,7 +126,7 @@ public class SLCommandFactory { * @return the implementation class, or null if no class is * registered for the given name */ - public static Class getImplClass(QName name) { + public Class getImplClass(QName name) { String namespaceURI = name.getNamespaceURI(); String localPart = name.getLocalPart(); return slRequestTypeMap.get(namespaceURI + ":" + localPart); @@ -139,14 +137,14 @@ public class SLCommandFactory { * * @param slSchema the schema to validate Security Layer commands with */ - public static void setSLSchema(Schema slSchema) { - SLCommandFactory.slSchema = slSchema; + public void setSLSchema(Schema slSchema) { + this.slSchema = slSchema; } /** * @return the jaxbContext */ - public static JAXBContext getJaxbContext() { + public JAXBContext getJaxbContext() { ensureJaxbContext(); return jaxbContext; } @@ -154,14 +152,14 @@ public class SLCommandFactory { /** * @param jaxbContext the jaxbContext to set */ - public static void setJaxbContext(JAXBContext jaxbContext) { - SLCommandFactory.jaxbContext = jaxbContext; + public void setJaxbContext(JAXBContext jaxbContext) { + this.jaxbContext = jaxbContext; } /** * Initialize the JAXBContext. */ - private synchronized static void ensureJaxbContext() { + private synchronized void ensureJaxbContext() { if (jaxbContext == null) { try { String slPkg = at.buergerkarte.namespaces.securitylayer._1.ObjectFactory.class.getPackage().getName(); @@ -177,7 +175,7 @@ public class SLCommandFactory { /** * Initialize the security layer schema. */ - private synchronized static void ensureSchema() { + private synchronized void ensureSchema() { if (slSchema == null) { try { SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); @@ -194,7 +192,7 @@ public class SLCommandFactory { } Schema schema = schemaFactory.newSchema(sources); log.debug("Schema successfully created."); - SLCommandFactory.setSLSchema(schema); + setSLSchema(schema); } catch (SAXException e) { log.error("Failed to load security layer schema.", e); throw new SLRuntimeException("Failed to load security layer schema.", e); @@ -211,9 +209,9 @@ public class SLCommandFactory { */ public synchronized static SLCommandFactory getInstance() { if (instance == null) { - ensureJaxbContext(); - ensureSchema(); - instance = new SLCommandFactory(); + instance = new SLCommandFactory(); + instance.ensureJaxbContext(); + instance.ensureSchema(); } return instance; } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java index 092a13c4..4969c85a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java @@ -84,7 +84,7 @@ public class CreateXMLSignatureResultImpl extends SLResultImpl { DocumentFragment fragment = doc.createDocumentFragment(); - JAXBContext jaxbContext = SLCommandFactory.getJaxbContext(); + JAXBContext jaxbContext = SLCommandFactory.getInstance().getJaxbContext(); try { Marshaller marshaller = jaxbContext.createMarshaller(); marshaller.marshal(createCreateXMLSignatureResponse, fragment); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index 6f41b562..78e2e7fa 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -95,7 +95,7 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements JAXBElement infoboxReadResponse = factory.createInfoboxReadResponse(infoboxReadResponseType); - JAXBContext context = SLCommandFactory.getJaxbContext(); + JAXBContext context = SLCommandFactory.getInstance().getJaxbContext(); try { Marshaller marshaller = context.createMarshaller(); marshaller.marshal(infoboxReadResponse, doc); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java index 7306b237..80bbdca8 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java @@ -85,7 +85,7 @@ public abstract class SLResultImpl implements SLResult { private Marshaller getMarshaller() { try { - JAXBContext context = SLCommandFactory.getJaxbContext(); + JAXBContext context = SLCommandFactory.getInstance().getJaxbContext(); Marshaller marshaller = context.createMarshaller(); marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); return marshaller; diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml new file mode 100644 index 00000000..885e35f3 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml @@ -0,0 +1,36 @@ + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java index 6a0792d5..58941401 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java @@ -27,7 +27,10 @@ import java.util.List; import java.util.Map; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egiz.bku.binding.MultiTestDataUrlConnection.DataSourceProvider; import at.gv.egiz.bku.utils.StreamUtil; @@ -80,7 +83,15 @@ public class HttpBindingProcessorTest { protected Map serverHeaderMap; protected Map clientHeaderMap; protected TestDataUrlConnection server; - + + protected static ApplicationContext appCtx; + + @BeforeClass + public static void setUpClass() { + appCtx = new ClassPathXmlApplicationContext("at/gv/egiz/bku/slcommands/testApplicationContext.xml"); + } + + @Before public void setUp() throws IOException { server = new TestDataUrlConnection(); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java index 7b35723d..e0b09508 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java @@ -25,7 +25,10 @@ import javax.xml.transform.Source; import javax.xml.transform.stream.StreamSource; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; @@ -33,9 +36,15 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class SLCommandFactoryTest { + protected static ApplicationContext appCtx; SLCommandFactory factory; SLCommandContext context; + @BeforeClass + public static void setUpClass() { + appCtx = new ClassPathXmlApplicationContext("at/gv/egiz/bku/slcommands/testApplicationContext.xml"); + } + @Before public void setUp() { factory = SLCommandFactory.getInstance(); diff --git a/pom.xml b/pom.xml index 874dce5b..74c449e8 100644 --- a/pom.xml +++ b/pom.xml @@ -1,4 +1,5 @@ - + 4.0.0 at.gv.egiz bku @@ -38,15 +39,15 @@ - scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk - scm:svn:svn+ssh://svn.egovlabs.gv.at/svnroot/mocca/trunk + scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk + scm:svn:svn+ssh://svn.egovlabs.gv.at/svnroot/mocca/trunk svn://svn.egovlabs.gv.at/svnroot/mocca/trunk E-Government Innovation Center (EGIZ) http://www.egiz.gv.at - + @@ -56,20 +57,21 @@ + 1.6 1.6 1.6 true true - UTF-8 + UTF-8 + + + + maven-resources-plugin + + UTF-8 - - maven-resources-plugin - - UTF-8 - - maven-assembly-plugin org.apache.maven.plugins @@ -83,16 +85,17 @@ + jaxws-maven-plugin org.codehaus.mojo 1.10 - org.apache.maven.plugins - maven-release-plugin - 2.0-beta-7 + org.apache.maven.plugins + maven-release-plugin + 2.0-beta-7 @@ -105,7 +108,8 @@ + ${basedir}/src/main/assemblies/assembly-server.xml + @@ -219,6 +224,16 @@ 3.1 compile + + org.springframework + spring-core + 2.5.5 + + + org.springframework + spring-context + 2.5.5 + \ No newline at end of file -- cgit v1.2.3 From 3aadcf8f877a560bed75af7e0db918aa26ef2a03 Mon Sep 17 00:00:00 2001 From: mcentner Date: Thu, 4 Dec 2008 10:00:31 +0000 Subject: Refactoring of infobox implementation. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@232 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/webapp/WEB-INF/applicationContext.xml | 34 ++ .../src/main/webapp/WEB-INF/applicationContext.xml | 17 + .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 1 + .../bku/binding/LegacyDataUrlConnectionImpl.java | 230 +++++++++ .../java/at/gv/egiz/bku/conf/Configurator.java | 41 +- .../egiz/bku/slcommands/InfoboxUpdateCommand.java | 23 + .../egiz/bku/slcommands/InfoboxUpdateResult.java | 21 + .../slcommands/impl/AbstractAssocArrayInfobox.java | 284 ++++++++++ .../slcommands/impl/AbstractBinaryFileInfobox.java | 68 +++ .../impl/AbstractInfoboxCommandImpl.java | 55 ++ .../bku/slcommands/impl/AbstractInfoboxImpl.java | 26 + .../bku/slcommands/impl/AssocArrayInfobox.java | 27 + .../bku/slcommands/impl/BinaryFileInfobox.java | 27 + .../slcommands/impl/CertificatesInfoboxImpl.java | 112 ++++ .../impl/CreateXMLSignatureCommandImpl.java | 37 +- .../slcommands/impl/IdentityLinkInfoboxImpl.java | 291 +++++++++++ .../at/gv/egiz/bku/slcommands/impl/Infobox.java | 53 ++ .../egiz/bku/slcommands/impl/InfoboxFactory.java | 151 ++++++ .../slcommands/impl/InfoboxReadCommandImpl.java | 569 ++------------------- .../bku/slcommands/impl/InfoboxReadResultImpl.java | 3 +- .../slcommands/impl/InfoboxUpdateCommandImpl.java | 158 ++++++ .../slcommands/impl/InfoboxUpdateResultImpl.java | 43 ++ .../gv/egiz/bku/slcommands/impl/SLCommandImpl.java | 107 +--- .../at/gv/egiz/bku/slcommands/impl/STALHelper.java | 218 ++++++++ .../egiz/bku/slcommands/testApplicationContext.xml | 36 -- .../egiz/bku/slcommands/testApplicationContext.xml | 53 ++ 26 files changed, 1968 insertions(+), 717 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java delete mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index 1d09aa7e..5ac12ece 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -48,6 +48,40 @@ + + + + + + + + + + + + + + + + + + + + + + diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index 9c7194dd..321e1e98 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -45,6 +45,23 @@ + + + + + + + + + + + + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index d462ac60..531772cf 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -65,5 +65,6 @@ public class DataUrl { public static void setConfiguration(Properties props) { configuration = props; + defaultDataUrlConnection.setConfiguration(configuration); } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java new file mode 100644 index 00000000..5339d689 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -0,0 +1,230 @@ +package at.gv.egiz.bku.binding; + + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.io.StringWriter; +import java.net.HttpURLConnection; +import java.net.SocketTimeoutException; +import java.net.URL; +import java.net.URLEncoder; +import java.security.cert.X509Certificate; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Properties; +import java.util.Set; + +import javax.net.ssl.HttpsURLConnection; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLResult.SLResultType; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.binding.Protocol; + +/** + * not thread-safe thus newInsance always returns a new object + * + */ +public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { + + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); + + public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, + Protocol.HTTPS }; + protected X509Certificate serverCertificate; + protected Protocol protocol; + protected URL url; + private HttpURLConnection connection; + protected Map requestHttpHeaders; + protected Map formParams; + protected String boundary; + protected Properties config = null; + + protected DataUrlResponse result; + + public String getProtocol() { + if (protocol == null) { + return null; + } + return protocol.toString(); + } + + /** + * opens a connection sets the headers gets the server certificate + * + * @throws java.net.SocketTimeoutException + * @throws java.io.IOException + * @pre url != null + * @pre httpHeaders != null + */ + public void connect() throws SocketTimeoutException, IOException { + connection = (HttpURLConnection) url.openConnection(); + connection.setDoOutput(true); + Set headers = requestHttpHeaders.keySet(); + Iterator headerIt = headers.iterator(); + while (headerIt.hasNext()) { + String name = headerIt.next(); + connection.setRequestProperty(name, requestHttpHeaders.get(name)); + } + log.trace("Connecting to: "+url); + connection.connect(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection ssl = (HttpsURLConnection) connection; + X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); + if ((certs != null) && (certs.length >= 1)) { + log.trace("Server certificate: "+certs[0]); + serverCertificate = certs[0]; + } + } + } + + public X509Certificate getServerCertificate() { + return serverCertificate; + } + + public void setHTTPHeader(String name, String value) { + if (name != null && value != null) { + requestHttpHeaders.put(name, value); + } + } + + public void setHTTPFormParameter(String name, InputStream data, + String contentType, String charSet, String transferEncoding) { + StringBuilder sb = new StringBuilder(); + try { + InputStreamReader reader = new InputStreamReader(data, (charSet != null) ? charSet : "UTF-8"); + char[] c = new char[512]; + for (int l; (l = reader.read(c)) != -1;) { + sb.append(c, 0, l); + } + } catch (IOException e) { + throw new SLRuntimeException("Failed to set HTTP form parameter.", e); + } + formParams.put(name, sb.toString()); + } + + /** + * send all formParameters + * + * @throws java.io.IOException + */ + public void transmit(SLResult slResult) throws IOException { + StringWriter writer = new StringWriter(); + slResult.writeTo(new StreamResult(writer)); + formParams.put( + (slResult.getResultType() == SLResultType.XML) + ? DataUrlConnection.FORMPARAM_XMLRESPONSE + : DataUrlConnection.FORMPARAM_BINARYRESPONSE, + writer.toString()); + + OutputStream os = connection.getOutputStream(); + OutputStreamWriter streamWriter = new OutputStreamWriter(os, HttpUtil.DEFAULT_CHARSET); + + log.trace("Sending data"); + Iterator keys = formParams.keySet().iterator(); + while(keys.hasNext()) { + String key = keys.next(); + streamWriter.write(URLEncoder.encode(key, "UTF-8")); + streamWriter.write("="); + streamWriter.write(URLEncoder.encode(formParams.get(key), "UTF-8")); + if (keys.hasNext()) { + streamWriter.write("&"); + } + } + streamWriter.flush(); + os.close(); + + // MultipartRequestEntity PostMethod + InputStream is = null; + try { + is = connection.getInputStream(); + } catch (IOException iox) { + log.info(iox); + } + log.trace("Reading response"); + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); + Map responseHttpHeaders = new HashMap(); + Map> httpHeaders = connection.getHeaderFields(); + for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt + .hasNext();) { + String key = keyIt.next(); + StringBuffer value = new StringBuffer(); + for (String val : httpHeaders.get(key)) { + value.append(val); + value.append(HttpUtil.SEPERATOR[0]); + } + String valString = value.substring(0, value.length() - 1); + if ((key != null) && (value.length() > 0)) { + responseHttpHeaders.put(key, valString); + } + } + result.setResponseHttpHeaders(responseHttpHeaders); + } + + @Override + public DataUrlResponse getResponse() throws IOException { + return result; + } + + /** + * inits protocol, url, httpHeaders, formParams + * + * @param url + * must not be null + */ + @Override + public void init(URL url) { + + for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { + if (SUPPORTED_PROTOCOLS[i].toString().equalsIgnoreCase(url.getProtocol())) { + protocol = SUPPORTED_PROTOCOLS[i]; + break; + } + } + if (protocol == null) { + throw new SLRuntimeException("Protocol " + url.getProtocol() + + " not supported for data url"); + } + this.url = url; + requestHttpHeaders = new HashMap(); + if ((config != null) + && (config.getProperty(USER_AGENT_PROPERTY_KEY) != null)) { + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config + .getProperty(USER_AGENT_PROPERTY_KEY)); + } else { + requestHttpHeaders + .put(HttpUtil.HTTP_HEADER_USER_AGENT, DEFAULT_USERAGENT); + + } + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + HttpUtil.APPLICATION_URL_ENCODED); + + formParams = new HashMap(); + } + + @Override + public DataUrlConnectionSPI newInstance() { + DataUrlConnectionSPI uc = new LegacyDataUrlConnectionImpl(); + uc.setConfiguration(config); + return uc; + } + + @Override + public URL getUrl() { + return url; + } + + @Override + public void setConfiguration(Properties config) { + this.config = config; + } +} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 9ed99190..6078de36 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -187,28 +187,29 @@ public abstract class Configurator { } public void configureVersion() { - Properties p = new Properties(); - try { - InputStream is = getManifest(); - if (is != null) { - p.load(getManifest()); - String version = p.getProperty("Implementation-Build"); - properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, - "citizen-card-environment/1.2 MOCCA " + version); - DataUrl.setConfiguration(properties); - log - .debug("Setting user agent to: " - + properties - .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); - } else { - log.warn("Cannot read manifest"); - properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, - "citizen-card-environment/1.2 MOCCA UNKNOWN"); - DataUrl.setConfiguration(properties); + if (properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY) == null) { + Properties p = new Properties(); + try { + InputStream is = getManifest(); + if (is != null) { + p.load(getManifest()); + String version = p.getProperty("Implementation-Build"); + properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, + "citizen-card-environment/1.2 MOCCA " + version); + log + .debug("Setting user agent to: " + + properties + .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); + } else { + log.warn("Cannot read manifest"); + properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, + "citizen-card-environment/1.2 MOCCA UNKNOWN"); + } + } catch (IOException e) { + log.error(e); } - } catch (IOException e) { - log.error(e); } + DataUrl.setConfiguration(properties); } public void configure() { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java new file mode 100644 index 00000000..c2974785 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java @@ -0,0 +1,23 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InfoboxUpdateCommand extends SLCommand { + + public String getInfoboxIdentifier(); + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java new file mode 100644 index 00000000..d180facf --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java @@ -0,0 +1,21 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InfoboxUpdateResult extends SLResult { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java new file mode 100644 index 00000000..e49ed6c0 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java @@ -0,0 +1,284 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxAssocArrayPairType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadKeys; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadPairs; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An abstract base class for {@link Infobox} implementations of type associative array. + * + * @author mcentner + */ +public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl + implements AssocArrayInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(AbstractAssocArrayInfobox.class); + + /** + * The search string pattern. + */ + public static final String SEARCH_STRING_PATTERN = ".&&[^/](/.&&[^/])*"; + + /** + * @return the keys available in this infobox. + */ + public abstract String[] getKeys(); + + /** + * @return true if the values are XML entities, or false otherwise. + */ + public abstract boolean isValuesAreXMLEntities(); + + /** + * Returns a key to value mapping for the given keys. + * + * @param keys a list of keys + * @param cmdCtx the command context + * + * @return a key to value mapping for the given keys. + * + * @throws SLCommandException if obtaining the values fails + */ + public abstract Map getValues(List keys, SLCommandContext cmdCtx) throws SLCommandException; + + /** + * Returns all keys that match the given searchString. + * + * @param searchString the search string + * + * @return all keys that match the given searchString + * + * @throws SLCommandException if the given search string is invalid + */ + protected List selectKeys(String searchString) throws SLCommandException { + + if ("*".equals(searchString) || "**".equals(searchString)) { + return Arrays.asList(getKeys()); + } + + if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) { + +// for (int i = 0; i < searchString.length(); i++) { +// int codePoint = searchString.codePointAt(i); +// +// } + + // TODO : build pattern + return Collections.emptyList(); + } else { + log.info("Got invalid search string '" + searchString + "'"); + throw new SLCommandException(4010); + } + + } + + /** + * Read all keys specified by readKeys. + * + * @param readKeys + * the ReadKeys element + * @param cmdCtx + * the command context + * @return a corresponding InfoboxReadResult + * + * @throws SLCommandException + * if the ReadKeys element is invalid or obtaining the corresponding + * values fails + */ + protected InfoboxReadResult readKeys(ReadKeys readKeys, SLCommandContext cmdCtx) throws SLCommandException { + + List selectedKeys = selectKeys(readKeys.getSearchString()); + + if (readKeys.isUserMakesUnique() && selectedKeys.size() > 1) { + log.info("UserMakesUnique not supported"); + // TODO: give more specific error message + throw new SLCommandException(4010); + } + + ObjectFactory objectFactory = new ObjectFactory(); + + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory + .createInfoboxReadDataAssocArrayType(); + + List keys = infoboxReadDataAssocArrayType.getKey(); + keys.addAll(selectedKeys); + + return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + + } + + /** + * Read all pairs specified by readPairs. + * + * @param readPairs + * the readPairs element + * @param cmdCtx + * the command context + * @return a corresponding InfoboxReadResult + * + * @throws SLCommandException + * if the ReadPairs element is invalid or obtaining the corresponding + * values fails + */ + protected InfoboxReadResult readPairs(ReadPairs readPairs, SLCommandContext cmdCtx) throws SLCommandException { + + if (readPairs.isValuesAreXMLEntities() && !isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities=" + readPairs + " but infobox type is binary."); + throw new SLCommandException(4010); + } + + if (!readPairs.isValuesAreXMLEntities() && isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities=" + readPairs + " but infobox type is XML."); + throw new SLCommandException(4010); + } + + List selectedKeys = selectKeys(readPairs.getSearchString()); + + if (readPairs.isUserMakesUnique() && selectedKeys.size() > 1) { + log.info("UserMakesUnique not supported"); + // TODO: give more specific error message + throw new SLCommandException(4010); + } + + ObjectFactory objectFactory = new ObjectFactory(); + + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory.createInfoboxReadDataAssocArrayType(); + + Map values = getValues(selectedKeys, cmdCtx); + for (String key : selectedKeys) { + InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); + infoboxAssocArrayPairType.setKey(key); + Object value = values.get(key); + if (value instanceof byte[]) { + infoboxAssocArrayPairType.setBase64Content((byte[]) value); + } else { + infoboxAssocArrayPairType.setXMLContent((XMLContentType) value); + } + infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); + } + + return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + } + + /** + * Read the value specified by readPairs. + * + * @param readValue + * the readValue element + * @param cmdCtx + * the command context + * @return a corresponding InfoboxReadResult + * + * @throws SLCommandException + * if the ReadValue element is invalid or obtaining the corresponding + * values fails + */ + protected InfoboxReadResult readValue(ReadValue readValue, SLCommandContext cmdCtx) throws SLCommandException { + + if (readValue.isValueIsXMLEntity() && !isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities=" + readValue + " but infobox type is binary."); + throw new SLCommandException(4010); + } + + if (!readValue.isValueIsXMLEntity() && isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities=" + readValue + " but infobox type is XML."); + throw new SLCommandException(4010); + } + + List selectedKeys; + + if (Arrays.asList(getKeys()).contains(readValue.getKey())) { + selectedKeys = Collections.singletonList(readValue.getKey()); + } else { + selectedKeys = Collections.emptyList(); + } + + ObjectFactory objectFactory = new ObjectFactory(); + + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory.createInfoboxReadDataAssocArrayType(); + + Map values = getValues(selectedKeys, cmdCtx); + for (String key : selectedKeys) { + InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); + infoboxAssocArrayPairType.setKey(key); + Object value = values.get(key); + if (value instanceof byte[]) { + infoboxAssocArrayPairType.setBase64Content((byte[]) value); + } else { + infoboxAssocArrayPairType.setXMLContent((XMLContentType) value); + } + infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); + } + + return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + } + + @Override + public InfoboxReadResult read(InfoboxReadRequestType req, + SLCommandContext cmdCtx) throws SLCommandException { + + InfoboxReadParamsAssocArrayType assocArrayParameters = req + .getAssocArrayParameters(); + + if (assocArrayParameters == null) { + log.info("Infobox type is AssocArray but got no AssocArrayParameters."); + throw new SLCommandException(4010); + } + + if (assocArrayParameters.getReadKeys() != null) { + return readKeys(assocArrayParameters.getReadKeys(), cmdCtx); + } + + if (assocArrayParameters.getReadPairs() != null) { + return readPairs(assocArrayParameters.getReadPairs(), cmdCtx); + } + + // ReadValue + if (assocArrayParameters.getReadValue() != null) { + return readValue(assocArrayParameters.getReadValue(), cmdCtx); + } + + log + .info("Infobox type is AssocArray but got invalid AssocArrayParameters."); + throw new SLCommandException(4010); + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java new file mode 100644 index 00000000..07ca639c --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java @@ -0,0 +1,68 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; + +/** + * An abstract base class for {@link Infobox} implementations of type binary file. + * + * @author mcentner + */ +public abstract class AbstractBinaryFileInfobox extends AbstractInfoboxImpl implements BinaryFileInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(AbstractBinaryFileInfobox.class); + + /** + * Is this infobox' content an XML entity? + */ + private boolean isXMLEntity = false; + + /** + * @return true if this infobox' content is an XML entity or false otherwise. + */ + public boolean isXMLEntity() { + return isXMLEntity; + } + + /** + * Sets the value returned by {@link #isXMLEntity()} according to the given + * request. + * + * @param request the InfoboxReadRequest + */ + public void setIsXMLEntity(InfoboxReadRequestType request) { + + InfoboxReadParamsBinaryFileType binaryFileParameters = request.getBinaryFileParameters(); + if (binaryFileParameters != null) { + isXMLEntity = binaryFileParameters.isContentIsXMLEntity(); + log.debug("Got ContentIsXMLEntity=" + isXMLEntity + "."); + } + + } + + + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java new file mode 100644 index 00000000..305769a8 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java @@ -0,0 +1,55 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An abstract base class for implementations of security layer infobox requests. + * + * @author mcentner + * + * @param + */ +public abstract class AbstractInfoboxCommandImpl extends SLCommandImpl { + + /** + * The infobox implementation. + */ + protected Infobox infobox; + + @Override + public void init(SLCommandContext ctx, Object request) + throws SLCommandException { + super.init(ctx, request); + + String infoboxIdentifier = getInfoboxIdentifier(getRequestValue()); + + infobox = InfoboxFactory.getInstance().createInfobox(infoboxIdentifier); + } + + /** + * Returns the infobox identifier given in request. + * + * @param request the request value + * + * @return the infobox identifier givne in request + */ + protected abstract String getInfoboxIdentifier(T request); + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java new file mode 100644 index 00000000..e5c7afcc --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java @@ -0,0 +1,26 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +/** + * An abstract base class for {@link Infobox} implementations. + * + * @author mcentner + */ +public abstract class AbstractInfoboxImpl implements Infobox { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java new file mode 100644 index 00000000..908d95da --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java @@ -0,0 +1,27 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +/** + * An {@link Infobox} of type associative array as defined in Security Layer + * 1.2. + * + * @author mcentner + */ +public interface AssocArrayInfobox extends Infobox { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java new file mode 100644 index 00000000..c27f9446 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java @@ -0,0 +1,27 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +/** + * An {@link Infobox} of type binary file as defined in Security Layer + * 1.2. + * + * @author mcentner + */ +public interface BinaryFileInfobox extends Infobox { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java new file mode 100644 index 00000000..0208f137 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java @@ -0,0 +1,112 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.STALRequest; + +/** + * An implementation of the {@link Infobox} Certificates as + * specified in Security Layer 1.2. + * + * @author mcentner + */ +public class CertificatesInfoboxImpl extends AbstractAssocArrayInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(CertificatesInfoboxImpl.class); + + /** + * The valid keys. + */ + public static final String[] CERTIFICATES_KEYS = new String[] { + "SecureSignatureKeypair", + "CertifiedKeypair" }; + + @Override + public String getIdentifier() { + return "Certificates"; + } + + @Override + public String[] getKeys() { + return CERTIFICATES_KEYS; + } + + @Override + public boolean isValuesAreXMLEntities() { + return false; + } + + @Override + public Map getValues(List certificates, SLCommandContext cmdCtx) throws SLCommandException { + + STALHelper stalHelper = new STALHelper(cmdCtx.getSTAL()); + + if (certificates != null && !certificates.isEmpty()) { + + List stalRequests = new ArrayList(); + + // get certificates + InfoboxReadRequest infoboxReadRequest; + for (int i = 0; i < certificates.size(); i++) { + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(certificates.get(i)); + stalRequests.add(infoboxReadRequest); + } + + stalHelper.transmitSTALRequest(stalRequests); + + List x509Certs = stalHelper.getCertificatesFromResponses(); + + Map values = new HashMap(); + + for (int i = 0; i < certificates.size(); i++) { + try { + values.put(certificates.get(i), x509Certs.get(i).getEncoded()); + } catch (CertificateEncodingException e) { + log.error("Failed to encode certificate.", e); + throw new SLCommandException(4000); + } + } + + return values; + + } else { + + return new HashMap(); + + } + + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java index b2e3b303..01686641 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java @@ -16,13 +16,11 @@ */ package at.gv.egiz.bku.slcommands.impl; -import java.io.ByteArrayInputStream; import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Date; +import java.util.List; import javax.xml.crypto.MarshalException; import javax.xml.crypto.URIReferenceException; @@ -48,11 +46,8 @@ import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLViewerException; import at.gv.egiz.dom.DOMUtils; -import at.gv.egiz.stal.ErrorResponse; import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; /** * This class implements the security layer command @@ -147,33 +142,13 @@ public class CreateXMLSignatureCommandImpl extends InfoboxReadRequest stalRequest = new InfoboxReadRequest(); stalRequest.setInfoboxIdentifier(keyboxIdentifier); - requestSTAL(Collections.singletonList((STALRequest) stalRequest)); - - STALResponse stalResponse = stalResponses.next(); - - if (stalResponse instanceof InfoboxReadResponse) { - byte[] infobox = ((InfoboxReadResponse) stalResponse).getInfoboxValue(); - - try { - CertificateFactory certFactory = CertificateFactory.getInstance("X509"); - signingCertificate = (X509Certificate) certFactory - .generateCertificate(new ByteArrayInputStream(infobox)); - } catch (CertificateException e) { - log.info("Failed to decode signing certificate.", e); - // TODO: issue appropriate error - throw new SLCommandException(4000); - } - - } else if (stalResponse instanceof ErrorResponse) { - ErrorResponse err = (ErrorResponse) stalResponse; - log.info("Received an error response from STAL with code: " - + err.getErrorCode()); - throw new SLCommandException(err.getErrorCode()); - - } else { - log.info("Failed to get signing certificate."); + stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest)); + List certificates = stalHelper.getCertificatesFromResponses(); + if (certificates == null || certificates.size() != 1) { + log.info("Got an unexpected number of certificates from STAL."); throw new SLCommandException(4000); } + signingCertificate = certificates.get(0); } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java new file mode 100644 index 00000000..20d20c9d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java @@ -0,0 +1,291 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.net.MalformedURLException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; + +import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; +import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.idlink.CompressedIdentityLinkFactory; +import at.gv.egiz.idlink.IdentityLinkTransformer; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.STALRequest; + +/** + * An implementation of the {@link Infobox} IdentityLink as + * specified in Security Layer 1.2 + * + * @author mcentner + */ +public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(IdentityLinkInfoboxImpl.class); + + /** + * The box specific parameter IdentityLinkDomainIdentifier. + */ + public static final String BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER = "IdentityLinkDomainIdentifier"; + + /** + * The value of the box specific parameter IdentityLinkDomainIdentifier. + */ + private String domainIdentifier; + + @Override + public String getIdentifier() { + return "IdentityLink"; + } + + /** + * @return the value of the box specific parameter IdentityLinkDomainIdentifier + */ + public String getDomainIdentifier() { + return domainIdentifier; + } + + @Override + public InfoboxReadResult read(InfoboxReadRequestType req, SLCommandContext cmdCtx) throws SLCommandException { + + AnyChildrenType boxSpecificParameters = req.getBoxSpecificParameters(); + + if (boxSpecificParameters != null) { + // check BoxSpecificParameters + List parameter = boxSpecificParameters.getAny(); + JAXBElement element; + if (parameter != null + && parameter.size() == 1 + && parameter.get(0) instanceof JAXBElement + && SLCommand.NAMESPACE_URI.equals((element = (JAXBElement) parameter.get(0)).getName().getNamespaceURI()) + && BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER.equals(element.getName().getLocalPart()) + && element.getValue() instanceof String) { + domainIdentifier = (String) element.getValue(); + log.debug("Got sl:IdentityLinkDomainIdentifier: " + domainIdentifier); + } else { + log.info("Got invalid BoxSpecificParameters."); + throw new SLCommandException(4010); + } + } + + setIsXMLEntity(req); + + STALHelper stalHelper = new STALHelper(cmdCtx.getSTAL()); + + List stalRequests = new ArrayList(); + + InfoboxReadRequest infoboxReadRequest; + // get raw identity link + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(getIdentifier()); + infoboxReadRequest.setDomainIdentifier(domainIdentifier); + stalRequests.add(infoboxReadRequest); + + // get certificates + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier("SecureSignatureKeypair"); + stalRequests.add(infoboxReadRequest); + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier("CertifiedKeypair"); + stalRequests.add(infoboxReadRequest); + + stalHelper.transmitSTALRequest(stalRequests); + log.trace("Got STAL response"); + + IdentityLink identityLink = stalHelper.getIdentityLinkFromResponses(); + List certificates = stalHelper.getCertificatesFromResponses(); + + + CompressedIdentityLinkFactory idLinkFactory = CompressedIdentityLinkFactory.getInstance(); + JAXBElement compressedIdentityLink = idLinkFactory + .createCompressedIdentityLink(identityLink, certificates, getDomainIdentifier()); + + IdentityLinkTransformer identityLinkTransformer = IdentityLinkTransformer.getInstance(); + String issuerTemplate = identityLink.getIssuerTemplate(); + + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + DocumentBuilder db; + try { + db = dbf.newDocumentBuilder(); + } catch (ParserConfigurationException e) { + log.error("Failed to create XML document.", e); + throw new SLRuntimeException(e); + } + + Document document = db.newDocument(); + try { + idLinkFactory.marshallCompressedIdentityLink(compressedIdentityLink, document, null, true); + } catch (JAXBException e) { + log.info("Failed to marshall CompressedIdentityLink.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { getIdentifier() }); + } + + InfoboxReadResultFileImpl result = new InfoboxReadResultFileImpl(); + ByteArrayOutputStream resultBytes = null; + Result xmlResult = (isXMLEntity() || getDomainIdentifier() != null) + ? result.getXmlResult(true) + : new StreamResult((resultBytes = new ByteArrayOutputStream())); + try { + log.trace("Trying to transform identitylink"); + identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult); + } catch (MalformedURLException e) { + log.warn("Malformed issuer template URL '" + issuerTemplate + "'."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (IOException e) { + log.warn("Failed to dereferene issuer template URL '" + issuerTemplate + "'." ,e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerConfigurationException e) { + log.warn("Failed to create transformation template from issuer template URL '" + issuerTemplate + "'", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerException e) { + log.info("Faild to transform CompressedIdentityLink.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + + // TODO: Report BUG in IssuerTemplates + // Some IssuerTemplate stylesheets do not consider the pr:Type-Element of the CompressedIdentityLink ... + if (getDomainIdentifier() != null) { + if (xmlResult instanceof DOMResult) { + Node node = ((DOMResult) xmlResult).getNode(); + Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); + Node idLinkNode; + if (nextSibling != null) { + idLinkNode = nextSibling.getPreviousSibling(); + } else if (node != null) { + idLinkNode = node.getFirstChild(); + } else { + log + .error("An IdentityLinkDomainIdentifier of '" + + getDomainIdentifier() + + "' has been given. However, it cannot be set, as the transformation result does not contain a node."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + IdentityLinkTransformer.setDomainIdentifier(idLinkNode, getDomainIdentifier()); + } else { + log + .error("An IdentityLinkDomainIdentifier of '" + + getDomainIdentifier() + + "' has been given. However, it cannot be set, as the transformation result is not of type DOM."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } + + if (!isXMLEntity()) { + if (resultBytes == null) { + resultBytes = new ByteArrayOutputStream(); + + if (xmlResult instanceof DOMResult) { + Node node = ((DOMResult) xmlResult).getNode(); + Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); + + DOMSource xmlSource; + if (nextSibling != null) { + xmlSource = new DOMSource(nextSibling.getPreviousSibling()); + } else if (node != null) { + xmlSource = new DOMSource(node.getFirstChild()); + } else { + log + .error("IssuerTemplate transformation returned no node."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + try { + Transformer transformer = transformerFactory.newTransformer(); + transformer.transform(xmlSource, new StreamResult(resultBytes)); + } catch (TransformerConfigurationException e) { + log.error(e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerException e) { + log.error(e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } else if (xmlResult instanceof StreamResult) { + OutputStream outputStream = ((StreamResult) xmlResult).getOutputStream(); + if (outputStream instanceof ByteArrayOutputStream) { + result.setResultBytes(((ByteArrayOutputStream) outputStream).toByteArray()); + } else { + log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } + } else { + result.setResultBytes(resultBytes.toByteArray()); + } + } + + return result; + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java new file mode 100644 index 00000000..a6f8cbb2 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java @@ -0,0 +1,53 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An implementation of this interface represents a infobox as defined in + * Security-Layer 1.2. + * + * @author mcentner + */ +public interface Infobox { + + /** + * @return the identifier of this infobox + */ + public String getIdentifier(); + + /** + * Read data from this infobox. + * + * @param request + * the InfoboxReadRequest + * @param cmdCtx + * the command context + * + * @return the data read from this infobox as InfoboxReadResult + * + * @throws SLCommandException + * if reading from this infobox fails + */ + public InfoboxReadResult read(InfoboxReadRequestType request, + SLCommandContext cmdCtx) throws SLCommandException; + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java new file mode 100644 index 00000000..4a03fe74 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java @@ -0,0 +1,151 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * A factory for creating {@link Infobox}es. + * + * @author mcentner + */ +public class InfoboxFactory { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(InfoboxFactory.class); + + /** + * The singleton instance of this InfoboxFactory. + */ + private static InfoboxFactory instance; + + /** + * @return an instance of this InfoboxFactory + */ + public synchronized static InfoboxFactory getInstance() { + if (instance == null) { + instance = new InfoboxFactory(); + } + return instance; + } + + /** + * The mapping of infobox identifier to implementation class. + */ + private HashMap> implementations; + + /** + * Private constructor. + */ + private InfoboxFactory() { + } + + /** + * Sets the mapping of infobox identifier to implementation class name. + * + * @param infoboxImplMap + * a mapping of infobox identifiers to implementation class names + * + * @throws ClassNotFoundException + * if implementation class is not an instance of {@link Infobox} + */ + @SuppressWarnings("unchecked") + public void setInfoboxImpl(Map infoboxImplMap) throws ClassNotFoundException { + HashMap> implMap = new HashMap>(); + ClassLoader cl = getClass().getClassLoader(); + for (String key : infoboxImplMap.keySet()) { + Class impl = (Class) cl.loadClass(infoboxImplMap.get(key)); + log.debug("Registering infobox '" + key + "' implementation '" + impl.getCanonicalName() + "'."); + implementations.put(key, impl); + } + implementations = implMap; + } + + /** + * Returns the configured implementation class for the given + * infoboxIdentifier. + * + * @param infoboxIdentifier + * the infobox identifier + * + * @return the implementation class for the given infobox identifier or + * null if there is no implementation class configured + */ + public Class getImplClass(String infoboxIdentifier) { + if (implementations != null) { + return implementations.get(infoboxIdentifier); + } else { + return null; + } + } + + /** + * Create a new {@link Infobox} instance for the given + * infoboxIdentifier. + * + * @param infoboxIdentifier + * the infobox identifier + * + * @return an {@link Infobox} implementation for the given infobox identifier + * + * @throws SLCommandException + * if there is no implementation for the given infobox identifier + * @throws SLRuntimeException + * if creating an {@link Infobox} instance fails + */ + public Infobox createInfobox(String infoboxIdentifier) throws SLCommandException, SLRuntimeException { + + Class implClass = getImplClass(infoboxIdentifier); + if (implClass == null) { + // infobox not supported + log.info("Unsupported infobox '" + infoboxIdentifier + "."); + throw new SLCommandException(4002, + SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, + new Object[] { infoboxIdentifier }); + } + + // try to instantiate + Infobox infobox; + try { + infobox = implClass.newInstance(); + log.debug("Infobox '" + infobox.getIdentifier() + "' created."); + } catch (InstantiationException e) { + // unexpected error + log.error("Failed to instantiate infobox implementation.", e); + throw new SLRuntimeException(e); + } catch (IllegalAccessException e) { + // unexpected error + log.error("Failed to instantiate infobox implementation.", e); + throw new SLRuntimeException(e); + } + + return infobox; + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index c7bb5205..aaa786a6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -16,67 +16,14 @@ */ package at.gv.egiz.bku.slcommands.impl; -import iaik.asn1.CodingException; -import iaik.asn1.DerCoder; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.OutputStream; -import java.net.MalformedURLException; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; -import java.util.regex.Pattern; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Result; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; -import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxAssocArrayPairType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; -import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadKeys; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadPairs; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; import at.gv.egiz.bku.slcommands.InfoboxReadCommand; -import at.gv.egiz.bku.slcommands.SLCommand; import at.gv.egiz.bku.slcommands.SLCommandContext; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLExceptionMessages; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.idlink.CompressedIdentityLinkFactory; -import at.gv.egiz.idlink.IdentityLinkTransformer; -import at.gv.egiz.idlink.ans1.IdentityLink; -import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; -import at.gv.egiz.stal.STALRequest; /** * This class implements the security layer command @@ -88,7 +35,7 @@ import at.gv.egiz.stal.STALRequest; * * @author mcentner */ -public class InfoboxReadCommandImpl extends SLCommandImpl implements +public class InfoboxReadCommandImpl extends AbstractInfoboxCommandImpl implements InfoboxReadCommand { /** @@ -96,511 +43,63 @@ public class InfoboxReadCommandImpl extends SLCommandImplInfoboxIdentifier - */ - protected String infoboxIdentifier; - - /** - * The IdentityLinkDomainIdentifier value of an IdentyLink infobox. - */ - protected String identityLinkDomainIdentifier; - - /** - * The list of certificates to be read from an Certificates infobox. - */ - protected List certificates; - - /** - * The result type. - */ - protected int assocArrayResult; - - /** - * Is content XML entity? - */ - protected boolean isXMLEntity; - @Override public String getName() { return "InfoboxReadRequest"; } - /** - * @return the infoboxIdentifier - */ - public String getInfoboxIdentifier() { - return infoboxIdentifier; - } - + @Override + protected String getInfoboxIdentifier(InfoboxReadRequestType request) { + return request.getInfoboxIdentifier(); + } + @Override public void init(SLCommandContext ctx, Object request) throws SLCommandException { super.init(ctx, request); InfoboxReadRequestType req = getRequestValue(); - - infoboxIdentifier = req.getInfoboxIdentifier(); - - if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) { - - if (req.getAssocArrayParameters() != null) { - log.info("Got AssocArrayParameters but Infobox type is BinaryFile."); - throw new SLCommandException(4010); - } - - InfoboxReadParamsBinaryFileType binaryFileParameters = req.getBinaryFileParameters(); - if (binaryFileParameters != null) { - isXMLEntity = binaryFileParameters.isContentIsXMLEntity(); - log.debug("Got ContentIsXMLEntity=" + isXMLEntity + "."); - } - - AnyChildrenType boxSpecificParameters = req.getBoxSpecificParameters(); - - if (boxSpecificParameters != null) { - // check BoxSpecificParameters - List parameter = boxSpecificParameters.getAny(); - JAXBElement element; - if (parameter != null - && parameter.size() == 1 - && parameter.get(0) instanceof JAXBElement - && SLCommand.NAMESPACE_URI.equals((element = (JAXBElement) parameter.get(0)).getName().getNamespaceURI()) - && BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER.equals(element.getName().getLocalPart()) - && element.getValue() instanceof String) { - identityLinkDomainIdentifier = (String) element.getValue(); - log.debug("Got sl:IdentityLinkDomainIdentifier: " + identityLinkDomainIdentifier); - } else { - log.info("Got invalid BoxSpecificParameters."); - throw new SLCommandException(4010); - } - } - } else if (INFOBOX_IDENTIFIER_CERTIFICATES.equals(infoboxIdentifier)) { - - if (req.getBinaryFileParameters() != null) { - log.info("Got BinaryFileParameters but Infobox type is AssocArray."); - throw new SLCommandException(4010); - } - - if (req.getBoxSpecificParameters() != null) { - log.info("Got invalid BoxSpecificParameters."); - throw new SLCommandException(4010); - } - - InfoboxReadParamsAssocArrayType assocArrayParameters = req - .getAssocArrayParameters(); - if (assocArrayParameters == null) { - log.info("Infobox type is AssocArray but got no AssocArrayParameters."); - throw new SLCommandException(4010); - } - - // RreadKeys? - if (assocArrayParameters.getReadKeys() != null) { - assocArrayResult = ASSOC_ARRAY_READ_KEYS; - ReadKeys readKeys = assocArrayParameters.getReadKeys(); - certificates = findCertificates(readKeys.getSearchString()); - if (readKeys.isUserMakesUnique() && certificates.size() > 1) { - log.info("UserMakesUnique not supported"); - // TODO: give more specific error message - throw new SLCommandException(4010); - } - } - - // ReadPairs? - if (assocArrayParameters.getReadPairs() != null) { - assocArrayResult = ASSOC_ARRAY_READ_PAIRS; - ReadPairs readPairs = assocArrayParameters.getReadPairs(); - if (readPairs.isValuesAreXMLEntities()) { - log.info("Got valuesAreXMLEntities but infobox type is binary."); - throw new SLCommandException(4010); - } - certificates = findCertificates(readPairs.getSearchString()); - if (readPairs.isUserMakesUnique() && certificates.size() > 1) { - log.info("UserMakesUnique not supported"); - // TODO: give more specific error message - throw new SLCommandException(4010); - } - } - - // ReadValue - if (assocArrayParameters.getReadValue() != null) { - assocArrayResult = ASSOC_ARRAY_READ_VALUE; - ReadValue readValue = assocArrayParameters.getReadValue(); - if (readValue.isValueIsXMLEntity()) { - log.info("Got valuesAreXMLEntities but infobox type is binary."); - throw new SLCommandException(4010); - } - String key = readValue.getKey(); - if (Arrays.asList(INFOXBOX_CERTIFICATES_KEYS).contains(key)) { - certificates = Collections.singletonList(key); - } else { - certificates = Collections.emptyList(); - } - } - - if (assocArrayResult == 0) { - log.info("Infobox type is AssocArray but got invalid AssocArrayParameters."); - throw new SLCommandException(4010); - } - - } else { - throw new SLCommandException(4002, - SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, - new Object[] { infoboxIdentifier }); - } + if (req.getAssocArrayParameters() != null && + !(infobox instanceof AssocArrayInfobox)) { + log.info("Got AssocArrayParameters but Infobox type is not AssocArray."); + throw new SLCommandException(4010); + } + + if (req.getBinaryFileParameters() != null && + !(infobox instanceof BinaryFileInfobox)) { + log.info("Got BinaryFileParameters but Infobox type is not BinaryFile."); + throw new SLCommandException(4010); + } } @Override public SLResult execute() { - try { - if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) { - return readIdentityLink(); - } else if (INFOBOX_IDENTIFIER_CERTIFICATES.equals(infoboxIdentifier)) { - return readCertificates(); - } else { - throw new SLCommandException(4000); - } - } catch (SLCommandException e) { - return new ErrorResultImpl(e, cmdCtx.getLocale()); - } - } - - /** - * Gets the IdentitiyLink form the next STAL response. - * - * @return the IdentityLink - * - * @throws SLCommandException if getting the IdentitiyLink fails - */ - private IdentityLink getIdentityLinkFromResponses() throws SLCommandException { - - // IdentityLink - InfoboxReadResponse response; - if (hasNextResponse()) { - response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); - byte[] idLink = response.getInfoboxValue(); - try { - return new IdentityLink(DerCoder.decode(idLink)); - } catch (CodingException e) { - log.info("Failed to decode infobox '" + INFOBOX_IDENTIFIER_IDENTITY_LINK + "'.", e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, - new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK }); - } - } else { - log.info("No infobox '" + INFOBOX_IDENTIFIER_IDENTITY_LINK + "' returned from STAL."); - throw new SLCommandException(4000); - } - - } - - /** - * Gets the list of certificates from the next STAL responses. - * - * @return the list of certificates - * - * @throws SLCommandException if getting the list of certificates fails - */ - private List getCertificatesFromResponses() throws SLCommandException { - - List certificates = new ArrayList(); - - CertificateFactory certFactory; - try { - certFactory = CertificateFactory.getInstance("X509"); - } catch (CertificateException e) { - // we should always be able to get an X509 certificate factory - log.error("CertificateFactory.getInstance(\"X509\") failed.", e); - throw new SLRuntimeException(e); - } - - InfoboxReadResponse response; - while(hasNextResponse()) { - response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); - byte[] cert = response.getInfoboxValue(); - try { - certificates.add((X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(cert))); - } catch (CertificateException e) { - log.info("Failed to decode certificate.", e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, - new Object[] { INFOBOX_IDENTIFIER_CERTIFICATES }); - } - } - - return certificates; - - } - - /** - * Uses STAL to read the IdentityLink. - * - * @return the corresponding security layer result - * - * @throws SLCommandException if reading the IdentityLink fails - */ - private SLResult readIdentityLink() throws SLCommandException { - - List stalRequests = new ArrayList(); - - InfoboxReadRequest infoboxReadRequest; - // get raw identity link - infoboxReadRequest = new InfoboxReadRequest(); - infoboxReadRequest.setInfoboxIdentifier(INFOBOX_IDENTIFIER_IDENTITY_LINK); - infoboxReadRequest.setDomainIdentifier(identityLinkDomainIdentifier); - stalRequests.add(infoboxReadRequest); - - // get certificates - infoboxReadRequest = new InfoboxReadRequest(); - infoboxReadRequest.setInfoboxIdentifier("SecureSignatureKeypair"); - stalRequests.add(infoboxReadRequest); - infoboxReadRequest = new InfoboxReadRequest(); - infoboxReadRequest.setInfoboxIdentifier("CertifiedKeypair"); - stalRequests.add(infoboxReadRequest); - - requestSTAL(stalRequests); - log.trace("Got STAL response"); - - IdentityLink identityLink = getIdentityLinkFromResponses(); - List certificates = getCertificatesFromResponses(); - - - CompressedIdentityLinkFactory idLinkFactory = CompressedIdentityLinkFactory.getInstance(); - JAXBElement compressedIdentityLink = idLinkFactory - .createCompressedIdentityLink(identityLink, certificates, identityLinkDomainIdentifier); - - IdentityLinkTransformer identityLinkTransformer = IdentityLinkTransformer.getInstance(); - String issuerTemplate = identityLink.getIssuerTemplate(); - - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - DocumentBuilder db; - try { - db = dbf.newDocumentBuilder(); - } catch (ParserConfigurationException e) { - log.error("Failed to create XML document.", e); - throw new SLRuntimeException(e); - } - - Document document = db.newDocument(); - try { - idLinkFactory.marshallCompressedIdentityLink(compressedIdentityLink, document, null, true); - } catch (JAXBException e) { - log.info("Failed to marshall CompressedIdentityLink.", e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, - new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK }); - } - - InfoboxReadResultFileImpl result = new InfoboxReadResultFileImpl(); - ByteArrayOutputStream resultBytes = null; - Result xmlResult = (isXMLEntity || identityLinkDomainIdentifier != null) - ? result.getXmlResult(true) - : new StreamResult((resultBytes = new ByteArrayOutputStream())); + try { - log.trace("Trying to transform identitylink"); - identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult); - } catch (MalformedURLException e) { - log.warn("Malformed issuer template URL '" + issuerTemplate + "'."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (IOException e) { - log.warn("Failed to dereferene issuer template URL '" + issuerTemplate + "'." ,e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (TransformerConfigurationException e) { - log.warn("Failed to create transformation template from issuer template URL '" + issuerTemplate + "'", e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (TransformerException e) { - log.info("Faild to transform CompressedIdentityLink.", e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } - - // TODO: Report BUG in IssuerTemplates - // Some IssuerTemplate stylesheets do not consider the pr:Type-Element of the CompressedIdentityLink ... - if (identityLinkDomainIdentifier != null) { - if (xmlResult instanceof DOMResult) { - Node node = ((DOMResult) xmlResult).getNode(); - Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); - Node idLinkNode; - if (nextSibling != null) { - idLinkNode = nextSibling.getPreviousSibling(); - } else if (node != null) { - idLinkNode = node.getFirstChild(); - } else { - log - .error("An IdentityLinkDomainIdentifier of '" - + identityLinkDomainIdentifier - + "' has been given. However, it cannot be set, as the transformation result does not contain a node."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } - IdentityLinkTransformer.setDomainIdentifier(idLinkNode, identityLinkDomainIdentifier); - } else { - log - .error("An IdentityLinkDomainIdentifier of '" - + identityLinkDomainIdentifier - + "' has been given. However, it cannot be set, as the transformation result is not of type DOM."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } - } - - if (!isXMLEntity) { - if (resultBytes == null) { - resultBytes = new ByteArrayOutputStream(); - - if (xmlResult instanceof DOMResult) { - Node node = ((DOMResult) xmlResult).getNode(); - Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); - - DOMSource xmlSource; - if (nextSibling != null) { - xmlSource = new DOMSource(nextSibling.getPreviousSibling()); - } else if (node != null) { - xmlSource = new DOMSource(node.getFirstChild()); - } else { - log - .error("IssuerTemplate transformation returned no node."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } - TransformerFactory transformerFactory = TransformerFactory.newInstance(); - try { - Transformer transformer = transformerFactory.newTransformer(); - transformer.transform(xmlSource, new StreamResult(resultBytes)); - } catch (TransformerConfigurationException e) { - log.error(e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (TransformerException e) { - log.error(e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } - } else if (xmlResult instanceof StreamResult) { - OutputStream outputStream = ((StreamResult) xmlResult).getOutputStream(); - if (outputStream instanceof ByteArrayOutputStream) { - result.setResultBytes(((ByteArrayOutputStream) outputStream).toByteArray()); - } else { - log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } - } - } else { - result.setResultBytes(resultBytes.toByteArray()); - } - } - - - return result; - - } - - protected List findCertificates(String searchString) throws SLCommandException { - - if ("*".equals(searchString) || "**".equals(searchString)) { - return Arrays.asList(INFOXBOX_CERTIFICATES_KEYS); + return infobox.read(getRequestValue(), getCmdCtx()); + } catch (SLCommandException e) { + return new ErrorResultImpl(e, getCmdCtx().getLocale()); } - if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) { - -// for (int i = 0; i < searchString.length(); i++) { -// int codePoint = searchString.codePointAt(i); -// -// } - - // TODO : build pattern - return Collections.emptyList(); + } + + + @Override + public String getIdentityLinkDomainId() { + if (infobox instanceof IdentityLinkInfoboxImpl) { + return ((IdentityLinkInfoboxImpl) infobox).getDomainIdentifier(); } else { - log.info("Got invalid search string '" + searchString + "'"); - throw new SLCommandException(4010); + return null; } - } - private SLResult readCertificates() throws SLCommandException { - - ObjectFactory objectFactory = new ObjectFactory(); - - InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory - .createInfoboxReadDataAssocArrayType(); - - if (assocArrayResult == ASSOC_ARRAY_READ_KEYS) { - - List keys = infoboxReadDataAssocArrayType.getKey(); - keys.addAll(certificates); - + @Override + public String getInfoboxIdentifier() { + if (infobox != null) { + return infobox.getIdentifier(); } else { - - if (certificates != null && !certificates.isEmpty()) { - - List stalRequests = new ArrayList(); - - // get certificates - InfoboxReadRequest infoboxReadRequest; - for (int i = 0; i < certificates.size(); i++) { - infoboxReadRequest = new InfoboxReadRequest(); - infoboxReadRequest.setInfoboxIdentifier(certificates.get(i)); - stalRequests.add(infoboxReadRequest); - } - - requestSTAL(stalRequests); - - List x509Certs = getCertificatesFromResponses(); - - for (int i = 0; i < certificates.size(); i++) { - InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); - infoboxAssocArrayPairType.setKey(certificates.get(i)); - try { - infoboxAssocArrayPairType.setBase64Content(x509Certs.get(i).getEncoded()); - } catch (CertificateEncodingException e) { - log.error("Failed to encode certificate.", e); - throw new SLCommandException(4000); - } - infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); - } - - } - + return null; } - - return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); - - } - - @Override - public String getIdentityLinkDomainId() { - return identityLinkDomainIdentifier; } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java index 8904eac6..a2b8ac9f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java @@ -23,8 +23,9 @@ import javax.xml.transform.Templates; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadResponseType; import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; -public class InfoboxReadResultImpl extends SLResultImpl { +public class InfoboxReadResultImpl extends SLResultImpl implements InfoboxReadResult { /** * The InfoboxReadResponse diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java new file mode 100644 index 00000000..6d281686 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java @@ -0,0 +1,158 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.cardchannel.CommandAPDUType; +import at.buergerkarte.namespaces.cardchannel.ResetType; +import at.buergerkarte.namespaces.cardchannel.ScriptType; +import at.buergerkarte.namespaces.cardchannel.VerifyAPDUType; +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.gv.egiz.bku.slcommands.InfoboxUpdateCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; + +public class InfoboxUpdateCommandImpl extends + SLCommandImpl implements InfoboxUpdateCommand { + + private static Log log = LogFactory.getLog(InfoboxUpdateCommandImpl.class); + + public static final String INFOBOX_IDENTIFIER_CARD_CHANNEL = "CardChannel"; + + protected String infoboxIdentifier; + + protected List cardChannelScript; + + @Override + public String getInfoboxIdentifier() { + return infoboxIdentifier; + } + + @Override + public void init(SLCommandContext ctx, Object request) + throws SLCommandException { + super.init(ctx, request); + + InfoboxUpdateRequestType req = getRequestValue(); + + infoboxIdentifier = req.getInfoboxIdentifier(); + + if (INFOBOX_IDENTIFIER_CARD_CHANNEL.equals(infoboxIdentifier)) { + + if (req.getAssocArrayParameters() != null) { + log.info("Got AssocArrayParameters but Infobox type is BinaryFile."); + throw new SLCommandException(4010); + } + + Base64XMLContentType binaryFileParameters = req.getBinaryFileParameters(); + if (binaryFileParameters == null) { + log.info("Got no BinaryFileParameters but Infobox type is BinaryFile."); + throw new SLCommandException(4010); + } + + if (binaryFileParameters.getBase64Content() == null) { + log.info("Got Base64Content but ContentIsXMLEntity is true."); + throw new SLCommandException(4010); + } + + List content = binaryFileParameters.getXMLContent().getContent(); + if (content.isEmpty()) { + log.info("Got no XMLContent but ContentIsXMLEntity is true."); + throw new SLCommandException(4010); + } + + for (Object element : content) { + if (!(element instanceof ScriptType)) { + log.info("Infobox identifier is '" + infoboxIdentifier + "' but XMLContent does not contain 'Script'."); + throw new SLCommandException(4010); + } + + setCardChannelScript(((ScriptType) element).getResetOrCommandAPDUOrVerifyAPDU()); + } + + if (getCardChannelScript() == null) { + log.info("Infobox identifier is '" + infoboxIdentifier + "' but XMLContent does not contain 'Script'."); + throw new SLCommandException(4010); + } + + } else { + throw new SLCommandException(4002, + SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, + new Object[] { infoboxIdentifier }); + } + + } + + public List getCardChannelScript() { + return cardChannelScript; + } + + public void setCardChannelScript(List cardChannelScript) { + this.cardChannelScript = cardChannelScript; + } + + @Override + public SLResult execute() { + + try { + if (INFOBOX_IDENTIFIER_CARD_CHANNEL.equals(getInfoboxIdentifier())) { + + executeCardChannelScript(); + return new InfoboxUpdateResultImpl(); + + } else { + throw new SLCommandException(4002, + SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, + new Object[] { infoboxIdentifier }); + } + } catch (SLCommandException e) { + return new ErrorResultImpl(e, cmdCtx.getLocale()); + } + + } + + protected void executeCardChannelScript() throws SLCommandException { + + if (cardChannelScript != null) { + + for (Object element : cardChannelScript) { + if (element instanceof ResetType) { + + } else if (element instanceof CommandAPDUType) { + + } else if (element instanceof VerifyAPDUType) { + + } + } + + } + + } + + @Override + public String getName() { + return "InfoboxUpdateRequest"; + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java new file mode 100644 index 00000000..15064756 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java @@ -0,0 +1,43 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBElement; +import javax.xml.transform.Result; +import javax.xml.transform.Templates; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; + +public class InfoboxUpdateResultImpl extends SLResultImpl implements + InfoboxUpdateResult { + + protected static JAXBElement RESPONSE; + + static { + ObjectFactory factory = new ObjectFactory(); + InfoboxUpdateResponseType type = factory.createInfoboxUpdateResponseType(); + RESPONSE = factory.createInfoboxUpdateResponse(type); + } + + @Override + public void writeTo(Result result, Templates templates) { + writeTo(RESPONSE, result, templates); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java index 9a3a2984..ed055b69 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java @@ -16,22 +16,11 @@ */ package at.gv.egiz.bku.slcommands.impl; -import java.util.Iterator; -import java.util.List; -import java.util.NoSuchElementException; - -import javax.xml.bind.JAXBElement; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slcommands.SLCommand; -import at.gv.egiz.bku.slcommands.SLCommandContext; -import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.stal.ErrorResponse; -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; +import javax.xml.bind.JAXBElement; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; /** * This class serves as abstract base class for the implementation of a security @@ -47,19 +36,18 @@ public abstract class SLCommandImpl implements SLCommand { /** * The SLCommandContext for this SLCommand. */ - protected SLCommandContext cmdCtx; + protected SLCommandContext cmdCtx; + + /** + * The STAL helper. + */ + protected STALHelper stalHelper; /** * The request element of this command. */ protected JAXBElement request; - /** - * An iterator over the STALResponses received in - * {@link SLCommandImpl#requestSTAL(List)}. - */ - protected Iterator stalResponses; - @SuppressWarnings("unchecked") @Override public void init(SLCommandContext ctx, Object request) @@ -67,8 +55,8 @@ public abstract class SLCommandImpl implements SLCommand { this.request = (JAXBElement) request; - this.cmdCtx = ctx; - assert this.cmdCtx != null; + this.cmdCtx = ctx; + stalHelper = new STALHelper(cmdCtx.getSTAL()); } @@ -90,73 +78,4 @@ public abstract class SLCommandImpl implements SLCommand { protected SLCommandContext getCmdCtx() { return cmdCtx; } - - /** - * Calls {@link STAL#handleRequest(List)} with the given - * stalRequests. - * - * @param stalRequests - * @throws SLCommandException - */ - protected void requestSTAL(List stalRequests) throws SLCommandException { - List responses = cmdCtx.getSTAL().handleRequest(stalRequests); - if (responses == null) { - Log log = LogFactory.getLog(this.getClass()); - log.info("Received no responses from STAL."); - throw new SLCommandException(4000); - } else if (responses.size() != stalRequests.size()) { - Log log = LogFactory.getLog(this.getClass()); - log.info("Received invalid count of responses from STAL. Expected " - + stalRequests.size() + ", but got " + responses.size() + "."); - // throw new SLCommandException(4000); - } - stalResponses = responses.iterator(); - } - - /** - * @return true if there are more {@link STALResponse}s to be - * fetched with {@link #nextResponse(Class)}, or false - * otherwise. - */ - protected boolean hasNextResponse() { - return (stalResponses != null) ? stalResponses.hasNext() : false; - } - - /** - * Returns the next response of type responseClass that has been - * received by {@link #requestSTAL(List)}. - * - * @param responseClass - * the response must be an instance of - * @return the next response of type responseClass - * - * @throws NoSuchElementException - * if there is no more response - * @throws SLCommandException - * if the next response is of type {@link ErrorResponse} or not of - * type responseClass - */ - protected STALResponse nextResponse( - Class responseClass) throws SLCommandException { - - if (stalResponses == null) { - throw new NoSuchElementException(); - } - - STALResponse response = stalResponses.next(); - - if (response instanceof ErrorResponse) { - throw new SLCommandException(((ErrorResponse) response).getErrorCode()); - } - - if (!(responseClass.isAssignableFrom(response.getClass()))) { - Log log = LogFactory.getLog(this.getClass()); - log.info("Received " + response.getClass() + " from STAL but expected " - + responseClass); - throw new SLCommandException(4000); - } - - return response; - - } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java new file mode 100644 index 00000000..969288c1 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java @@ -0,0 +1,218 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; + +import java.io.ByteArrayInputStream; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.NoSuchElementException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +/** + * A helper class for transmitting {@link STALRequest}s and obtaining their + * respective {@link STALResponse}s. + * + * @author mcentner + */ +public class STALHelper { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(STALHelper.class); + + /** + * The STAL implementation. + */ + private STAL stal; + + /** + * An iterator over the STALResponses received in + * {@link SLCommandImpl#transmitSTALRequest(List)}. + */ + protected Iterator stalResponses; + + /** + * Creates a new instance of this STALHelper with the given + * stal. + * + * @param stal the STAL to be used + */ + public STALHelper(STAL stal) { + if (stal == null) { + throw new NullPointerException("Argument 'stal' must not be null."); + } + this.stal = stal; + } + + /** + * Calls {@link STAL#handleRequest(List)} with the given + * stalRequests. + * + * @param stalRequests + * @throws SLCommandException + */ + public void transmitSTALRequest(List stalRequests) throws SLCommandException { + List responses = stal.handleRequest(stalRequests); + if (responses == null) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received no responses from STAL."); + throw new SLCommandException(4000); + } else if (responses.size() != stalRequests.size()) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received invalid count of responses from STAL. Expected " + + stalRequests.size() + ", but got " + responses.size() + "."); + // throw new SLCommandException(4000); + } + stalResponses = responses.iterator(); + } + + /** + * @return true if there are more {@link STALResponse}s to be + * fetched with {@link #nextResponse(Class)}, or false + * otherwise. + */ + public boolean hasNextResponse() { + return (stalResponses != null) ? stalResponses.hasNext() : false; + } + + /** + * Returns the next response of type responseClass that has been + * received by {@link #transmitSTALRequest(List)}. + * + * @param responseClass + * the response must be an instance of + * @return the next response of type responseClass + * + * @throws NoSuchElementException + * if there is no more response + * @throws SLCommandException + * if the next response is of type {@link ErrorResponse} or not of + * type responseClass + */ + public STALResponse nextResponse( + Class responseClass) throws SLCommandException { + + if (stalResponses == null) { + throw new NoSuchElementException(); + } + + STALResponse response = stalResponses.next(); + + if (response instanceof ErrorResponse) { + throw new SLCommandException(((ErrorResponse) response).getErrorCode()); + } + + if (!(responseClass.isAssignableFrom(response.getClass()))) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received " + response.getClass() + " from STAL but expected " + + responseClass); + throw new SLCommandException(4000); + } + + return response; + + } + + /** + * Gets the list of certificates from the next STAL responses. + * + * @return the list of certificates + * + * @throws SLCommandException if getting the list of certificates fails + */ + public List getCertificatesFromResponses() throws SLCommandException { + + List certificates = new ArrayList(); + + CertificateFactory certFactory; + try { + certFactory = CertificateFactory.getInstance("X509"); + } catch (CertificateException e) { + // we should always be able to get an X509 certificate factory + log.error("CertificateFactory.getInstance(\"X509\") failed.", e); + throw new SLRuntimeException(e); + } + + InfoboxReadResponse response; + while(hasNextResponse()) { + response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); + byte[] cert = response.getInfoboxValue(); + try { + certificates.add((X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(cert))); + } catch (CertificateException e) { + log.info("Failed to decode certificate.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { "Certificates" }); + } + } + + return certificates; + + } + + /** + * Gets the IdentitiyLink form the next STAL response. + * + * @return the IdentityLink + * + * @throws SLCommandException if getting the IdentitiyLink fails + */ + public IdentityLink getIdentityLinkFromResponses() throws SLCommandException { + + // IdentityLink + InfoboxReadResponse response; + if (hasNextResponse()) { + response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); + byte[] idLink = response.getInfoboxValue(); + try { + return new IdentityLink(DerCoder.decode(idLink)); + } catch (CodingException e) { + log.info("Failed to decode infobox 'IdentityLink'.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { "IdentityLink" }); + } + } else { + log.info("No infobox 'IdentityLink' returned from STAL."); + throw new SLCommandException(4000); + } + + } + + +} diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml deleted file mode 100644 index 885e35f3..00000000 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml +++ /dev/null @@ -1,36 +0,0 @@ - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml new file mode 100644 index 00000000..13365931 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml @@ -0,0 +1,53 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file -- cgit v1.2.3 From e51d51cf7f51a54b5e4e3414ac428fc6eecf5d8d Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 5 Dec 2008 09:28:44 +0000 Subject: Fixed issue in InfoboxFactory. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@233 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java index 4a03fe74..e9736f6d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java @@ -80,7 +80,7 @@ public class InfoboxFactory { for (String key : infoboxImplMap.keySet()) { Class impl = (Class) cl.loadClass(infoboxImplMap.get(key)); log.debug("Registering infobox '" + key + "' implementation '" + impl.getCanonicalName() + "'."); - implementations.put(key, impl); + implMap.put(key, impl); } implementations = implMap; } -- cgit v1.2.3 From 3e101b29f0ac1efa5088ba953bea0acbba932339 Mon Sep 17 00:00:00 2001 From: wbauer Date: Fri, 5 Dec 2008 11:41:29 +0000 Subject: Feature Request #362 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@234 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUOnline/src/main/webapp/appletPage.jsp | 2 +- .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 25 +++++++++++-- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 42 +++++++++++++++++++--- .../gv/egiz/bku/binding/DataUrlConnectionSPI.java | 17 ++++++++- .../bku/binding/LegacyDataUrlConnectionImpl.java | 24 +++++++++++++ .../java/at/gv/egiz/bku/conf/Configurator.java | 15 ++++---- .../gv/egiz/bku/binding/TestDataUrlConnection.java | 15 ++++++++ .../egiz/bku/slcommands/testApplicationContext.xml | 8 ++--- 8 files changed, 125 insertions(+), 23 deletions(-) (limited to 'bkucommon/src/main') diff --git a/BKUOnline/src/main/webapp/appletPage.jsp b/BKUOnline/src/main/webapp/appletPage.jsp index 366a390a..ee5f429c 100644 --- a/BKUOnline/src/main/webapp/appletPage.jsp +++ b/BKUOnline/src/main/webapp/appletPage.jsp @@ -55,7 +55,7 @@ GuiStyle : '<%=guiStyle%>', Locale : '<%=locale%>', Background : '<%=backgroundImg%>', - WSDL_URL :'../stal?wsdl', + WSDL_URL :'../stal;jsessionid=<%=session.getId()%>?wsdl', HelpURL : '../help/', HashDataDisplay : '<%=hashDataDisplay%>', HashDataURL : '../hashDataInput', diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index 531772cf..2e2cc38a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -20,6 +20,9 @@ import java.net.MalformedURLException; import java.net.URL; import java.util.Properties; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -32,7 +35,10 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class DataUrl { private static DataUrlConnectionSPI defaultDataUrlConnection = new DataUrlConnectionImpl(); private static Log log = LogFactory.getLog(DataUrl.class); - private static Properties configuration; + private static Properties configuration; + private static SSLSocketFactory sslSocketFactory; + private static HostnameVerifier hostNameVerifier; + private URL url; @@ -44,7 +50,10 @@ public class DataUrl { if (dataUrlConnection == null) { throw new NullPointerException("Default dataurlconnection must not be set to null"); } - defaultDataUrlConnection = dataUrlConnection; + defaultDataUrlConnection = dataUrlConnection; + defaultDataUrlConnection.setConfiguration(configuration); + defaultDataUrlConnection.setSSLSocketFactory(sslSocketFactory); + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier); } public DataUrl(String aUrlString) throws MalformedURLException { @@ -66,5 +75,15 @@ public class DataUrl { public static void setConfiguration(Properties props) { configuration = props; defaultDataUrlConnection.setConfiguration(configuration); - } + } + + public static void setSSLSocketFactory(SSLSocketFactory socketFactory) { + sslSocketFactory = socketFactory; + defaultDataUrlConnection.setSSLSocketFactory(socketFactory); + } + + public static void setHostNameVerifier(HostnameVerifier hostNameVerifier) { + DataUrl.hostNameVerifier = hostNameVerifier; + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier); + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 6ad0bb78..408330cc 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -31,7 +31,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.httpclient.methods.multipart.FilePart; import org.apache.commons.httpclient.methods.multipart.Part; @@ -51,11 +53,12 @@ import at.gv.egiz.bku.utils.binding.Protocol; * */ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { - + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; + protected X509Certificate serverCertificate; protected Protocol protocol; protected URL url; @@ -64,6 +67,8 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { protected ArrayList formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -84,6 +89,21 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + log.trace("Detected ssl connection"); + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } else { + log.trace("No custom socket factory set"); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + } + } else { + log.trace("No secure connection with: "+url+ " class="+connection.getClass()); + } connection.setDoOutput(true); Set headers = requestHttpHeaders.keySet(); Iterator headerIt = headers.iterator(); @@ -91,13 +111,13 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { String name = headerIt.next(); connection.setRequestProperty(name, requestHttpHeaders.get(name)); } - log.trace("Connecting to: "+url); + log.trace("Connecting to: " + url); connection.connect(); if (connection instanceof HttpsURLConnection) { HttpsURLConnection ssl = (HttpsURLConnection) connection; X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); if ((certs != null) && (certs.length >= 1)) { - log.trace("Server certificate: "+certs[0]); + log.trace("Server certificate: " + certs[0]); serverCertificate = certs[0]; } } @@ -155,8 +175,9 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { } catch (IOException iox) { log.info(iox); } - log.trace("Reading response"); - result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); + log.trace("Reading response"); + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), + is); Map responseHttpHeaders = new HashMap(); Map> httpHeaders = connection.getHeaderFields(); for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt @@ -227,6 +248,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public DataUrlConnectionSPI newInstance() { DataUrlConnectionSPI uc = new DataUrlConnectionImpl(); uc.setConfiguration(config); + uc.setSSLSocketFactory(sslSocketFactory); return uc; } @@ -239,4 +261,14 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java index 80cc3a0b..f838b919 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java @@ -18,6 +18,9 @@ package at.gv.egiz.bku.binding; import java.net.URL; import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; /** * Prototype of a DataurlconnectionSPI @@ -43,7 +46,19 @@ public interface DataUrlConnectionSPI extends DataUrlConnection { * Sets configuration parameters for this connection * @param config */ - public void setConfiguration(Properties config); + public void setConfiguration(Properties config); + + /** + * Sets the socketfactory to be used for ssl connections. + * @param socketFactory if null the socket factory will not be set explicitly + */ + public void setSSLSocketFactory(SSLSocketFactory socketFactory); + + /** + * Sets the hostname verifier to be used, + * @param hostnameVerifier if null the default hostname verifier will be used + */ + public void setHostnameVerifier(HostnameVerifier hostnameVerifier); } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java index 5339d689..ef8034aa 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -19,7 +19,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import javax.xml.transform.stream.StreamResult; import org.apache.commons.logging.Log; @@ -48,6 +50,8 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { protected Map formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -68,6 +72,16 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + } + } connection.setDoOutput(true); Set headers = requestHttpHeaders.keySet(); Iterator headerIt = headers.iterator(); @@ -227,4 +241,14 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 6078de36..e37d107f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -80,7 +80,7 @@ public abstract class Configurator { log.error("Cannot add trusted ca", e); } } - return caCerts.toArray(new X509Certificate[caCerts.size()]); + return caCerts.toArray(new X509Certificate[caCerts.size()]); } else { log.warn("No CA certificates configured"); } @@ -196,10 +196,9 @@ public abstract class Configurator { String version = p.getProperty("Implementation-Build"); properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, "citizen-card-environment/1.2 MOCCA " + version); - log - .debug("Setting user agent to: " - + properties - .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); + log.debug("Setting user agent to: " + + properties + .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); } else { log.warn("Cannot read manifest"); properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, @@ -256,7 +255,7 @@ public abstract class Configurator { getCertDir(), getCADir(), caCerts); sslCtx.init(km, new TrustManager[] { pkixTM }, null); } - HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); + DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory()); } catch (Exception e) { log.error("Cannot configure SSL", e); } @@ -264,7 +263,7 @@ public abstract class Configurator { log.warn("---------------------------------"); log.warn(" Disabling Hostname Verification "); log.warn("---------------------------------"); - HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { + DataUrl.setHostNameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; @@ -273,8 +272,6 @@ public abstract class Configurator { } } - - public void setCertValidator(CertValidator certValidator) { this.certValidator = certValidator; } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java index 8a607b80..0a24b5c5 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java @@ -26,6 +26,9 @@ import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -131,5 +134,17 @@ public class TestDataUrlConnection implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { // TODO Auto-generated method stub + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + // TODO Auto-generated method stub + + } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + // TODO Auto-generated method stub + } } diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml index 13365931..a7b588aa 100644 --- a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml @@ -39,14 +39,14 @@ + value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" /> - + -- cgit v1.2.3 From 5bd89b042a7d72fbb94feeaac38d6d4519f50dcd Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 5 Dec 2008 13:54:23 +0000 Subject: bindingProcessor (coordinator, bpManager, requesthandler) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@235 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 9757f7cc..5b061850 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -49,9 +49,10 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { private static Log log = LogFactory.getLog(BindingProcessorManagerImpl.class); + protected STALFactory stalFactory; + protected SLCommandInvoker commandInvokerClass; + private RemovalStrategy removalStrategy; - private STALFactory stalFactory; - private SLCommandInvoker commandInvokerClass; private ExecutorService executorService; private Map contextMap = Collections.synchronizedMap(new HashMap()); // private Map bindingProcessorMap = Collections -- cgit v1.2.3 From 2df9621154ad057f6cace73efe49c9ef42515fde Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 9 Dec 2008 08:14:43 +0000 Subject: Refactored STAL interface. Additional infobox functionality. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@236 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/local/stal/LocalBKUWorker.java | 4 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 9 +- .../stal/service/impl/STALRequestBrokerImpl.java | 2 +- STAL/src/main/java/at/gv/egiz/stal/STAL.java | 2 +- .../gv/egiz/bku/slcommands/SLCommandFactory.java | 38 +++- .../slcommands/impl/AbstractBinaryFileInfobox.java | 4 +- .../impl/AbstractInfoboxCommandImpl.java | 9 + .../bku/slcommands/impl/AbstractInfoboxImpl.java | 19 ++ .../slcommands/impl/CardChannelInfoboxImpl.java | 235 +++++++++++++++++++++ .../at/gv/egiz/bku/slcommands/impl/Infobox.java | 21 +- .../slcommands/impl/InfoboxReadCommandImpl.java | 9 - .../bku/slcommands/impl/InfoboxReadResultImpl.java | 12 ++ .../slcommands/impl/InfoboxUpdateCommandImpl.java | 124 ++--------- .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 56 +++++ .../at/gv/egiz/bku/slcommands/impl/STALHelper.java | 2 +- .../test/java/at/gv/egiz/stal/dummy/DummySTAL.java | 2 +- .../at/gv/egiz/smcc/AbstractSignatureCard.java | 30 ++- smcc/src/main/java/at/gv/egiz/smcc/SWCard.java | 12 +- .../main/java/at/gv/egiz/smcc/SignatureCard.java | 12 +- .../java/at/gv/egiz/smcc/SignatureCardFactory.java | 8 +- .../main/java/at/gv/egiz/smcc/util/SMCCHelper.java | 4 +- .../java/at/gv/egiz/smcc/util/SmartCardIO.java | 9 +- .../at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java | 2 +- .../java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java | 15 +- .../at/gv/egiz/bku/utils/DebugOutputStream.java | 48 +++++ .../java/at/gv/egiz/bku/utils/DebugReader.java | 58 +++++ .../java/at/gv/egiz/bku/utils/DebugWriter.java | 55 +++++ 27 files changed, 657 insertions(+), 144 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java create mode 100644 utils/src/main/java/at/gv/egiz/bku/utils/DebugOutputStream.java create mode 100644 utils/src/main/java/at/gv/egiz/bku/utils/DebugReader.java create mode 100644 utils/src/main/java/at/gv/egiz/bku/utils/DebugWriter.java (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java index 57b159ad..91d0aba0 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java @@ -22,6 +22,8 @@ import at.gv.egiz.stal.QuitRequest; import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.ext.APDUScriptRequest; + import java.util.List; import javax.swing.JDialog; @@ -40,7 +42,7 @@ public class LocalBKUWorker extends AbstractBKUWorker { } @Override - public List handleRequest(List requestList) { + public List handleRequest(List requestList) { signatureCard = null; List responses = super.handleRequest(requestList); // container.setVisible(false); diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index 5ac12ece..eb7d5b7a 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -59,6 +59,9 @@ + @@ -76,9 +79,9 @@ - - - + diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java index e7fb928a..5e3a1a99 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java @@ -85,7 +85,7 @@ public class STALRequestBrokerImpl implements STALRequestBroker { * @pre requests: either single SignRequest, QuitRequest or multiple ReadInfoboxRequests */ @Override - public List handleRequest(List stalRequests) { + public List handleRequest(List stalRequests) { if (interrupted) { return null; } diff --git a/STAL/src/main/java/at/gv/egiz/stal/STAL.java b/STAL/src/main/java/at/gv/egiz/stal/STAL.java index de29de9a..7fa7cb45 100644 --- a/STAL/src/main/java/at/gv/egiz/stal/STAL.java +++ b/STAL/src/main/java/at/gv/egiz/stal/STAL.java @@ -32,7 +32,7 @@ public interface STAL { * @param aRequestList * @return */ - public List handleRequest(List aRequestList); + public List handleRequest(List aRequestList); /** * Sets the preferred locale for userinteraction (e.g. PIN dialogs). diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java index 9c98ef8a..bec2b253 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.slcommands; import java.io.IOException; +import java.io.Reader; import java.net.URL; import java.util.HashMap; import java.util.Map; @@ -41,10 +42,12 @@ import org.apache.commons.logging.LogFactory; import org.xml.sax.SAXException; import org.xml.sax.SAXParseException; +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLExceptionMessages; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.DebugReader; import at.gv.egiz.slbinding.RedirectEventFilter; import at.gv.egiz.slbinding.RedirectUnmarshallerListener; @@ -163,8 +166,9 @@ public class SLCommandFactory { if (jaxbContext == null) { try { String slPkg = at.buergerkarte.namespaces.securitylayer._1.ObjectFactory.class.getPackage().getName(); - String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); - setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg)); + String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); + String cardChannelPkg = at.buergerkarte.namespaces.cardchannel.ObjectFactory.class.getPackage().getName(); + setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg + ":" + cardChannelPkg)); } catch (JAXBException e) { log.error("Failed to setup JAXBContext security layer request.", e); throw new SLRuntimeException(e); @@ -325,12 +329,31 @@ public class SLCommandFactory { */ @SuppressWarnings("unchecked") public SLCommand createSLCommand(Source source, SLCommandContext context) - throws SLCommandException, SLRuntimeException, SLRequestException { + throws SLCommandException, SLRuntimeException, SLRequestException { + + DebugReader dr = null; + if (log.isTraceEnabled() && source instanceof StreamSource) { + StreamSource streamSource = (StreamSource) source; + if (streamSource.getReader() != null) { + dr = new DebugReader(streamSource.getReader(), "SLCommand unmarshalled from:\n"); + streamSource.setReader(dr); + } + } - Object object = unmarshal(source); + Object object; + try { + object = unmarshal(source); + } catch (SLRequestException e) { + throw e; + } finally { + if (dr != null) { + log.trace(dr.getCachedString()); + } + } + if (!(object instanceof JAXBElement)) { // invalid request - log.info("Invalid security layer request. " + object.toString()); + log.info("Invalid security layer request. " + object.toString()); throw new SLRequestException(3002, SLExceptionMessages.EC3002_INVALID, new Object[]{object.toString()}); } @@ -343,7 +366,9 @@ public class SLCommandFactory { throw new SLCommandException(4011, SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()}); } - + + + // try to instantiate SLCommand slCommand; try { @@ -360,6 +385,7 @@ public class SLCommandFactory { e); throw new SLRuntimeException(e); } + slCommand.init(context, (JAXBElement) object); return slCommand; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java index 07ca639c..23394bd5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java @@ -37,7 +37,7 @@ public abstract class AbstractBinaryFileInfobox extends AbstractInfoboxImpl impl /** * Is this infobox' content an XML entity? */ - private boolean isXMLEntity = false; + protected boolean isXMLEntity = false; /** * @return true if this infobox' content is an XML entity or false otherwise. @@ -61,8 +61,6 @@ public abstract class AbstractBinaryFileInfobox extends AbstractInfoboxImpl impl } } - - } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java index 305769a8..8a7edb71 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java @@ -52,4 +52,13 @@ public abstract class AbstractInfoboxCommandImpl extends SLCommandImpl { */ protected abstract String getInfoboxIdentifier(T request); + + public String getInfoboxIdentifier() { + if (infobox != null) { + return infobox.getIdentifier(); + } else { + return null; + } + } + } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java index e5c7afcc..564cb8ff 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java @@ -16,6 +16,13 @@ */ package at.gv.egiz.bku.slcommands.impl; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + /** * An abstract base class for {@link Infobox} implementations. * @@ -23,4 +30,16 @@ package at.gv.egiz.bku.slcommands.impl; */ public abstract class AbstractInfoboxImpl implements Infobox { + @Override + public InfoboxReadResult read(InfoboxReadRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + throw new SLCommandException(4011); + } + + @Override + public InfoboxUpdateResult update(InfoboxUpdateRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + throw new SLCommandException(4011); + } + } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java new file mode 100644 index 00000000..4b1cc779 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java @@ -0,0 +1,235 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.WeakHashMap; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.cardchannel.ATRType; +import at.buergerkarte.namespaces.cardchannel.CommandAPDUType; +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; +import at.buergerkarte.namespaces.cardchannel.ResetType; +import at.buergerkarte.namespaces.cardchannel.ResponseAPDUType; +import at.buergerkarte.namespaces.cardchannel.ResponseType; +import at.buergerkarte.namespaces.cardchannel.ScriptType; +import at.buergerkarte.namespaces.cardchannel.VerifyAPDUType; +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.ext.APDUScriptRequest; +import at.gv.egiz.stal.ext.APDUScriptResponse; +import at.gv.egiz.stal.ext.APDUScriptRequest.RequestScriptElement; +import at.gv.egiz.stal.ext.APDUScriptResponse.ResponseScriptElement; + +public class CardChannelInfoboxImpl extends AbstractBinaryFileInfobox { + + private static Log log = LogFactory.getLog(CardChannelInfoboxImpl.class); + + private static WeakHashMap> scriptResults = new WeakHashMap>(); + + private static JAXBContext jaxbContext; + + static { + try { + jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage().getName()); + } catch (JAXBException e) { + throw new SLRuntimeException("Failed to initalize CardChannel infobox.", e); + } + } + + public CardChannelInfoboxImpl() { + isXMLEntity = true; + } + + @Override + public String getIdentifier() { + return "CardChannel"; + } + + @Override + public InfoboxReadResult read(InfoboxReadRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + + at.buergerkarte.namespaces.securitylayer._1.ObjectFactory objectFactory + = new at.buergerkarte.namespaces.securitylayer._1.ObjectFactory(); + + Base64XMLContentType content = objectFactory.createBase64XMLContentType(); + XMLContentType xmlContent = objectFactory.createXMLContentType(); + content.setXMLContent(xmlContent); + + JAXBElement response = scriptResults.get(cmdCtx.getSTAL()); + if (response != null) { + xmlContent.getContent().add(response); + } + + return new InfoboxReadResultImpl(content); + + } + + @SuppressWarnings("unchecked") + @Override + public InfoboxUpdateResult update(InfoboxUpdateRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + + Base64XMLContentType binaryFileParameters = request.getBinaryFileParameters(); + + if (binaryFileParameters.getBase64Content() != null) { + log.info("Got Base64Content but ContentIsXMLEntity is true."); + throw new SLCommandException(4010); + } + + XMLContentType content = binaryFileParameters.getXMLContent(); + if (content instanceof at.gv.egiz.slbinding.impl.XMLContentType) { + + ByteArrayOutputStream redirectedStream = ((at.gv.egiz.slbinding.impl.XMLContentType) content).getRedirectedStream(); + if (redirectedStream != null) { + + if (log.isDebugEnabled()) { + + StringBuilder sb = new StringBuilder(); + sb.append("CardChannel script:\n"); + try { + sb.append(new String(redirectedStream.toByteArray(), "UTF-8")); + } catch (UnsupportedEncodingException e) { + sb.append(e.getMessage()); + } + log.debug(sb.toString()); + } + + Object object; + try { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + object = unmarshaller.unmarshal(new ByteArrayInputStream(redirectedStream.toByteArray())); + } catch (JAXBException e) { + log.info("Failed to parse CardChannel script.", e); + throw new SLCommandException(4011); + } + + if (object instanceof JAXBElement) { + executeCardChannelScript(((JAXBElement) object).getValue(), cmdCtx); + return new InfoboxUpdateResultImpl(); + } + + } + + + } + log.info("Infobox identifier is '" + getIdentifier() + "' but XMLContent does not contain 'Script'."); + throw new SLCommandException(4010); + + } + + protected void executeCardChannelScript(ScriptType script, + SLCommandContext cmdCtx) throws SLCommandException { + + List resetOrCommandAPDUOrVerifyAPDU = script.getResetOrCommandAPDUOrVerifyAPDU(); + List requestScript = new ArrayList(); + + for (Object element : resetOrCommandAPDUOrVerifyAPDU) { + + if (element instanceof ResetType) { + + requestScript.add(new APDUScriptRequest.Reset()); + + } else if (element instanceof CommandAPDUType) { + + CommandAPDUType commandAPDU = (CommandAPDUType) element; + int sequence = (commandAPDU.getSequence() != null) + ? commandAPDU.getSequence().intValue() + : 0; + + requestScript.add( + new APDUScriptRequest.Command( + sequence, + commandAPDU.getValue(), + commandAPDU.getExpectedSW())); + + } else if (element instanceof VerifyAPDUType) { + log.warn("CardChannel script command 'VerifyAPDU' not implemented."); + throw new SLCommandException(4011); + } + } + + APDUScriptRequest scriptRequest = new APDUScriptRequest(requestScript); + + STAL stal = cmdCtx.getSTAL(); + STALHelper helper = new STALHelper(stal); + + helper.transmitSTALRequest(Collections.singletonList(scriptRequest)); + + List responseScript = ((APDUScriptResponse) helper + .nextResponse(APDUScriptResponse.class)).getScript(); + + ObjectFactory objectFactory = new ObjectFactory(); + + ResponseType responseType = objectFactory.createResponseType(); + + + for (ResponseScriptElement element : responseScript) { + + if (element instanceof APDUScriptResponse.ATR) { + + byte[] atr = ((APDUScriptResponse.ATR) element).getAtr(); + + ATRType atrType = objectFactory.createATRType(); + atrType.setValue(atr); + atrType.setRc(BigInteger.ZERO); + responseType.getATROrResponseAPDU().add(atrType); + + } else if (element instanceof APDUScriptResponse.Response) { + + APDUScriptResponse.Response response = (APDUScriptResponse.Response) element; + + ResponseAPDUType responseAPDUType = objectFactory.createResponseAPDUType(); + responseAPDUType.setSequence(BigInteger.valueOf(response.getSequence())); +// if (response.getRc() != 0) { + responseAPDUType.setRc(BigInteger.valueOf(response.getRc())); +// } + responseAPDUType.setSw(response.getSw()); + responseAPDUType.setValue(response.getApdu()); + + responseType.getATROrResponseAPDU().add(responseAPDUType); + } + + } + + scriptResults.put(stal, objectFactory.createResponse(responseType)); + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java index a6f8cbb2..99d62721 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java @@ -17,7 +17,9 @@ package at.gv.egiz.bku.slcommands.impl; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; import at.gv.egiz.bku.slcommands.SLCommandContext; import at.gv.egiz.bku.slexceptions.SLCommandException; @@ -44,10 +46,25 @@ public interface Infobox { * * @return the data read from this infobox as InfoboxReadResult * - * @throws SLCommandException - * if reading from this infobox fails + * @throws SLCommandException + * + * if reading from this infobox fails */ public InfoboxReadResult read(InfoboxReadRequestType request, SLCommandContext cmdCtx) throws SLCommandException; + /** + * Update data in this infobox. + * + * @param request + * the InfoboxUpdateRequest + * @param cmdCtx + * the command context + * @return a corresponding InfoboxUpdateResult + * @throws SLCommandException + * if updating this infobox fails + */ + public InfoboxUpdateResult update(InfoboxUpdateRequestType request, + SLCommandContext cmdCtx) throws SLCommandException; + } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index aaa786a6..693f444f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -83,7 +83,6 @@ public class InfoboxReadCommandImpl extends AbstractInfoboxCommandImpl implements InfoboxUpdateCommand { + AbstractInfoboxCommandImpl implements InfoboxUpdateCommand { private static Log log = LogFactory.getLog(InfoboxUpdateCommandImpl.class); - public static final String INFOBOX_IDENTIFIER_CARD_CHANNEL = "CardChannel"; + @Override + public String getName() { + return "InfoboxUpdateRequest"; + } - protected String infoboxIdentifier; - - protected List cardChannelScript; - @Override - public String getInfoboxIdentifier() { - return infoboxIdentifier; + protected String getInfoboxIdentifier(InfoboxUpdateRequestType request) { + return request.getInfoboxIdentifier(); } - + @Override - public void init(SLCommandContext ctx, Object request) - throws SLCommandException { + public void init(SLCommandContext ctx, Object request) throws SLCommandException { super.init(ctx, request); InfoboxUpdateRequestType req = getRequestValue(); - infoboxIdentifier = req.getInfoboxIdentifier(); + if (req.getAssocArrayParameters() != null && + !(infobox instanceof AssocArrayInfobox)) { + log.info("Got AssocArrayParameters but Infobox type is not AssocArray."); + throw new SLCommandException(4010); + } - if (INFOBOX_IDENTIFIER_CARD_CHANNEL.equals(infoboxIdentifier)) { - - if (req.getAssocArrayParameters() != null) { - log.info("Got AssocArrayParameters but Infobox type is BinaryFile."); - throw new SLCommandException(4010); - } - - Base64XMLContentType binaryFileParameters = req.getBinaryFileParameters(); - if (binaryFileParameters == null) { - log.info("Got no BinaryFileParameters but Infobox type is BinaryFile."); - throw new SLCommandException(4010); - } - - if (binaryFileParameters.getBase64Content() == null) { - log.info("Got Base64Content but ContentIsXMLEntity is true."); - throw new SLCommandException(4010); - } - - List content = binaryFileParameters.getXMLContent().getContent(); - if (content.isEmpty()) { - log.info("Got no XMLContent but ContentIsXMLEntity is true."); - throw new SLCommandException(4010); - } - - for (Object element : content) { - if (!(element instanceof ScriptType)) { - log.info("Infobox identifier is '" + infoboxIdentifier + "' but XMLContent does not contain 'Script'."); - throw new SLCommandException(4010); - } - - setCardChannelScript(((ScriptType) element).getResetOrCommandAPDUOrVerifyAPDU()); - } - - if (getCardChannelScript() == null) { - log.info("Infobox identifier is '" + infoboxIdentifier + "' but XMLContent does not contain 'Script'."); - throw new SLCommandException(4010); - } - - } else { - throw new SLCommandException(4002, - SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, - new Object[] { infoboxIdentifier }); + if (req.getBinaryFileParameters() != null && + !(infobox instanceof BinaryFileInfobox)) { + log.info("Got BinaryFileParameters but Infobox type is not BinaryFile."); + throw new SLCommandException(4010); } } - public List getCardChannelScript() { - return cardChannelScript; - } - - public void setCardChannelScript(List cardChannelScript) { - this.cardChannelScript = cardChannelScript; - } - @Override public SLResult execute() { try { - if (INFOBOX_IDENTIFIER_CARD_CHANNEL.equals(getInfoboxIdentifier())) { - - executeCardChannelScript(); - return new InfoboxUpdateResultImpl(); - - } else { - throw new SLCommandException(4002, - SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, - new Object[] { infoboxIdentifier }); - } + return infobox.update(getRequestValue(), getCmdCtx()); } catch (SLCommandException e) { - return new ErrorResultImpl(e, cmdCtx.getLocale()); + return new ErrorResultImpl(e, getCmdCtx().getLocale()); } } - - protected void executeCardChannelScript() throws SLCommandException { - - if (cardChannelScript != null) { - - for (Object element : cardChannelScript) { - if (element instanceof ResetType) { - - } else if (element instanceof CommandAPDUType) { - - } else if (element instanceof VerifyAPDUType) { - - } - } - - } - - } - - @Override - public String getName() { - return "InfoboxUpdateRequest"; - } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java index 80bbdca8..99a3b119 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.slcommands.impl; +import java.io.UnsupportedEncodingException; import java.util.Locale; import javax.xml.bind.JAXBContext; @@ -32,6 +33,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.sax.SAXTransformerFactory; import javax.xml.transform.sax.TransformerHandler; +import javax.xml.transform.stream.StreamResult; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -45,6 +47,8 @@ import at.gv.egiz.bku.slexceptions.SLBindingException; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.DebugOutputStream; +import at.gv.egiz.bku.utils.DebugWriter; /** * This class serves as an abstract base class for the implementation of a @@ -128,6 +132,20 @@ public abstract class SLResultImpl implements SLResult { * @param templates */ protected void writeTo(JAXBElement response, Result result, Templates templates) { + + DebugWriter dw = null; + DebugOutputStream ds = null; + if (log.isTraceEnabled() && result instanceof StreamResult) { + StreamResult streamResult = (StreamResult) result; + if (streamResult.getOutputStream() != null) { + ds = new DebugOutputStream(streamResult.getOutputStream()); + streamResult.setOutputStream(ds); + } + if (streamResult.getWriter() != null) { + dw = new DebugWriter(streamResult.getWriter()); + streamResult.setWriter(dw); + } + } TransformerHandler transformerHandler = null; if (templates != null) { @@ -151,10 +169,36 @@ public abstract class SLResultImpl implements SLResult { writeErrorTo(commandException, result, templates); } + if (ds != null) { + try { + log.trace("Marshalled result:\n" + new String(ds.getBufferedBytes(), "UTF-8")); + } catch (UnsupportedEncodingException e) { + log.trace(e.getMessage()); + } + } + + if (dw != null) { + log.trace("Marshalled result:\n" + dw.getBufferedString()); + } + } protected void writeTo(Node node, Result result, Templates templates) { + DebugWriter dw = null; + DebugOutputStream ds = null; + if (log.isTraceEnabled() && result instanceof StreamResult) { + StreamResult streamResult = (StreamResult) result; + if (streamResult.getOutputStream() != null) { + ds = new DebugOutputStream(streamResult.getOutputStream()); + streamResult.setOutputStream(ds); + } + if (streamResult.getWriter() != null) { + dw = new DebugWriter(streamResult.getWriter()); + streamResult.setWriter(dw); + } + } + if (templates == null) { try { TransformerFactory transformerFactory = TransformerFactory.newInstance(); @@ -179,7 +223,19 @@ public abstract class SLResultImpl implements SLResult { writeErrorTo(new SLException(2008), result, templates); } } + + if (ds != null) { + try { + log.trace("Marshalled result:\n" + new String(ds.getBufferedBytes(), "UTF-8")); + } catch (UnsupportedEncodingException e) { + log.trace(e.getMessage()); + } + } + if (dw != null) { + log.trace("Marshalled result:\n" + dw.getBufferedString()); + } + } protected void writeErrorTo(SLException slException, Result result, Templates templates) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java index 969288c1..0c7ce3f5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java @@ -85,7 +85,7 @@ public class STALHelper { * @param stalRequests * @throws SLCommandException */ - public void transmitSTALRequest(List stalRequests) throws SLCommandException { + public void transmitSTALRequest(List stalRequests) throws SLCommandException { List responses = stal.handleRequest(stalRequests); if (responses == null) { Log log = LogFactory.getLog(this.getClass()); diff --git a/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java b/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java index 2ea0bae0..dd8b8c8f 100644 --- a/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java +++ b/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java @@ -71,7 +71,7 @@ public class DummySTAL implements STAL { } @Override - public List handleRequest(List requestList) { + public List handleRequest(List requestList) { List responses = new ArrayList(); for (STALRequest request : requestList) { diff --git a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java index b828e8cd..e34c4899 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java @@ -36,6 +36,7 @@ import javax.smartcardio.ATR; import javax.smartcardio.Card; import javax.smartcardio.CardChannel; import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; import javax.smartcardio.CommandAPDU; import javax.smartcardio.ResponseAPDU; @@ -53,7 +54,12 @@ public abstract class AbstractSignatureCard implements SignatureCard { int ifs_ = 254; - Card card_; + private Card card_; + + /** + * The card terminal that connects the {@link #card_}. + */ + private CardTerminal cardTerminal; protected AbstractSignatureCard(String resourceBundleName) { this.resourceBundleName = resourceBundleName; @@ -331,8 +337,9 @@ public abstract class AbstractSignatureCard implements SignatureCard { } - public void init(Card card) { + public void init(Card card, CardTerminal cardTerminal) { card_ = card; + this.cardTerminal = cardTerminal; ATR atr = card.getATR(); byte[] atrBytes = atr.getBytes(); if (atrBytes.length >= 6) { @@ -340,6 +347,11 @@ public abstract class AbstractSignatureCard implements SignatureCard { log.trace("Setting IFS (information field size) to " + ifs_); } } + + @Override + public Card getCard() { + return card_; + } protected CardChannel getCardChannel() { return card_.getBasicChannel(); @@ -372,4 +384,18 @@ public abstract class AbstractSignatureCard implements SignatureCard { } } + @Override + public void reset() throws SignatureCardException { + try { + log.debug("Disconnect and reset smart card."); + card_.disconnect(true); + log.debug("Reconnect smart card."); + if (cardTerminal != null) { + card_ = cardTerminal.connect("*"); + } + } catch (CardException e) { + throw new SignatureCardException("Failed to reset card.", e); + } + } + } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java index 42943541..439be034 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java @@ -40,6 +40,7 @@ import java.util.Enumeration; import java.util.Locale; import javax.smartcardio.Card; +import javax.smartcardio.CardTerminal; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -102,7 +103,12 @@ public class SWCard implements SignatureCard { SWCard.swCardDir = swCardDir; } - public void init(Card card) { + public void init(Card card, CardTerminal cardTerminal) { + } + + @Override + public Card getCard() { + return null; } private String getFileName(String fileName) { @@ -379,4 +385,8 @@ public class SWCard implements SignatureCard { public void disconnect(boolean reset) { } + @Override + public void reset() throws SignatureCardException { + } + } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java index b6a453df..d7e76dd8 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java @@ -31,6 +31,7 @@ package at.gv.egiz.smcc; import java.util.Locale; import javax.smartcardio.Card; +import javax.smartcardio.CardTerminal; public interface SignatureCard { @@ -75,12 +76,21 @@ public interface SignatureCard { } - public void init(Card card); + public void init(Card card, CardTerminal cardTerminal); + + public Card getCard(); public byte[] getCertificate(KeyboxName keyboxName) throws SignatureCardException, InterruptedException; public void disconnect(boolean reset); + + /** + * Performs a reset of the card. + * + * @throws SignatureCardException if reset fails. + */ + public void reset() throws SignatureCardException; /** * diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java index 777299d9..ab66e9a1 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java @@ -34,6 +34,7 @@ import java.util.List; import javax.smartcardio.ATR; import javax.smartcardio.Card; +import javax.smartcardio.CardTerminal; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -204,6 +205,7 @@ public class SignatureCardFactory { * @param card * the smart card, or null if a software card should be * created + * @param cardTerminal TODO * * @return a SignatureCard instance * @@ -211,12 +213,12 @@ public class SignatureCardFactory { * if no implementation of the given card could be * found */ - public SignatureCard createSignatureCard(Card card) + public SignatureCard createSignatureCard(Card card, CardTerminal cardTerminal) throws CardNotSupportedException { if(card == null) { SignatureCard sCard = new SWCard(); - sCard.init(card); + sCard.init(card, cardTerminal); return sCard; } @@ -231,7 +233,7 @@ public class SignatureCardFactory { try { Class scClass = cl.loadClass(supportedCard.getImplementationClassName()); sc = (SignatureCard) scClass.newInstance(); - sc.init(card); + sc.init(card, cardTerminal); return sc; } catch (ClassNotFoundException e) { diff --git a/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java b/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java index 4dae7975..f7d3bab7 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java @@ -57,7 +57,7 @@ public class SMCCHelper { SignatureCardFactory factory = SignatureCardFactory.getInstance(); if (useSWCard) { try { - signatureCard = factory.createSignatureCard(null); + signatureCard = factory.createSignatureCard(null, null); resultCode = CARD_FOUND; } catch (CardNotSupportedException e) { resultCode = CARD_NOT_SUPPORTED; @@ -83,7 +83,7 @@ public class SMCCHelper { if (c == null) { throw new CardNotSupportedException(); } - signatureCard = factory.createSignatureCard(c); + signatureCard = factory.createSignatureCard(c, cardTerminal); ATR atr = newCards.get(cardTerminal).getATR(); log.trace("Found supported card (" + signatureCard.toString() + ") " + "in terminal '" + cardTerminal.getName() + "', ATR = " diff --git a/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java b/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java index b70b44a7..b1866894 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.smcc.util; +import java.security.NoSuchAlgorithmException; import java.util.Collections; import java.util.HashMap; import java.util.List; @@ -54,7 +55,13 @@ public class SmartCardIO { CardTerminals cardTerminals_; private void updateTerminalFactory() { - TerminalFactory terminalFactory = TerminalFactory.getDefault(); + TerminalFactory terminalFactory; + try { + terminalFactory = TerminalFactory.getInstance("PC/SC", null); + } catch (NoSuchAlgorithmException e) { + log.info("Failed to get TerminalFactory of type 'PC/SC'.", e); + terminalFactory = TerminalFactory.getDefault(); + } log.debug("TerminalFactory : " + terminalFactory); if ("PC/SC".equals(terminalFactory.getType())) { terminalFactory_ = terminalFactory; diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java index 55f51b22..6f08a135 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java @@ -121,7 +121,7 @@ public abstract class AbstractSMCCSTAL implements STAL { } @Override - public List handleRequest(List requestList) { + public List handleRequest(List requestList) { log.debug("Got request list containing " + requestList.size() + " STAL requests"); List responseList = new ArrayList(requestList diff --git a/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java b/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java index 59ea141c..77997217 100644 --- a/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java +++ b/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java @@ -5,6 +5,7 @@ import java.util.List; import java.util.Locale; import javax.smartcardio.Card; +import javax.smartcardio.CardTerminal; import org.junit.Assert; import org.junit.Before; @@ -61,7 +62,7 @@ public class AbstractSMCCSTALTest extends AbstractSMCCSTAL implements } @Override - public void init(Card card) { + public void init(Card card, CardTerminal cardTerminal) { // TODO Auto-generated method stub } @@ -71,6 +72,18 @@ public class AbstractSMCCSTALTest extends AbstractSMCCSTAL implements // TODO Auto-generated method stub } + + @Override + public Card getCard() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void reset() throws SignatureCardException { + // TODO Auto-generated method stub + + } }; return false; diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/DebugOutputStream.java b/utils/src/main/java/at/gv/egiz/bku/utils/DebugOutputStream.java new file mode 100644 index 00000000..8516b76c --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/bku/utils/DebugOutputStream.java @@ -0,0 +1,48 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.utils; + +import java.io.ByteArrayOutputStream; +import java.io.FilterOutputStream; +import java.io.IOException; +import java.io.OutputStream; + +public class DebugOutputStream extends FilterOutputStream { + + private ByteArrayOutputStream buffer = new ByteArrayOutputStream(); + + public DebugOutputStream(OutputStream out) { + super(out); + } + + @Override + public void write(byte[] b, int off, int len) throws IOException { + buffer.write(b, off, len); + super.write(b, off, len); + } + + @Override + public void write(int b) throws IOException { + buffer.write(b); + super.write(b); + } + + public byte[] getBufferedBytes() { + return buffer.toByteArray(); + } + +} diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/DebugReader.java b/utils/src/main/java/at/gv/egiz/bku/utils/DebugReader.java new file mode 100644 index 00000000..cafe4a72 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/bku/utils/DebugReader.java @@ -0,0 +1,58 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.utils; + +import java.io.FilterReader; +import java.io.IOException; +import java.io.Reader; +import java.io.StringWriter; + +public class DebugReader extends FilterReader { + + private StringWriter buffer = new StringWriter(); + + public DebugReader(Reader in) { + super(in); + } + + public DebugReader(Reader in, String start) { + super(in); + buffer.write(start); + } + + @Override + public int read() throws IOException { + int c = super.read(); + if (c != -1) + buffer.write(c); + return c; + } + + @Override + public int read(char[] cbuf, int off, int len) throws IOException { + int l = super.read(cbuf, off, len); + if (l != -1 ) { + buffer.write(cbuf, off, l); + } + return l; + } + + public String getCachedString() { + return buffer.toString(); + } + +} diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/DebugWriter.java b/utils/src/main/java/at/gv/egiz/bku/utils/DebugWriter.java new file mode 100644 index 00000000..5566f927 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/bku/utils/DebugWriter.java @@ -0,0 +1,55 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.utils; + +import java.io.FilterWriter; +import java.io.IOException; +import java.io.StringWriter; +import java.io.Writer; + +public class DebugWriter extends FilterWriter { + + private Writer buffer = new StringWriter(); + + public DebugWriter(Writer out) { + super(out); + } + + @Override + public void write(char[] cbuf, int off, int len) throws IOException { + buffer.write(cbuf, off, len); + super.write(cbuf, off, len); + } + + @Override + public void write(String str, int off, int len) throws IOException { + buffer.write(str, off, len); + super.write(str, off, len); + } + + @Override + public void write(int c) throws IOException { + buffer.write(c); + super.write(c); + } + + public String getBufferedString() { + return buffer.toString(); + } + + +} -- cgit v1.2.3 From 5d72bc4d896f4326dfe89e556dcc2b4de7806f4a Mon Sep 17 00:00:00 2001 From: wbauer Date: Tue, 9 Dec 2008 10:16:38 +0000 Subject: changed method visibility to use this class outside the package git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@240 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index 78e2e7fa..98c2432f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -56,7 +56,7 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements /** * The XML document containing the infobox content. */ - Document xmlDocument; + protected Document xmlDocument; /** * Creates the response document from the given binaryContent. @@ -112,7 +112,7 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements /** * @return an XMLResult for marshalling the infobox to */ - Result getXmlResult(boolean preserveSpace) { + public Result getXmlResult(boolean preserveSpace) { xmlDocument = createResponseDocument(null, preserveSpace); @@ -127,7 +127,7 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements * * @param resultBytes */ - void setResultBytes(byte[] resultBytes) { + public void setResultBytes(byte[] resultBytes) { xmlDocument = createResponseDocument(resultBytes, false); -- cgit v1.2.3 From e918d250c1dda9f8b7fccfc6f611b626f65e7a5c Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 9 Dec 2008 10:59:08 +0000 Subject: Added method for setting a document as result of InfoboxReadResultFileImpl. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@241 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../slcommands/impl/InfoboxReadResultFileImpl.java | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index 98c2432f..e43d99c6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -29,6 +29,7 @@ import javax.xml.transform.dom.DOMResult; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.w3c.dom.Document; +import org.w3c.dom.Node; import org.w3c.dom.NodeList; import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; @@ -119,8 +120,25 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); return new DOMResult(nodeList.item(0)); - } - + } + + /** + * Creates a new InfoboxReadResponse document and appends + * the given node as child node of the XMLContent element. + * + * @param node the node to be appended as child node of the XMLContnet element + * @param preserveSpace if true the value of the XMLContent's space + * attribute is set to preserve. + */ + public void setResultXMLContent(Node node, boolean preserveSpace) { + + xmlDocument = createResponseDocument(null, preserveSpace); + + NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); + nodeList.item(0).appendChild(node); + + } + /** * Creates a new result document for this InfoboxReadResult * and sets the given resultBytes as content. -- cgit v1.2.3 From dbfd110e2e502b561241e7578a7028dce48f961c Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 9 Dec 2008 15:50:02 +0000 Subject: Updated InfoboxReadResultFileImpl to cope with nodes from different documents. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@243 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index e43d99c6..c26bcd0b 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -135,6 +135,10 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements xmlDocument = createResponseDocument(null, preserveSpace); NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); + if (node.getOwnerDocument() != xmlDocument.getOwnerDocument()) { + Document doc = xmlDocument.getOwnerDocument(); + node = doc.importNode(node, true); + } nodeList.item(0).appendChild(node); } -- cgit v1.2.3 From 6f34b1722aa7e6c4a726a7376499a17fd2691f47 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 9 Dec 2008 15:57:42 +0000 Subject: Updated InfoboxReadResultFileImpl to cope with nodes from different documents. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@244 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index c26bcd0b..d8295227 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -135,9 +135,8 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements xmlDocument = createResponseDocument(null, preserveSpace); NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); - if (node.getOwnerDocument() != xmlDocument.getOwnerDocument()) { - Document doc = xmlDocument.getOwnerDocument(); - node = doc.importNode(node, true); + if (node.getOwnerDocument() != xmlDocument) { + node = xmlDocument.importNode(node, true); } nodeList.item(0).appendChild(node); -- cgit v1.2.3 From 401c481eed1f1e30928f7310d35832f8411d7e1b Mon Sep 17 00:00:00 2001 From: mcentner Date: Thu, 11 Dec 2008 14:42:17 +0000 Subject: XSecProvider delegation provider registration. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@246 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../main/java/at/gv/egiz/bku/conf/Configurator.java | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index e37d107f..733b47dc 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -14,6 +14,7 @@ import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.security.Provider; import java.security.Security; +import java.security.Provider.Service; import java.security.cert.CertStore; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -24,6 +25,7 @@ import java.util.ArrayList; import java.util.LinkedList; import java.util.List; import java.util.Properties; +import java.util.Set; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; @@ -150,9 +152,21 @@ public abstract class Configurator { log.debug("Registering security providers"); Security.insertProviderAt(new IAIK(), 1); Security.insertProviderAt(new ECCProvider(false), 2); - Security.addProvider(new STALProvider()); - XSecProvider.addAsProvider(false); + + // registering STALProvider as delegation provider for XSECT + STALProvider stalProvider = new STALProvider(); + Set services = stalProvider.getServices(); StringBuilder sb = new StringBuilder(); + for (Service service : services) { + String algorithm = service.getType() + "." + service.getAlgorithm(); + XSecProvider.setDelegationProvider(algorithm, stalProvider.getName()); + sb.append("\n" + algorithm); + } + log.debug("Registered STALProvider as XSecProvider delegation provider for the following services : " + sb.toString()); + + Security.addProvider(stalProvider); + XSecProvider.addAsProvider(false); + sb = new StringBuilder(); sb.append("Registered providers: "); int i = 1; for (Provider prov : Security.getProviders()) { -- cgit v1.2.3 From 887f6727479f3ae3d89a08ba619f9382b450e4c1 Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 12 Dec 2008 11:48:47 +0000 Subject: Updated SMCC to support non-blocking PIN entry. Added SV-Personendaten infobox implementation. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@248 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/webapp/WEB-INF/applicationContext.xml | 3 + .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 1 + .../bku/binding/LegacyDataUrlConnectionImpl.java | 3 + .../slcommands/impl/AbstractAssocArrayInfobox.java | 96 +++-- .../impl/SVPersonendatenInfoboxImpl.java | 323 +++++++++++++++++ .../impl/SVPersonendatenInfoboxImplTest.java | 147 ++++++++ smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java | 320 +++++++++-------- .../at/gv/egiz/smcc/AbstractSignatureCard.java | 214 +++++++----- .../src/main/java/at/gv/egiz/smcc/STARCOSCard.java | 386 +++++++++++++-------- .../smcc/SecurityStatusNotSatisfiedException.java | 38 ++ .../gv/egiz/smcc/VerificationFailedException.java | 65 ++++ .../test/java/at/gv/egiz/smcc/STARCOSCardTest.java | 40 ++- .../bku/smccstal/InfoBoxReadRequestHandler.java | 3 + 13 files changed, 1219 insertions(+), 420 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java create mode 100644 smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java create mode 100644 smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index eb7d5b7a..2ddd46a1 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -82,6 +82,9 @@ + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 408330cc..57d89c89 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -100,6 +100,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { } if (hostnameVerifier != null) { log.debug("Setting custom hostname verifier"); + https.setHostnameVerifier(hostnameVerifier); } } else { log.trace("No secure connection with: "+url+ " class="+connection.getClass()); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java index ef8034aa..452c45e5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -80,6 +80,7 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { } if (hostnameVerifier != null) { log.debug("Setting custom hostname verifier"); + https.setHostnameVerifier(hostnameVerifier); } } connection.setDoOutput(true); @@ -229,6 +230,8 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { public DataUrlConnectionSPI newInstance() { DataUrlConnectionSPI uc = new LegacyDataUrlConnectionImpl(); uc.setConfiguration(config); + uc.setSSLSocketFactory(sslSocketFactory); + uc.setHostnameVerifier(hostnameVerifier); return uc; } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java index e49ed6c0..e7f96c06 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java @@ -16,12 +16,17 @@ */ package at.gv.egiz.bku.slcommands.impl; +import java.io.ByteArrayOutputStream; import java.util.Arrays; import java.util.Collections; import java.util.List; import java.util.Map; import java.util.regex.Pattern; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -36,6 +41,7 @@ import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayTy import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; import at.gv.egiz.bku.slcommands.InfoboxReadResult; import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLCommandFactory; import at.gv.egiz.bku.slexceptions.SLCommandException; /** @@ -54,7 +60,7 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl /** * The search string pattern. */ - public static final String SEARCH_STRING_PATTERN = ".&&[^/](/.&&[^/])*"; + public static final String SEARCH_STRING_PATTERN = "(.&&[^/])+(/.&&[^/])*"; /** * @return the keys available in this infobox. @@ -93,6 +99,11 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl return Arrays.asList(getKeys()); } + if (!searchString.contains("*")) { + Arrays.asList(getKeys()).contains(searchString); + return Collections.singletonList(searchString); + } + if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) { // for (int i = 0; i < searchString.length(); i++) { @@ -160,15 +171,10 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl protected InfoboxReadResult readPairs(ReadPairs readPairs, SLCommandContext cmdCtx) throws SLCommandException { if (readPairs.isValuesAreXMLEntities() && !isValuesAreXMLEntities()) { - log.info("Got valuesAreXMLEntities=" + readPairs + " but infobox type is binary."); + log.info("Got valuesAreXMLEntities=" + readPairs.isValuesAreXMLEntities() + " but infobox type is binary."); throw new SLCommandException(4010); } - if (!readPairs.isValuesAreXMLEntities() && isValuesAreXMLEntities()) { - log.info("Got valuesAreXMLEntities=" + readPairs + " but infobox type is XML."); - throw new SLCommandException(4010); - } - List selectedKeys = selectKeys(readPairs.getSearchString()); if (readPairs.isUserMakesUnique() && selectedKeys.size() > 1) { @@ -177,26 +183,10 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl throw new SLCommandException(4010); } - ObjectFactory objectFactory = new ObjectFactory(); - - InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory.createInfoboxReadDataAssocArrayType(); - - Map values = getValues(selectedKeys, cmdCtx); - for (String key : selectedKeys) { - InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); - infoboxAssocArrayPairType.setKey(key); - Object value = values.get(key); - if (value instanceof byte[]) { - infoboxAssocArrayPairType.setBase64Content((byte[]) value); - } else { - infoboxAssocArrayPairType.setXMLContent((XMLContentType) value); - } - infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); - } - - return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + return new InfoboxReadResultImpl(marshallPairs(selectedKeys, getValues( + selectedKeys, cmdCtx), readPairs.isValuesAreXMLEntities())); } - + /** * Read the value specified by readPairs. * @@ -213,12 +203,7 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl protected InfoboxReadResult readValue(ReadValue readValue, SLCommandContext cmdCtx) throws SLCommandException { if (readValue.isValueIsXMLEntity() && !isValuesAreXMLEntities()) { - log.info("Got valuesAreXMLEntities=" + readValue + " but infobox type is binary."); - throw new SLCommandException(4010); - } - - if (!readValue.isValueIsXMLEntity() && isValuesAreXMLEntities()) { - log.info("Got valuesAreXMLEntities=" + readValue + " but infobox type is XML."); + log.info("Got valuesAreXMLEntities=" + readValue.isValueIsXMLEntity() + " but infobox type is binary."); throw new SLCommandException(4010); } @@ -230,24 +215,59 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl selectedKeys = Collections.emptyList(); } + return new InfoboxReadResultImpl(marshallPairs(selectedKeys, getValues( + selectedKeys, cmdCtx), readValue.isValueIsXMLEntity())); + + } + + protected InfoboxReadDataAssocArrayType marshallPairs(List selectedKeys, Map values, boolean areXMLEntities) throws SLCommandException { + ObjectFactory objectFactory = new ObjectFactory(); - + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory.createInfoboxReadDataAssocArrayType(); - Map values = getValues(selectedKeys, cmdCtx); for (String key : selectedKeys) { InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); infoboxAssocArrayPairType.setKey(key); + Object value = values.get(key); - if (value instanceof byte[]) { - infoboxAssocArrayPairType.setBase64Content((byte[]) value); + if (areXMLEntities) { + if (value instanceof byte[]) { + log.info("Got valuesAreXMLEntities=" + areXMLEntities + " but infobox type is binary."); + throw new SLCommandException(4122); + } else { + XMLContentType contentType = objectFactory.createXMLContentType(); + contentType.getContent().add(value); + infoboxAssocArrayPairType.setXMLContent(contentType); + } } else { - infoboxAssocArrayPairType.setXMLContent((XMLContentType) value); + infoboxAssocArrayPairType.setBase64Content((value instanceof byte[]) ? (byte[]) value : marshallValue(value)); } + infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); } + + return infoboxReadDataAssocArrayType; - return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + } + + protected byte[] marshallValue(Object jaxbElement) throws SLCommandException { + SLCommandFactory commandFactory = SLCommandFactory.getInstance(); + JAXBContext jaxbContext = commandFactory.getJaxbContext(); + + ByteArrayOutputStream result; + try { + Marshaller marshaller = jaxbContext.createMarshaller(); + + result = new ByteArrayOutputStream(); + marshaller.marshal(jaxbElement, result); + } catch (JAXBException e) { + log.info("Failed to marshall infobox content.", e); + throw new SLCommandException(4122); + } + + return result.toByteArray(); + } @Override diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java new file mode 100644 index 00000000..7e204632 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java @@ -0,0 +1,323 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import iaik.asn1.ASN; +import iaik.asn1.ASN1Object; +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; +import iaik.asn1.NumericString; +import iaik.asn1.OCTET_STRING; +import iaik.asn1.ObjectID; +import iaik.asn1.SEQUENCE; +import iaik.asn1.SET; +import iaik.asn1.UNKNOWN; +import iaik.asn1.structures.ChoiceOfTime; + +import java.io.IOException; +import java.math.BigInteger; +import java.nio.charset.Charset; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.TimeZone; + +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.XMLGregorianCalendar; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.cardchannel.AttributeList; +import at.buergerkarte.namespaces.cardchannel.AttributeType; +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STALRequest; + +/** + * An implementation of the {@link Infobox} Certificates as + * specified in Security Layer 1.2. + * + * @author mcentner + */ +public class SVPersonendatenInfoboxImpl extends AbstractAssocArrayInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(SVPersonendatenInfoboxImpl.class); + + public static final String EHIC = "EHIC"; + + public static final String GRUNDDATEN = "Grunddaten"; + + public static final String STATUS = "Status"; + + public static final String SV_PERSONENBINDUNG = "SV-Personenbindung"; + + /** + * The valid keys. + */ + public static final String[] KEYS = new String[] { + GRUNDDATEN, EHIC, STATUS, SV_PERSONENBINDUNG + }; + + @Override + public String getIdentifier() { + return "SV-Personendaten"; + } + + @Override + public String[] getKeys() { + return KEYS; + } + + @Override + public boolean isValuesAreXMLEntities() { + return true; + } + + @Override + public Map getValues(List keys, SLCommandContext cmdCtx) throws SLCommandException { + + STALHelper stalHelper = new STALHelper(cmdCtx.getSTAL()); + + if (keys != null && !keys.isEmpty()) { + + List stalRequests = new ArrayList(); + + // get values + InfoboxReadRequest infoboxReadRequest; + for (int i = 0; i < keys.size(); i++) { + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(keys.get(i)); + stalRequests.add(infoboxReadRequest); + } + + stalHelper.transmitSTALRequest(stalRequests); + + Map values = new HashMap(); + + try { + for (int i = 0; i < keys.size(); i++) { + + String key = keys.get(i); + InfoboxReadResponse nextResponse = (InfoboxReadResponse) stalHelper.nextResponse(InfoboxReadResponse.class); + + + ObjectFactory objectFactory = new ObjectFactory(); + + if (EHIC.equals(key)) { + AttributeList attributeList = createAttributeList(nextResponse.getInfoboxValue()); + values.put(key, objectFactory.createEHIC(attributeList)); + } else if (GRUNDDATEN.equals(key)) { + AttributeList attributeList = createAttributeList(nextResponse.getInfoboxValue()); + values.put(key, objectFactory.createGrunddaten(attributeList)); + } else if (SV_PERSONENBINDUNG.equals(key)) { + values.put(key, objectFactory.createSVPersonenbindung(nextResponse.getInfoboxValue())); + } else if (STATUS.equals(key)) { + AttributeList attributeList = createAttributeListFromRecords(nextResponse.getInfoboxValue()); + values.put(key, objectFactory.createStatus(attributeList)); + } + + } + } catch (CodingException e) { + log.info("Failed to decode '" + getIdentifier() + "' infobox.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { "IdentityLink" }); + + } + + return values; + + } else { + + return new HashMap(); + + } + + + } + + public static AttributeList createAttributeList(byte[] infoboxValue) throws CodingException { + + ObjectFactory objectFactory = new ObjectFactory(); + + ASN1Object asn1 = DerCoder.decode(infoboxValue); + + AttributeList attributeList = objectFactory.createAttributeList(); + List attributes = attributeList.getAttribute(); + + if (asn1.isA(ASN.SEQUENCE)) { + for (int i = 0; i < ((SEQUENCE) asn1).countComponents(); i++) { + + AttributeType attributeType = objectFactory.createAttributeType(); + + if (asn1.getComponentAt(i).isA(ASN.SEQUENCE)) { + SEQUENCE attribute = (SEQUENCE) asn1.getComponentAt(i); + if (attribute.getComponentAt(0).isA(ASN.ObjectID)) { + ObjectID objectId = (ObjectID) attribute.getComponentAt(0); + attributeType.setOid("urn:oid:" + objectId.getID()); + } + if (attribute.getComponentAt(1).isA(ASN.SET)) { + SET values = (SET) attribute.getComponentAt(1); + for (int j = 0; j < values.countComponents(); j++) { + setAttributeValue(attributeType, values.getComponentAt(j)); + } + } + } + + attributes.add(attributeType); + + } + + } + + return attributeList; + + } + + public static AttributeList createAttributeListFromRecords(byte[] infoboxValue) throws CodingException { + + ObjectFactory objectFactory = new ObjectFactory(); + + AttributeList attributeList = objectFactory.createAttributeList(); + List attributes = attributeList.getAttribute(); + + byte[] records = infoboxValue; + + while (records != null && records.length > 0) { + + int length; + + if (records[0] != 0x00) { + + ASN1Object asn1 = DerCoder.decode(records); + + AttributeType attributeType = objectFactory.createAttributeType(); + + if (asn1.isA(ASN.SEQUENCE)) { + SEQUENCE attribute = (SEQUENCE) asn1; + if (attribute.getComponentAt(0).isA(ASN.ObjectID)) { + ObjectID objectId = (ObjectID) attribute.getComponentAt(0); + attributeType.setOid("urn:oid:" + objectId.getID()); + } + if (attribute.getComponentAt(1).isA(ASN.SET)) { + SET values = (SET) attribute.getComponentAt(1); + for (int j = 0; j < values.countComponents(); j++) { + setAttributeValue(attributeType, values.getComponentAt(j)); + } + } + } + + attributes.add(attributeType); + + length = DerCoder.encode(asn1).length; + + } else { + length = 1; + } + + if (length < records.length) { + records = Arrays.copyOfRange(records, length + 1, records.length); + } else { + records = null; + } + + } + + return attributeList; + + } + + private static void setAttributeValue(AttributeType attributeType, ASN1Object value) { + + if (value.isA(ASN.OCTET_STRING)) { + + try { + byte[] octets = ((OCTET_STRING) value).getWholeValue(); + attributeType.setLatin1String(new String(octets, Charset.forName("ISO-8859-1"))); + } catch (IOException e) { + log.info("Failed to set Latin1String.", e); + } + + } else if (value.isA(ASN.NumericString)) { + + attributeType.setNumericString((String) ((NumericString) value).getValue()); + + } else if (value.isA(ASN.GeneralizedTime)) { + + try { + ChoiceOfTime choiceOfTime = new ChoiceOfTime(value); + + GregorianCalendar gregorianCalendar = new GregorianCalendar(); + gregorianCalendar.setTimeZone(TimeZone.getTimeZone("UTC")); + gregorianCalendar.setTime(choiceOfTime.getDate()); + + DatatypeFactory datatypeFactory = DatatypeFactory.newInstance(); + XMLGregorianCalendar xmlGregorianCalendar = datatypeFactory.newXMLGregorianCalendar(gregorianCalendar); + xmlGregorianCalendar.setTimezone(0); + + attributeType.setGeneralizedTime(xmlGregorianCalendar); + } catch (Exception e) { + log.info("Failed to set GeneralizedTime.", e); + } + + } else if (value.isA(ASN.INTEGER)) { + + attributeType.setInteger((BigInteger) value.getValue()); + + } else if (value.isA(ASN.UTF8String)) { + + attributeType.setUTF8String((String) value.getValue()); + + } else if (value.isA(ASN.PrintableString)) { + + attributeType.setPrintableString((String) value.getValue()); + + } else if (value.isA(ASN.UNKNOWN)) { + + byte[] bytes = (byte[]) ((UNKNOWN) value).getValue(); + + try { + BigInteger bigInteger = new BigInteger(bytes); + String string = bigInteger.toString(16); + + Date date = new SimpleDateFormat("yyyyMMdd").parse(string); + attributeType.setDate(new SimpleDateFormat("yyyy-MM-dd").format(date)); + } catch (Exception e) { + log.info("Failed to set Date.", e); + } + } + + } + + + + + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java new file mode 100644 index 00000000..f9c60b86 --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java @@ -0,0 +1,147 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import iaik.asn1.CodingException; + +import java.io.IOException; +import java.io.InputStream; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; + +import org.junit.Ignore; +import org.junit.Test; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; + +import at.buergerkarte.namespaces.cardchannel.AttributeList; +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; +import at.gv.egiz.bku.slcommands.ErrorResult; +import at.gv.egiz.bku.slcommands.InfoboxReadCommand; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.dummy.DummySTAL; + +//@Ignore +public class SVPersonendatenInfoboxImplTest { + + private byte[] EHIC = new byte[] { + (byte) 0x30, (byte) 0x6b, (byte) 0x30, (byte) 0x12, (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x28, + (byte) 0x00, (byte) 0x0a, (byte) 0x01, (byte) 0x04, (byte) 0x01, (byte) 0x14, (byte) 0x31, (byte) 0x06, + (byte) 0x04, (byte) 0x04, (byte) 0x42, (byte) 0x47, (byte) 0x4b, (byte) 0x4b, (byte) 0x30, (byte) 0x12, + (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x28, (byte) 0x00, (byte) 0x0a, (byte) 0x01, (byte) 0x04, + (byte) 0x01, (byte) 0x15, (byte) 0x31, (byte) 0x06, (byte) 0x12, (byte) 0x04, (byte) 0x31, (byte) 0x33, + (byte) 0x30, (byte) 0x30, (byte) 0x30, (byte) 0x22, (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x28, + (byte) 0x00, (byte) 0x0a, (byte) 0x01, (byte) 0x04, (byte) 0x01, (byte) 0x16, (byte) 0x31, (byte) 0x16, + (byte) 0x12, (byte) 0x14, (byte) 0x38, (byte) 0x30, (byte) 0x30, (byte) 0x34, (byte) 0x30, (byte) 0x30, + (byte) 0x30, (byte) 0x30, (byte) 0x30, (byte) 0x30, (byte) 0x32, (byte) 0x33, (byte) 0x30, (byte) 0x30, + (byte) 0x34, (byte) 0x37, (byte) 0x30, (byte) 0x37, (byte) 0x35, (byte) 0x39, (byte) 0x30, (byte) 0x1d, + (byte) 0x06, (byte) 0x08, (byte) 0x2a, (byte) 0x28, (byte) 0x00, (byte) 0x0a, (byte) 0x01, (byte) 0x04, + (byte) 0x01, (byte) 0x17, (byte) 0x31, (byte) 0x11, (byte) 0x18, (byte) 0x0f, (byte) 0x32, (byte) 0x30, + (byte) 0x30, (byte) 0x35, (byte) 0x30, (byte) 0x37, (byte) 0x30, (byte) 0x31, (byte) 0x31, (byte) 0x32, + (byte) 0x30, (byte) 0x30, (byte) 0x30, (byte) 0x30, (byte) 0x5a + }; + + private static ApplicationContext appCtx; + + private SLCommandFactory factory; + + private STAL stal; + +// @BeforeClass + public static void setUpClass() { + appCtx = new ClassPathXmlApplicationContext("at/gv/egiz/bku/slcommands/testApplicationContext.xml"); + } + +// @Before + public void setUp() { + factory = SLCommandFactory.getInstance(); + stal = new DummySTAL(); + } + + @Test + public void testEHIC() throws SLCommandException, JAXBException, CodingException, IOException { + + AttributeList attributeList = SVPersonendatenInfoboxImpl.createAttributeList(EHIC); + + JAXBElement ehic = new ObjectFactory().createEHIC(attributeList); + + JAXBContext jaxbContext = SLCommandFactory.getInstance().getJaxbContext(); + + Marshaller marshaller = jaxbContext.createMarshaller(); + + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + + marshaller.marshal(ehic, System.out); + + } + + @Ignore + @Test + public void testInfboxReadRequest() throws SLCommandException, SLRuntimeException, SLRequestException { + InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.xml"); + assertNotNull(inputStream); + + SLCommandContext context = new SLCommandContext(); + context.setSTAL(stal); + SLCommand command = factory.createSLCommand(new StreamSource(inputStream), context); + assertTrue(command instanceof InfoboxReadCommand); + + SLResult result = command.execute(); + result.writeTo(new StreamResult(System.out)); + } + + @Ignore + @Test(expected=SLCommandException.class) + public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException { + InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-1.xml"); + assertNotNull(inputStream); + + SLCommandContext context = new SLCommandContext(); + context.setSTAL(stal); + SLCommand command = factory.createSLCommand(new StreamSource(inputStream), context); + assertTrue(command instanceof InfoboxReadCommand); + } + + @Ignore + public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException { + InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-2.xml"); + assertNotNull(inputStream); + + SLCommandContext context = new SLCommandContext(); + context.setSTAL(stal); + SLCommand command = factory.createSLCommand(new StreamSource(inputStream), context); + assertTrue(command instanceof InfoboxReadCommand); + + SLResult result = command.execute(); + assertTrue(result instanceof ErrorResult); + } + +} diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java index 2baff834..6d96599c 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java @@ -30,7 +30,6 @@ package at.gv.egiz.smcc; import java.nio.charset.Charset; -import javax.smartcardio.Card; import javax.smartcardio.CardChannel; import javax.smartcardio.CardException; import javax.smartcardio.CommandAPDU; @@ -110,41 +109,47 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { public byte[] getCertificate(KeyboxName keyboxName) throws SignatureCardException, InterruptedException { - byte[] aid; - byte[] efc; - int maxsize; - if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - aid = AID_SIG; - efc = EF_C_CH_DS; - maxsize = EF_C_CH_DS_MAX_SIZE; - } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - aid = AID_DEC; - efc = EF_C_CH_EKEY; - maxsize = EF_C_CH_EKEY_MAX_SIZE; - } else { - throw new IllegalArgumentException("Keybox " + keyboxName - + " not supported."); - } - - log.debug("Get certificate for keybox '" + keyboxName.getKeyboxName() + "'" + - " (AID=" + toString(aid) + " EF=" + toString(efc) + ")."); - try { - Card card = getCardChannel().getCard(); - try { - card.beginExclusive(); - return readTLVFile(aid, efc, maxsize + 15000); - } catch (FileNotFoundException e) { - // if certificate is not present, - // the citizen card application has not been activated - throw new NotActivatedException(); - } finally { - card.endExclusive(); + + if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { + + try { + getCard().beginExclusive(); + byte[] certificate = readTLVFile(AID_SIG, EF_C_CH_DS, EF_C_CH_DS_MAX_SIZE); + if (certificate == null) { + throw new NotActivatedException(); + } + return certificate; + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } finally { + getCard().endExclusive(); + } + + } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { + + try { + getCard().beginExclusive(); + byte[] certificate = readTLVFile(AID_DEC, EF_C_CH_EKEY, EF_C_CH_EKEY_MAX_SIZE); + if (certificate == null) { + throw new NotActivatedException(); + } + return certificate; + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } finally { + getCard().endExclusive(); + } + + } else { + throw new IllegalArgumentException("Keybox " + keyboxName + + " not supported."); } + } catch (CardException e) { - throw new SignatureCardException("Failed to get exclusive card access."); + log.warn(e); + throw new SignatureCardException("Failed to access card.", e); } - } @@ -155,30 +160,47 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { public byte[] getInfobox(String infobox, PINProvider provider, String domainId) throws SignatureCardException, InterruptedException { - if ("IdentityLink".equals(infobox)) { - - PINSpec spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("inf.pin.name")); - - try { - Card card = getCardChannel().getCard(); - try { - card.beginExclusive(); - return readTLVFilePIN(AID_DEC, EF_INFOBOX, KID_PIN_INF, provider, - spec, EF_INFOBOX_MAX_SIZE); - } catch (FileNotFoundException e) { - // if certificate is not present, - // the citizen card application has not been activated - throw new NotActivatedException(); - } finally { - card.endExclusive(); - } - } catch (CardException e) { - throw new SignatureCardException("Failed to get exclusive card access."); + try { + if ("IdentityLink".equals(infobox)) { + + PINSpec spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("inf.pin.name")); + + int retries = -1; + String pin = null; + boolean pinRequiered = false; + + do { + if (pinRequiered) { + pin = provider.providePIN(spec, retries); + if (pin == null) { + throw new CancelledException(); + } + } + try { + getCard().beginExclusive(); + return readTLVFile(AID_DEC, EF_INFOBOX, pin, KID_PIN_INF, EF_INFOBOX_MAX_SIZE); + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } catch (SecurityStatusNotSatisfiedException e) { + pinRequiered = true; + } catch (VerificationFailedException e) { + pinRequiered = true; + retries = e.getRetries(); + } finally { + getCard().endExclusive(); + } + } while (retries != 0); + + throw new LockedException(); + + } else { + throw new IllegalArgumentException("Infobox '" + infobox + + "' not supported."); } - - } else { - throw new IllegalArgumentException("Infobox '" + infobox - + "' not supported."); + + } catch (CardException e) { + log.warn(e); + throw new SignatureCardException("Failed to access card.", e); } } @@ -192,68 +214,103 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { } try { - Card card = getCardChannel().getCard(); - try { - card.beginExclusive(); - - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) { - - // SELECT DF - selectFileFID(DF_SIG); - // VERIFY - verifyPIN(provider, new PINSpec(6, 10, "[0-9]", getResourceBundle() - .getString("sig.pin.name")), KID_PIN_SIG); - // MSE: SET DST - mseSetDST(0x81, 0xb6, DST_SIG); - // PSO: HASH - psoHash(hash); - // PSO: COMPUTE DIGITAL SIGNATURE - return psoComputDigitalSiganture(); - } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) { - - // SELECT DF - selectFileFID(DF_DEC); - // VERIFY - verifyPIN(provider, new PINSpec(4, 4, "[0-9]", getResourceBundle() - .getString("dec.pin.name")), KID_PIN_DEC); - // MSE: SET DST - mseSetDST(0x41, 0xa4, DST_DEC); - // INTERNAL AUTHENTICATE - return internalAuthenticate(hash); - - - // 00 88 10 00 23 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14 54 26 F0 EA AF EA F0 4E D4 A1 AD BF 66 D4 A5 9B 45 6F AF 79 00 - // 00 88 10 00 23 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14 DF 8C AB 8F E2 AD AC 7B 5A AF BE E9 44 5E 95 99 FA AF 2F 48 00 - - } else { - throw new IllegalArgumentException("KeyboxName '" + keyboxName - + "' not supported."); - } + if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) { + + PINSpec spec = new PINSpec(6, 10, "[0-9]", getResourceBundle().getString("sig.pin.name")); + + int retries = -1; + String pin = null; + + do { + pin = provider.providePIN(spec, retries); + if (pin == null) { + throw new CancelledException(); + } + try { + getCard().beginExclusive(); + + // SELECT DF + selectFileFID(DF_SIG); + // VERIFY + retries = verifyPIN(pin, KID_PIN_SIG); + if (retries != -1) { + throw new VerificationFailedException(retries); + } + // MSE: SET DST + mseSetDST(0x81, 0xb6, DST_SIG); + // PSO: HASH + psoHash(hash); + // PSO: COMPUTE DIGITAL SIGNATURE + return psoComputDigitalSiganture(); + + } catch (SecurityStatusNotSatisfiedException e) { + retries = verifyPIN(null, KID_PIN_SIG); + } catch (VerificationFailedException e) { + retries = e.getRetries(); + } finally { + getCard().endExclusive(); + } + } while (retries != 0); + + throw new LockedException(); + + + } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) { - } catch (FileNotFoundException e) { - // if certificate is not present, - // the citizen card application has not been activated - throw new NotActivatedException(); - } finally { - card.endExclusive(); + PINSpec spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("dec.pin.name")); + + int retries = -1; + String pin = null; + boolean pinRequiered = false; + + do { + if (pinRequiered) { + pin = provider.providePIN(spec, retries); + if (pin == null) { + throw new CancelledException(); + } + } + try { + getCard().beginExclusive(); + + // SELECT DF + selectFileFID(DF_DEC); + // VERIFY + retries = verifyPIN(pin, KID_PIN_DEC); + if (retries != -1) { + throw new VerificationFailedException(retries); + } + // MSE: SET DST + mseSetDST(0x41, 0xa4, DST_DEC); + // INTERNAL AUTHENTICATE + return internalAuthenticate(hash); + + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } catch (SecurityStatusNotSatisfiedException e) { + pinRequiered = true; + retries = verifyPIN(null, KID_PIN_DEC); + } catch (VerificationFailedException e) { + pinRequiered = true; + retries = e.getRetries(); + } finally { + getCard().endExclusive(); + } + } while (retries != 0); + + throw new LockedException(); + + } else { + throw new IllegalArgumentException("KeyboxName '" + keyboxName + + "' not supported."); } + } catch (CardException e) { - throw new SignatureCardException("Failed to get exclusive card access."); - } - - } - - protected byte[] selectFileAID(byte[] fid) throws CardException, SignatureCardException { - CardChannel channel = getCardChannel(); - ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0xA4, 0x04, - 0x00, fid, 256)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("Failed to select file (AID=" - + toString(fid) + "): SW=" + Integer.toHexString(resp.getSW()) + "."); - } else { - return resp.getBytes(); - } + log.warn(e); + throw new SignatureCardException("Failed to access card.", e); + } + } protected ResponseAPDU selectFileFID(byte[] fid) throws CardException, SignatureCardException { @@ -262,6 +319,7 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { 0x00, fid, 256)); } + @Override protected int verifyPIN(String pin, byte kid) throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); @@ -290,35 +348,7 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { } - /** - * - * @param pinProvider - * @param spec - * the PIN spec to be given to the pinProvider - * @param kid - * the KID (key identifier) of the PIN to be verified - * @throws CancelledException - * if the user canceld the operation - * @throws javax.smartcardio.CardException - * @throws at.gv.egiz.smcc.SignatureCardException - */ - @Override - protected void verifyPIN(PINProvider pinProvider, PINSpec spec, byte kid) - throws CardException, CancelledException, SignatureCardException, InterruptedException { - - int retries = -1; - do { - String pin = pinProvider.providePIN(spec, retries); - if (pin == null) { - // user canceled operation - throw new CancelledException("User canceled operation"); - } - retries = verifyPIN(pin, kid); - } while (retries > 0); - - } - - void mseSetDST(int p1, int p2, byte[] dst) throws CardException, SignatureCardException { + private void mseSetDST(int p1, int p2, byte[] dst) throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0x22, p1, p2, dst)); @@ -328,7 +358,7 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { } } - void psoHash(byte[] hash) throws CardException, SignatureCardException { + private void psoHash(byte[] hash) throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0x2A, 0x90, 0x81, hash)); @@ -338,7 +368,7 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { } } - byte[] psoComputDigitalSiganture() throws CardException, + private byte[] psoComputDigitalSiganture() throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0x2A, 0x9E, @@ -352,7 +382,7 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { } } - byte[] internalAuthenticate(byte[] hash) throws CardException, SignatureCardException { + private byte[] internalAuthenticate(byte[] hash) throws CardException, SignatureCardException { byte[] digestInfo = new byte[] { (byte) 0x30, (byte) 0x21, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2B, (byte) 0x0E, (byte) 0x03, (byte) 0x02, (byte) 0x1A, (byte) 0x05, (byte) 0x00, (byte) 0x04 diff --git a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java index e34c4899..633cc90d 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java @@ -28,6 +28,8 @@ // package at.gv.egiz.smcc; +import java.io.ByteArrayOutputStream; +import java.io.IOException; import java.nio.ByteBuffer; import java.util.Locale; import java.util.ResourceBundle; @@ -79,45 +81,56 @@ public abstract class AbstractSignatureCard implements SignatureCard { return sb.toString(); } - protected abstract byte[] selectFileAID(byte[] fid) throws CardException, - SignatureCardException; - - protected abstract ResponseAPDU selectFileFID(byte[] fid) throws CardException, - SignatureCardException; - /** - * VERIFY PIN + * Select an application using AID as DF name according to ISO/IEC 7816-4 + * section 8.2.2.2. * - *

- * Implementations of this method should call - * {@link PINProvider#providePIN(PINSpec, int)} to retrieve the PIN entered by - * the user and VERIFY PIN on the smart card until the PIN has been - * successfully verified. - *

+ * @param dfName + * AID of the application to be selected * - * @param pinProvider - * the PINProvider - * @param spec - * the PINSpec - * @param kid - * the key ID (KID) of the PIN to verify + * @return the response data of the response APDU if SW=0x9000 * * @throws CardException - * if smart card communication fails - * - * @throws CancelledException - * if the PINProvider indicated that the user canceled the PIN entry - * @throws NotActivatedException - * if the card application has not been activated - * @throws LockedException - * if the card application is locked + * if card communication fails * * @throws SignatureCardException - * if VERIFY PIN fails + * if application selection fails (e.g. an application with the + * given AID is not present on the card) */ - protected abstract void verifyPIN(PINProvider pinProvider, PINSpec spec, - byte kid) throws CardException, SignatureCardException, InterruptedException; + protected byte[] selectFileAID(byte[] dfName) throws CardException, SignatureCardException { + CardChannel channel = getCardChannel(); + ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0xA4, 0x04, + 0x00, dfName, 256)); + if (resp.getSW() != 0x9000) { + throw new SignatureCardException("Failed to select application AID=" + + toString(dfName) + ": SW=" + Integer.toHexString(resp.getSW()) + "."); + } else { + return resp.getBytes(); + } + } + + protected abstract ResponseAPDU selectFileFID(byte[] fid) throws CardException, + SignatureCardException; + protected abstract int verifyPIN(String pin, byte kid) throws CardException, SignatureCardException; + + + protected byte[] readRecord(int recordNumber) throws SignatureCardException, CardException { + return readRecord(getCardChannel(), recordNumber); + } + + protected byte[] readRecord(CardChannel channel, int recordNumber) throws SignatureCardException, CardException { + + ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0xB2, + recordNumber, 0x04, 256)); + if (resp.getSW() == 0x9000) { + return resp.getData(); + } else { + throw new SignatureCardException("Failed to read records. SW=" + Integer.toHexString(resp.getSW())); + } + + } + protected byte[] readBinary(CardChannel channel, int offset, int len) throws CardException, SignatureCardException { @@ -125,6 +138,8 @@ public abstract class AbstractSignatureCard implements SignatureCard { 0x7F & (offset >> 8), offset & 0xFF, len)); if (resp.getSW() == 0x9000) { return resp.getData(); + } else if (resp.getSW() == 0x6982) { + throw new SecurityStatusNotSatisfiedException(); } else { throw new SignatureCardException("Failed to read bytes (" + offset + "+" + len + "): SW=" + Integer.toHexString(resp.getSW())); @@ -188,43 +203,10 @@ public abstract class AbstractSignatureCard implements SignatureCard { } - /** - * Read the content of a TLV file. - * - * @param aid the application ID (AID) - * @param ef the elementary file (EF) - * @param maxLength the maximum length of the file - * - * @return the content of the file - * - * @throws SignatureCardException - */ - protected byte[] readTLVFile(byte[] aid, byte[] ef, int maxLength) - throws SignatureCardException, InterruptedException { - return readTLVFilePIN(aid, ef, (byte) 0, null, null, maxLength); - } - - - /** - * Read the content of a TLV file wich may require a PIN. - * - * @param aid the application ID (AID) - * @param ef the elementary file (EF) - * @param kid the key ID (KID) of the corresponding PIN - * @param provider the PINProvider - * @param spec the PINSpec - * @param maxLength the maximum length of the file - * - * @return the content of the file - * - * @throws SignatureCardException - */ - protected byte[] readTLVFilePIN(byte[] aid, byte[] ef, byte kid, - PINProvider provider, PINSpec spec, int maxLength) - throws SignatureCardException, InterruptedException { - + protected byte[] readRecords(byte[] aid, byte[] ef, int start, int end) throws SignatureCardException, InterruptedException { + try { - + // SELECT FILE (AID) byte[] rb = selectFileAID(aid); if (rb[rb.length - 2] != (byte) 0x90 || rb[rb.length - 1] != (byte) 0x00) { @@ -256,37 +238,89 @@ public abstract class AbstractSignatureCard implements SignatureCard { + Integer.toHexString(resp.getSW()) + ")."); } - - // try to READ BINARY - byte[] b = new byte[1]; - int sw = readBinary(0, 1, b); - if (provider != null && sw == 0x6982) { - - // VERIFY - verifyPIN(provider, spec, kid); - - } else if (sw == 0x9000) { - // not expected type - if (b[0] != 0x30) { - throw new NotActivatedException(); - } - } else { - throw new SignatureCardException("READ BINARY failed (SW=" - + Integer.toHexString(sw) + ")."); + ByteArrayOutputStream bytes = new ByteArrayOutputStream(); + + for (int i = start; i <= end; i++) { + bytes.write(readRecord(i)); } - - // READ BINARY - byte[] data = readBinaryTLV(maxLength, (byte) 0x30); - - return data; - + + return bytes.toByteArray(); + } catch (CardException e) { throw new SignatureCardException("Failed to acces card.", e); + } catch (IOException e) { + throw new SignatureCardException("Failed to read records.", e); } - + + } + + /** + * Read the content of a TLV file. + * + * @param aid the application ID (AID) + * @param ef the elementary file (EF) + * @param maxLength the maximum length of the file + * + * @return the content of the file + * + * @throws SignatureCardException + * @throws CardException + */ + protected byte[] readTLVFile(byte[] aid, byte[] ef, int maxLength) + throws SignatureCardException, InterruptedException, CardException { + return readTLVFile(aid, ef, null, (byte) 0, maxLength); } + /** + * Read the content of a TLV file wich may require a PIN. + * + * @param aid the application ID (AID) + * @param ef the elementary file (EF) + * @param kid the key ID (KID) of the corresponding PIN + * @param provider the PINProvider + * @param spec the PINSpec + * @param maxLength the maximum length of the file + * + * @return the content of the file + * + * @throws SignatureCardException + * @throws CardException + */ + protected byte[] readTLVFile(byte[] aid, byte[] ef, String pin, byte kid, int maxLength) + throws SignatureCardException, InterruptedException, CardException { + + + // SELECT FILE (AID) + selectFileAID(aid); + + // SELECT FILE (EF) + ResponseAPDU resp = selectFileFID(ef); + if (resp.getSW() == 0x6a82) { + // EF not found + throw new FileNotFoundException("EF " + toString(ef) + " not found."); + } else if (resp.getSW() != 0x9000) { + throw new SignatureCardException("SELECT FILE with " + + "FID=" + + toString(ef) + + " failed (" + + "SW=" + + Integer.toHexString(resp.getSW()) + ")."); + } + + // VERIFY + if (pin != null) { + int retries = verifyPIN(pin, kid); + if (retries != -1) { + throw new VerificationFailedException(retries); + } + } + + return readBinaryTLV(maxLength, (byte) 0x30); + + + } + /** * Transmit the given command APDU using the given card channel. * diff --git a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java index d6d02475..2a6e90bf 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java @@ -31,7 +31,6 @@ package at.gv.egiz.smcc; import java.math.BigInteger; import java.util.Arrays; -import javax.smartcardio.Card; import javax.smartcardio.CardChannel; import javax.smartcardio.CardException; import javax.smartcardio.CommandAPDU; @@ -49,6 +48,42 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 }; + /** + * Application ID SV-Personendaten. + */ + public static final byte[] AID_SV_PERSONENDATEN = new byte[] { + (byte) 0xD0, (byte) 0x40, (byte) 0x00, (byte) 0x00, + (byte) 0x17, (byte) 0x01, (byte) 0x01, (byte) 0x01 + }; + + /** + * File ID Grunddaten ({@link #AID_SV_PERSONENDATEN}). + */ + public static final byte[] FID_GRUNDDATEN = new byte[] { + (byte) 0xEF, (byte) 0x01 + }; + + /** + * File ID EHIC ({@link #AID_SV_PERSONENDATEN}). + */ + public static final byte[] FID_EHIC = new byte[] { + (byte) 0xEF, (byte) 0x02 + }; + + /** + * File ID Status ({@link #AID_SV_PERSONENDATEN}). + */ + public static final byte[] FID_SV_PERSONENBINDUNG = new byte[] { + (byte) 0xEF, (byte) 0x03 + }; + + /** + * File ID Status ({@link #AID_SV_PERSONENDATEN}). + */ + public static final byte[] FID_STATUS = new byte[] { + (byte) 0xEF, (byte) 0x04 + }; + public static final byte[] AID_INFOBOX = new byte[] { (byte) 0xd0, (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x18, (byte) 0x01 }; @@ -126,85 +161,134 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard super("at/gv/egiz/smcc/STARCOSCard"); } - /* (non-Javadoc) - * @see at.gv.egiz.smcc.SignatureCard#getCertificate(at.gv.egiz.smcc.SignatureCard.KeyboxName) - */ @Override public byte[] getCertificate(KeyboxName keyboxName) throws SignatureCardException, InterruptedException { - byte[] aid; - byte[] efc; - if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - aid = AID_DF_SS; - efc = EF_C_X509_CH_DS; - } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - aid = AID_DF_GS; - efc = EF_C_X509_CH_AUT; - } else { - throw new IllegalArgumentException("Keybox " + keyboxName - + " not supported."); - } + try { + + if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { + + try { + getCard().beginExclusive(); + return readTLVFile(AID_DF_SS, EF_C_X509_CH_DS, 2000); + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } finally { + getCard().endExclusive(); + } + + } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - log.debug("Get certificate for keybox '" + keyboxName.getKeyboxName() + "'" + - " (AID=" + toString(aid) + " EF=" + toString(efc) + ")."); + try { + getCard().beginExclusive(); + return readTLVFile(AID_DF_GS, EF_C_X509_CH_AUT, 2000); + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } finally { + getCard().endExclusive(); + } - try { - Card card = getCardChannel().getCard(); - try { - card.beginExclusive(); - return readTLVFile(aid, efc, 2000); - } catch (FileNotFoundException e) { - // if certificate is not present, - // the citizen card application has not been activated - throw new NotActivatedException(); - } finally { - card.endExclusive(); + } else { + throw new IllegalArgumentException("Keybox " + keyboxName + + " not supported."); } + } catch (CardException e) { - throw new SignatureCardException("Failed to get exclusive card access."); + log.warn(e); + throw new SignatureCardException("Failed to access card.", e); } - - } - /* (non-Javadoc) - * @see at.gv.egiz.smcc.SignatureCard#getInfobox(java.lang.String, at.gv.egiz.smcc.PINProvider, java.lang.String) - */ + } + @Override public byte[] getInfobox(String infobox, PINProvider provider, String domainId) throws SignatureCardException, InterruptedException { - if ("IdentityLink".equals(infobox)) { - - PINSpec spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("card.pin.name")); - - try { - Card card = getCardChannel().getCard(); + try { + if ("IdentityLink".equals(infobox)) { + + PINSpec spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("card.pin.name")); + + int retries = -1; + String pin = null; + boolean pinRequiered = false; + + do { + if (pinRequiered) { + pin = provider.providePIN(spec, retries); + if (pin == null) { + throw new CancelledException(); + } + } + try { + getCard().beginExclusive(); + return readTLVFile(AID_INFOBOX, EF_INFOBOX, pin, KID_PIN_CARD, 2000); + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } catch (SecurityStatusNotSatisfiedException e) { + pinRequiered = true; + retries = verifyPIN(null, KID_PIN_CARD); + } catch (VerificationFailedException e) { + pinRequiered = true; + retries = e.getRetries(); + } finally { + getCard().endExclusive(); + } + } while (retries != 0); + + throw new LockedException(); + + + } else if ("EHIC".equals(infobox)) { + try { - card.beginExclusive(); - return readTLVFilePIN(AID_INFOBOX, EF_INFOBOX, KID_PIN_CARD, - provider, spec, 2000); - } catch (FileNotFoundException e) { - // if certificate is not present, - // the citizen card application has not been activated - throw new NotActivatedException(); + getCard().beginExclusive(); + return readTLVFile(AID_SV_PERSONENDATEN, FID_EHIC, 126); } finally { - card.endExclusive(); + getCard().endExclusive(); } - } catch (CardException e) { - throw new SignatureCardException("Failed to get exclusive card access."); + + } else if ("Grunddaten".equals(infobox)) { + + try { + getCard().beginExclusive(); + return readTLVFile(AID_SV_PERSONENDATEN, FID_GRUNDDATEN, 550); + } finally { + getCard().endExclusive(); + } + + } else if ("SV-Personenbindung".equals(infobox)) { + + try { + getCard().beginExclusive(); + return readTLVFile(AID_SV_PERSONENDATEN, FID_SV_PERSONENBINDUNG, 500); + } finally { + getCard().endExclusive(); + } + + } else if ("Status".equals(infobox)) { + + try { + getCard().beginExclusive(); + return readRecords(AID_SV_PERSONENDATEN, FID_STATUS, 1, 5); + } finally { + getCard().endExclusive(); + } + + } else { + throw new IllegalArgumentException("Infobox '" + infobox + + "' not supported."); } - } else { - throw new IllegalArgumentException("Infobox '" + infobox - + "' not supported."); + } catch (CardException e) { + log.warn(e); + throw new SignatureCardException("Failed to access card.", e); } } - /* (non-Javadoc) - * @see at.gv.egiz.smcc.SignatureCard#createSignature(byte[], at.gv.egiz.smcc.SignatureCard.KeyboxName, at.gv.egiz.smcc.PINProvider) - */ + @Override public byte[] createSignature(byte[] hash, KeyboxName keyboxName, PINProvider provider) throws SignatureCardException, InterruptedException { @@ -212,72 +296,115 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard throw new IllegalArgumentException("Hash value must be of length 20."); } - byte[] aid; - byte kid; - byte[] dst; - PINSpec spec; - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) { - aid = AID_DF_SS; - kid = KID_PIN_SS; - dst = DST_SS; - spec = new PINSpec(6, 10, "[0-9]", getResourceBundle().getString("sig.pin.name")); - - } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) { - aid = AID_DF_GS; - kid = KID_PIN_CARD; - dst = DST_GS; - spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("card.pin.name")); - - } else { - throw new IllegalArgumentException("KeyboxName '" + keyboxName - + "' not supported."); - } - try { - Card card = getCardChannel().getCard(); - try { - card.beginExclusive(); - - // SELECT MF - selectMF(); - // SELECT DF - selectFileAID(aid); - // VERIFY - verifyPIN(provider, spec, kid); - // MSE: SET DST - mseSetDST(dst); - // PSO: HASH - psoHash(hash); - // PSO: COMPUTE DIGITAL SIGNATURE - return psoComputDigitalSiganture(); - - - } catch (FileNotFoundException e) { - // if certificate is not present, - // the citizen card application has not been activated - throw new NotActivatedException(); - } finally { - card.endExclusive(); + + if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) { + + PINSpec spec = new PINSpec(6, 10, "[0-9]", getResourceBundle().getString("sig.pin.name")); + + int retries = -1; + String pin = null; + + do { + try { + getCard().beginExclusive(); + selectFileAID(AID_DF_SS); + retries = verifyPIN(null, KID_PIN_SS); + } finally { + getCard().endExclusive(); + } + pin = provider.providePIN(spec, retries); + if (pin == null) { + throw new CancelledException(); + } + try { + getCard().beginExclusive(); + return createSignature(hash, AID_DF_SS, pin, KID_PIN_SS, DST_SS); + } catch (VerificationFailedException e) { + retries = e.getRetries(); + } finally { + getCard().endExclusive(); + } + } while (retries != 0); + + throw new LockedException(); + + + } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) { + + PINSpec spec = new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("card.pin.name")); + + int retries = -1; + String pin = null; + boolean pinRequiered = false; + + do { + if (pinRequiered) { + pin = provider.providePIN(spec, retries); + if (pin == null) { + throw new CancelledException(); + } + } + try { + getCard().beginExclusive(); + return createSignature(hash, AID_DF_GS, pin, KID_PIN_CARD, DST_GS); + } catch (FileNotFoundException e) { + throw new NotActivatedException(); + } catch (SecurityStatusNotSatisfiedException e) { + pinRequiered = true; + retries = verifyPIN(null, KID_PIN_CARD); + } catch (VerificationFailedException e) { + pinRequiered = true; + retries = e.getRetries(); + } finally { + getCard().endExclusive(); + } + } while (retries != 0); + + throw new LockedException(); + + } else { + throw new IllegalArgumentException("KeyboxName '" + keyboxName + + "' not supported."); } + } catch (CardException e) { - throw new SignatureCardException("Failed to get exclusive card access."); + log.warn(e); + throw new SignatureCardException("Failed to access card.", e); } } - protected byte[] selectFileAID(byte[] fid) throws CardException, SignatureCardException { + protected ResponseAPDU selectFileFID(byte[] fid) throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); - ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0xA4, 0x04, + return transmit(channel, new CommandAPDU(0x00, 0xA4, 0x02, 0x04, fid, 256)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("Failed to select file (AID=" - + toString(fid) + "): SW=" + Integer.toHexString(resp.getSW()) + "."); - } else { - return resp.getBytes(); + } + + private byte[] createSignature(byte[] hash, byte[] aid, String pin, byte kid, + byte[] dst) throws CardException, SignatureCardException { + + // SELECT MF + selectMF(); + // SELECT DF + selectFileAID(aid); + // VERIFY + int retries = verifyPIN(pin, kid); + if (retries != -1) { + throw new VerificationFailedException(retries); } + // MSE: SET DST + mseSetDST(dst); + // PSO: HASH + psoHash(hash); + // PSO: COMPUTE DIGITAL SIGNATURE + return psoComputDigitalSiganture(); + + } - void selectMF() throws CardException, SignatureCardException { + + private void selectMF() throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0xA4, 0x00, 0x0C)); @@ -287,13 +414,7 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard } } - protected ResponseAPDU selectFileFID(byte[] fid) throws CardException, SignatureCardException { - CardChannel channel = getCardChannel(); - return transmit(channel, new CommandAPDU(0x00, 0xA4, 0x02, - 0x04, fid, 256)); - } - - void mseSetDST(byte[] dst) throws CardException, SignatureCardException { + private void mseSetDST(byte[] dst) throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0x22, 0x41, 0xB6, dst)); @@ -303,7 +424,7 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard } } - void psoHash(byte[] hash) throws CardException, SignatureCardException { + private void psoHash(byte[] hash) throws CardException, SignatureCardException { byte[] data = new byte[hash.length + 2]; data[0] = (byte) 0x90; // tag data[1] = (byte) (hash.length); // length @@ -318,7 +439,7 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard } } - byte[] psoComputDigitalSiganture() throws CardException, + private byte[] psoComputDigitalSiganture() throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); ResponseAPDU resp = transmit(channel, new CommandAPDU(0x00, 0x2A, 0x9E, @@ -353,7 +474,8 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard * @throws SignatureCardException * if VERIFY PIN fails */ - private int verifyPIN(String pin, byte kid) throws CardException, SignatureCardException { + @Override + protected int verifyPIN(String pin, byte kid) throws CardException, SignatureCardException { CardChannel channel = getCardChannel(); @@ -385,6 +507,8 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard } else if (resp.getSW1() == 0x63 && resp.getSW2() >> 4 == 0xc) { // return number of possible retries return resp.getSW2() & 0x0f; + } else if (resp.getSW() == 0x6983) { + throw new LockedException(); } else if (resp.getSW() == 0x6984) { // PIN LCS = "Initialized" (-> not activated) throw new NotActivatedException("PIN not set."); @@ -397,26 +521,8 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard } - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#verifyPIN(at.gv.egiz.smcc.PINProvider, at.gv.egiz.smcc.PINSpec, byte, int) - */ - protected void verifyPIN(PINProvider pinProvider, PINSpec spec, byte kid) - throws CardException, SignatureCardException, InterruptedException { - - int retries = verifyPIN(null, kid); - do { - String pin = pinProvider.providePIN(spec, retries); - if (pin == null) { - // user canceled operation - throw new CancelledException("User canceld operation."); - } - retries = verifyPIN(pin, kid); - } while (retries > 0); - - } - public String toString() { - return "eCard"; + return "e-card"; } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java b/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java new file mode 100644 index 00000000..bf0af76c --- /dev/null +++ b/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java @@ -0,0 +1,38 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.smcc; + +public class SecurityStatusNotSatisfiedException extends SignatureCardException { + + private static final long serialVersionUID = 1L; + + public SecurityStatusNotSatisfiedException() { + } + + public SecurityStatusNotSatisfiedException(String message, Throwable cause) { + super(message, cause); + } + + public SecurityStatusNotSatisfiedException(String message) { + super(message); + } + + public SecurityStatusNotSatisfiedException(Throwable cause) { + super(cause); + } + +} diff --git a/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java b/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java new file mode 100644 index 00000000..fa066ff9 --- /dev/null +++ b/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java @@ -0,0 +1,65 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.smcc; + +public class VerificationFailedException extends SignatureCardException { + + private static final long serialVersionUID = 1L; + + public static final int UNKNOWN = -1; + + private int retries = UNKNOWN; + + public VerificationFailedException() { + } + + public VerificationFailedException(String message, Throwable cause) { + super(message, cause); + } + + public VerificationFailedException(String message) { + super(message); + } + + public VerificationFailedException(Throwable cause) { + super(cause); + } + + public VerificationFailedException(int retries) { + this.retries = retries; + } + + public VerificationFailedException(int retries, String message, Throwable cause) { + super(message, cause); + this.retries = retries; + } + + public VerificationFailedException(int retries, String message) { + super(message); + this.retries = retries; + } + + public VerificationFailedException(int retries, Throwable cause) { + super(cause); + this.retries = retries; + } + + public int getRetries() { + return retries; + } + +} diff --git a/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java index 13210540..090e1181 100644 --- a/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java +++ b/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java @@ -19,6 +19,8 @@ package at.gv.egiz.smcc; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.PrintWriter; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Locale; @@ -27,6 +29,8 @@ import javax.smartcardio.CardException; import javax.smartcardio.CommandAPDU; import javax.smartcardio.ResponseAPDU; +import sun.misc.HexDumpEncoder; + import at.gv.egiz.smcc.SignatureCard.KeyboxName; import at.gv.egiz.smcc.util.SMCCHelper; @@ -34,10 +38,9 @@ public class STARCOSCardTest { /** * @param args - * @throws CardException - * @throws NoSuchAlgorithmException + * @throws Exception */ - public static void main(String[] args) throws CardException, NoSuchAlgorithmException, InterruptedException { + public static void main(String[] args) throws Exception { SMCCHelper helper = new SMCCHelper(); while (helper.getResultCode() != SMCCHelper.CARD_FOUND) { @@ -55,18 +58,41 @@ public class STARCOSCardTest { System.out.println("Found '" + signatureCard + "'."); try { -// signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR); -// signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR); -// signatureCard.getInfobox("IdentityLink", new CommandLinePINProvider(), null); +// printJavaByteArray( +// signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR), System.out); +// printJavaByteArray( +// signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR), System.out); +// System.out. println(new String(signatureCard.getInfobox("IdentityLink", new CommandLinePINProvider(), null))); +// byte[] infobox = signatureCard.getInfobox("Status", new CommandLinePINProvider(), null); +// printJavaByteArray(infobox, System.out); MessageDigest messageDigest = MessageDigest.getInstance("SHA-1"); byte[] digest = messageDigest.digest("test".getBytes()); - signatureCard.createSignature(digest, KeyboxName.CERITIFIED_KEYPAIR, new CommandLinePINProvider()); + byte[] signature = signatureCard.createSignature(digest, KeyboxName.SECURE_SIGNATURE_KEYPAIR, new CommandLinePINProvider()); + printJavaByteArray(signature, System.out); } catch (SignatureCardException e) { e.printStackTrace(); } } + public static void printJavaByteArray(byte[] bytes, OutputStream os) { + + PrintWriter w = new PrintWriter(os); + + w.write("new byte[] {"); + for (int i = 0; i < bytes.length;) { + if (i % 8 == 0) { + w.write("\n "); + } + w.write("(byte) 0x" + Integer.toHexString(0x0F & (bytes[i] >> 4)) + Integer.toHexString(0x0F & bytes[i])); + if (++i < bytes.length) { + w.write(", "); + } + } + w.write("\n};"); + w.flush(); + } + private static class CommandLinePINProvider implements PINProvider { @Override diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java index 04f179e7..5a54e97f 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java @@ -103,6 +103,9 @@ public class InfoBoxReadRequestHandler extends AbstractRequestHandler implements stalResp.setInfoboxValue(resp); return stalResp; } + } catch (IllegalArgumentException e) { + log.info("Infobox " + infoBox.getInfoboxIdentifier() + " not supported."); + return new ErrorResponse(4002); } catch (NotActivatedException e) { log.info("Citizen card not activated.", e); gui.showErrorDialog(BKUGUIFacade.ERR_CARD_NOTACTIVATED, null, this, null); -- cgit v1.2.3 From 77a19e106e4128c21dd2d1270fdc8d930e415247 Mon Sep 17 00:00:00 2001 From: wbauer Date: Thu, 18 Dec 2008 08:58:39 +0000 Subject: Fixed BUG #366, changed applet name in BKUOnline to have no version number git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@253 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/online/applet/AppletBKUWorker.java | 59 ++++-- .../online/applet/InternalSSLSocketFactory.java | 235 +++++++++++---------- .../conf/certs/CACerts/A-CERT GLOBALTRUST.cer | Bin 0 -> 1561 bytes .../local/conf/certs/certStore/A-CERT ADVANCED.cer | Bin 0 -> 1751 bytes .../conf/certs/certStore/A-CERT GLOBALTRUST.cer | Bin 0 -> 1561 bytes .../conf/certs/certStore/A-Trust-Qual-01a.cer | Bin 0 -> 1111 bytes .../conf/certs/certStore/A-Trust-Qual-02a.cer | Bin 0 -> 975 bytes .../conf/certs/certStore/A-Trust-Qual-03a.cer | Bin 0 -> 975 bytes .../conf/certs/certStore/A-Trust-nQual-01a.cer | Bin 0 -> 865 bytes .../conf/certs/certStore/A-Trust-nQual-03.cer | Bin 0 -> 979 bytes BKUOnline/pom.xml | 1 + .../egiz/bku/online/webapp/BKURequestHandler.java | 60 ++++-- .../webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar | Bin 182140 -> 0 bytes BKUOnline/src/main/webapp/appletPage.jsp | 2 +- .../accesscontroller/AuthenticationClassifier.java | 3 +- .../test/java/at/gv/egiz/smcc/SMCCApplication.java | 49 ----- .../test/java/at/gv/egiz/smcc/STARCOSCardTest.java | 121 ----------- smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java | 66 ------ 18 files changed, 197 insertions(+), 399 deletions(-) create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer create mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer delete mode 100644 BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar delete mode 100644 smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java delete mode 100644 smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java delete mode 100644 smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java (limited to 'bkucommon/src/main') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java index 03e4b7c9..9fc21df8 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java @@ -38,7 +38,7 @@ import java.util.List; import javax.xml.namespace.QName; /** - * + * * @author Clemens Orthacker */ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { @@ -48,7 +48,8 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { protected String sessionId; protected STALPortType stalPort; - public AppletBKUWorker(BKUGUIFacade gui, AppletContext ctx, AppletParameterProvider paramProvider) { + public AppletBKUWorker(BKUGUIFacade gui, AppletContext ctx, + AppletParameterProvider paramProvider) { super(gui); if (ctx == null) { throw new NullPointerException("Applet context not provided"); @@ -76,7 +77,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { actionCommandList.clear(); actionCommandList.add("ok"); gui.showErrorDialog(BKUGUIFacade.ERR_SERVICE_UNREACHABLE, - new Object[]{e.getMessage()}); + new Object[] { e.getMessage() }); try { waitForAction(); } catch (InterruptedException e1) { @@ -92,8 +93,10 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { GetNextRequestResponseType nextRequestResp = stalPort.connect(sessionId); do { - List requests = nextRequestResp.getInfoboxReadRequestOrSignRequestOrQuitRequest(); - List stalRequests = STALTranslator.translateRequests(requests); + List requests = nextRequestResp + .getInfoboxReadRequestOrSignRequestOrQuitRequest(); + List stalRequests = STALTranslator + .translateRequests(requests); if (log.isInfoEnabled()) { StringBuilder sb = new StringBuilder("Received "); @@ -142,64 +145,76 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { } if (!finished) { - log.info("Not finished yet (BKUWorker: " + this + "), sending responses"); + log.info("Not finished yet (BKUWorker: " + this + + "), sending responses"); GetNextRequestType nextRequest = of.createGetNextRequestType(); nextRequest.setSessionId(sessionId); - nextRequest.getInfoboxReadResponseOrSignResponseOrErrorResponse().addAll(responses); + nextRequest.getInfoboxReadResponseOrSignResponseOrErrorResponse() + .addAll(responses); nextRequestResp = stalPort.getNextRequest(nextRequest); } } while (!finished); log.info("Done " + Thread.currentThread().getName()); } catch (Exception ex) { log.error(ex.getMessage(), ex); - gui.showErrorDialog(BKUGUIFacade.ERR_UNKNOWN, new Object[]{ex.getMessage()}); + gui.showErrorDialog(BKUGUIFacade.ERR_UNKNOWN, new Object[] { ex + .getMessage() }); try { waitForAction(); } catch (InterruptedException e) { log.error(e); } - } - if (signatureCard != null) { - signatureCard.disconnect(false); + if (signatureCard != null) { + signatureCard.disconnect(false); + } } sendRedirect(); } protected void sendRedirect() { try { - URL redirectURL = params.getURLParameter(BKUApplet.REDIRECT_URL, sessionId); - String redirectTarget = params.getAppletParameter(BKUApplet.REDIRECT_TARGET); + URL redirectURL = params.getURLParameter(BKUApplet.REDIRECT_URL, + sessionId); + String redirectTarget = params + .getAppletParameter(BKUApplet.REDIRECT_TARGET); if (redirectTarget == null) { log.info("Done. Redirecting to " + redirectURL + " ..."); ctx.showDocument(redirectURL); } else { - log.info("Done. Redirecting to " + redirectURL + " (target=" + redirectTarget + ") ..."); + log.info("Done. Redirecting to " + redirectURL + " (target=" + + redirectTarget + ") ..."); ctx.showDocument(redirectURL, redirectTarget); } } catch (MalformedURLException ex) { log.warn("Failed to redirect: " + ex.getMessage(), ex); - // gui.showErrorDialog(errorMsg, okListener, actionCommand) + // gui.showErrorDialog(errorMsg, okListener, actionCommand) } } private STALPortType getSTALPort() throws MalformedURLException { URL wsdlURL = params.getURLParameter(BKUApplet.WSDL_URL); log.debug("STAL WSDL at " + wsdlURL); - QName endpointName = new QName(BKUApplet.STAL_WSDL_NS, BKUApplet.STAL_SERVICE); + QName endpointName = new QName(BKUApplet.STAL_WSDL_NS, + BKUApplet.STAL_SERVICE); STALService stal = new STALService(wsdlURL, endpointName); return stal.getSTALPort(); } private void registerSignRequestHandler() throws MalformedURLException { - String hashDataDisplayStyle = params.getAppletParameter(BKUApplet.HASHDATA_DISPLAY); + String hashDataDisplayStyle = params + .getAppletParameter(BKUApplet.HASHDATA_DISPLAY); if (BKUApplet.HASHDATA_DISPLAY_BROWSER.equals(hashDataDisplayStyle)) { - URL hashDataURL = params.getURLParameter(BKUApplet.HASHDATA_URL, sessionId); + URL hashDataURL = params.getURLParameter(BKUApplet.HASHDATA_URL, + sessionId); log.debug("register SignRequestHandler for HashDataURL " + hashDataURL); - addRequestHandler(SignRequest.class, new BrowserHashDataDisplay(ctx, hashDataURL)); + addRequestHandler(SignRequest.class, new BrowserHashDataDisplay(ctx, + hashDataURL)); } else { - //BKUApplet.HASHDATA_DISPLAY_FRAME - log.debug("register SignRequestHandler for STAL port " + BKUApplet.WSDL_URL); - AppletHashDataDisplay handler = new AppletHashDataDisplay(stalPort, sessionId); + // BKUApplet.HASHDATA_DISPLAY_FRAME + log.debug("register SignRequestHandler for STAL port " + + BKUApplet.WSDL_URL); + AppletHashDataDisplay handler = new AppletHashDataDisplay(stalPort, + sessionId); addRequestHandler(SignRequest.class, handler); } } diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java index c3417d63..a02e56eb 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/InternalSSLSocketFactory.java @@ -36,121 +36,122 @@ import org.apache.commons.logging.LogFactory; public class InternalSSLSocketFactory extends SSLSocketFactory { - private final static String GOV_DOMAIN = ".gv.at"; - - private static InternalSSLSocketFactory instance = new InternalSSLSocketFactory(); - - private final static Log log = LogFactory - .getLog(InternalSSLSocketFactory.class); - - private SSLSocket sslSocket; - - private SSLSocketFactory proxy; - - private InternalSSLSocketFactory() { - proxy = HttpsURLConnection.getDefaultSSLSocketFactory(); - } - - public static InternalSSLSocketFactory getInstance() { - return instance; - } - - @Override - public Socket createSocket() throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(); - return sslSocket; - } - - @Override - public Socket createSocket(String arg0, int arg1) throws IOException, - UnknownHostException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); - - return sslSocket; - } - - @Override - public Socket createSocket(InetAddress arg0, int arg1) throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); - return sslSocket; - } - - @Override - public Socket createSocket(String arg0, int arg1, InetAddress arg2, int arg3) - throws IOException, UnknownHostException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); - return sslSocket; - } - - @Override - public Socket createSocket(InetAddress arg0, int arg1, InetAddress arg2, - int arg3) throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); - return sslSocket; - } - - @Override - public Socket createSocket(Socket arg0, String arg1, int arg2, boolean arg3) - throws IOException { - sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); - return sslSocket; - } - - @Override - public String[] getDefaultCipherSuites() { - return proxy.getDefaultCipherSuites(); - } - - @Override - public String[] getSupportedCipherSuites() { - return proxy.getSupportedCipherSuites(); - } - - public boolean isEgovAgency() { - log.info("Checking if server is egov agency"); - if (sslSocket != null) { - try { - X509Certificate cert = (X509Certificate) sslSocket.getSession() - .getPeerCertificates()[0]; - log.info("Server cert: " + cert); - return isGovAgency(cert); - } catch (SSLPeerUnverifiedException e) { - log.error(e); - return false; - } - } - log.info("Not a SSL connection"); - return false; - } - - public static boolean isGovAgency(X509Certificate cert) { - String[] rdns = (cert.getSubjectX500Principal().getName()).split(","); - for (String rdn : rdns) { - if (rdn.startsWith("CN=")) { - String dns = rdn.split("=")[1]; - if (dns.endsWith(GOV_DOMAIN)) { - return true; - } - } - } - try { - Collection> sanList = cert.getSubjectAlternativeNames(); - if (sanList != null) { - for (List san : sanList) { - if ((Integer) san.get(0) == 2) { - String dns = (String) san.get(1); - if (dns.endsWith(GOV_DOMAIN)) { - return true; - } - } - } - } - } catch (CertificateParsingException e) { - log.error(e); - } - if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) { - return true; - } - return false; - } + private final static String GOV_DOMAIN = ".gv.at"; + + private static InternalSSLSocketFactory instance = new InternalSSLSocketFactory(); + + private final static Log log = LogFactory + .getLog(InternalSSLSocketFactory.class); + + private SSLSocket sslSocket; + + private SSLSocketFactory proxy; + + private InternalSSLSocketFactory() { + proxy = HttpsURLConnection.getDefaultSSLSocketFactory(); + } + + public static InternalSSLSocketFactory getInstance() { + return instance; + } + + @Override + public Socket createSocket() throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(); + return sslSocket; + } + + @Override + public Socket createSocket(String arg0, int arg1) throws IOException, + UnknownHostException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); + + return sslSocket; + } + + @Override + public Socket createSocket(InetAddress arg0, int arg1) throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1); + return sslSocket; + } + + @Override + public Socket createSocket(String arg0, int arg1, InetAddress arg2, int arg3) + throws IOException, UnknownHostException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); + return sslSocket; + } + + @Override + public Socket createSocket(InetAddress arg0, int arg1, InetAddress arg2, + int arg3) throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); + return sslSocket; + } + + @Override + public Socket createSocket(Socket arg0, String arg1, int arg2, boolean arg3) + throws IOException { + sslSocket = (SSLSocket) proxy.createSocket(arg0, arg1, arg2, arg3); + return sslSocket; + } + + @Override + public String[] getDefaultCipherSuites() { + return proxy.getDefaultCipherSuites(); + } + + @Override + public String[] getSupportedCipherSuites() { + return proxy.getSupportedCipherSuites(); + } + + public boolean isEgovAgency() { + log.info("Checking if server is egov agency"); + if (sslSocket != null) { + try { + X509Certificate cert = (X509Certificate) sslSocket.getSession() + .getPeerCertificates()[0]; + log.info("Server cert: " + cert); + return isGovAgency(cert); + } catch (SSLPeerUnverifiedException e) { + log.error(e); + return false; + } + } + log.info("Not a SSL connection"); + return false; + } + + public static boolean isGovAgency(X509Certificate cert) { + String[] rdns = (cert.getSubjectX500Principal().getName()).split(","); + for (String rdn : rdns) { + if (rdn.startsWith("CN=")) { + String dns = rdn.split("=")[1]; + if (dns.endsWith(GOV_DOMAIN)) { + return true; + } + } + } + try { + Collection> sanList = cert.getSubjectAlternativeNames(); + if (sanList != null) { + for (List san : sanList) { + if ((Integer) san.get(0) == 2) { + String dns = (String) san.get(1); + if (dns.endsWith(GOV_DOMAIN)) { + return true; + } + } + } + } + } catch (CertificateParsingException e) { + log.error(e); + } + if ((cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) + || (cert.getExtensionValue("1.2.40.0.10.1.1.2") != null)) { + return true; + } + return false; + } } diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer new file mode 100644 index 00000000..9a25e57d Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/CACerts/A-CERT GLOBALTRUST.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer new file mode 100644 index 00000000..66ff251b Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT ADVANCED.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer new file mode 100644 index 00000000..9a25e57d Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-CERT GLOBALTRUST.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer new file mode 100644 index 00000000..f9fef65f Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-01a.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer new file mode 100644 index 00000000..36a442b8 Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-02a.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer new file mode 100644 index 00000000..ab9e0cd7 Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-Qual-03a.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer new file mode 100644 index 00000000..efa28178 Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-01a.cer differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer new file mode 100644 index 00000000..33e77636 Binary files /dev/null and b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/certs/certStore/A-Trust-nQual-03.cer differ diff --git a/BKUOnline/pom.xml b/BKUOnline/pom.xml index 1ea2c1a1..5e6ac8ad 100644 --- a/BKUOnline/pom.xml +++ b/BKUOnline/pom.xml @@ -121,6 +121,7 @@ --> at.gv.egiz BKUApplet + true true diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index 3aa6bc19..12166a5a 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -24,6 +24,7 @@ import java.util.HashMap; import java.util.Locale; import java.util.Map; +import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -32,12 +33,12 @@ import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.bku.binding.BindingProcessor; import at.gv.egiz.bku.binding.HTTPBindingProcessor; import at.gv.egiz.bku.binding.HttpUtil; import at.gv.egiz.bku.binding.IdFactory; import at.gv.egiz.bku.utils.StreamUtil; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; -import javax.servlet.RequestDispatcher; /** * Handles SL requests and instantiates BindingProcessors @@ -52,7 +53,8 @@ public class BKURequestHandler extends SpringBKUServlet { protected Log log = LogFactory.getLog(BKURequestHandler.class); - private static String getStringFromStream(InputStream is, String encoding) throws IOException { + private static String getStringFromStream(InputStream is, String encoding) + throws IOException { if (is == null) { return null; } @@ -63,8 +65,7 @@ public class BKURequestHandler extends SpringBKUServlet { StreamUtil.copyStream(is, os); return new String(os.toByteArray(), encoding); } - - + protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { log.debug("Got new request"); @@ -75,21 +76,28 @@ public class BKURequestHandler extends SpringBKUServlet { HttpSession session = req.getSession(false); if (session != null) { log.warn("Already a session with id: " + session.getId() - + " active, continuing"); - RequestDispatcher dispatcher = getServletContext().getNamedDispatcher(BKU_APPLET_JSP); - log.debug("forward to applet"); - dispatcher.forward(req, resp); - return; + + " active, trying to get Bindingprocessor"); + BindingProcessor bp = getBindingProcessorManager().getBindingProcessor( + IdFactory.getInstance().createId(session.getId())); + if (bp != null) { + log.debug("Found binding processor, using this one"); + RequestDispatcher dispatcher = getServletContext().getNamedDispatcher( + BKU_APPLET_JSP); + log.debug("forward to applet"); + dispatcher.forward(req, resp); + return; + } + log.debug("Did not find a binding processor, creating new ..."); } session = req.getSession(true); if (log.isDebugEnabled()) { log.debug("Using session id: " + session.getId()); } - - HTTPBindingProcessor bindingProcessor; + HTTPBindingProcessor bindingProcessor; bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor(req.getRequestURL().toString(), session.getId(), locale); + .createBindingProcessor(req.getRequestURL().toString(), + session.getId(), locale); Map headerMap = new HashMap(); for (Enumeration headerName = req.getHeaderNames(); headerName @@ -109,14 +117,20 @@ public class BKURequestHandler extends SpringBKUServlet { bindingProcessor.consumeRequestStream(req.getInputStream()); req.getInputStream().close(); getBindingProcessorManager().process(bindingProcessor); - + log.trace("Trying to find applet parameters in request"); - String width = getStringFromStream(bindingProcessor.getFormData("appletWidth"), charset); - String height = getStringFromStream(bindingProcessor.getFormData("appletHeight"), charset); - String background = getStringFromStream(bindingProcessor.getFormData("appletBackground"), charset); - String guiStyle = getStringFromStream(bindingProcessor.getFormData("appletGuiStyle"), charset); - String hashDataDisplay = getStringFromStream(bindingProcessor.getFormData("appletHashDataDisplay"), charset); - String localeFormParam = getStringFromStream(bindingProcessor.getFormData("locale"), charset); + String width = getStringFromStream(bindingProcessor + .getFormData("appletWidth"), charset); + String height = getStringFromStream(bindingProcessor + .getFormData("appletHeight"), charset); + String background = getStringFromStream(bindingProcessor + .getFormData("appletBackground"), charset); + String guiStyle = getStringFromStream(bindingProcessor + .getFormData("appletGuiStyle"), charset); + String hashDataDisplay = getStringFromStream(bindingProcessor + .getFormData("appletHashDataDisplay"), charset); + String localeFormParam = getStringFromStream(bindingProcessor + .getFormData("locale"), charset); if (width != null) { try { log.trace("Found applet width parameter: " + width); @@ -148,7 +162,8 @@ public class BKURequestHandler extends SpringBKUServlet { session.setAttribute("appletHashDataDisplay", hashDataDisplay); } if (localeFormParam != null) { - log.debug("overrule accept-language locale " + locale + " with form param " + localeFormParam); + log.debug("overrule accept-language locale " + locale + + " with form param " + localeFormParam); locale = new Locale(localeFormParam); } if (locale != null) { @@ -156,8 +171,9 @@ public class BKURequestHandler extends SpringBKUServlet { session.setAttribute("locale", locale.toString()); } - //TODO error if no dispatcher found - RequestDispatcher dispatcher = getServletContext().getNamedDispatcher(BKU_APPLET_JSP); + // TODO error if no dispatcher found + RequestDispatcher dispatcher = getServletContext().getNamedDispatcher( + BKU_APPLET_JSP); log.debug("forward to applet"); dispatcher.forward(req, resp); } diff --git a/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar b/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar deleted file mode 100644 index 74f00509..00000000 Binary files a/BKUOnline/src/main/webapp/applet/BKUApplet-1.0.2-SNAPSHOT.jar and /dev/null differ diff --git a/BKUOnline/src/main/webapp/appletPage.jsp b/BKUOnline/src/main/webapp/appletPage.jsp index ee5f429c..b73ed2f4 100644 --- a/BKUOnline/src/main/webapp/appletPage.jsp +++ b/BKUOnline/src/main/webapp/appletPage.jsp @@ -47,7 +47,7 @@ var attributes = { codebase :'applet', code :'at.gv.egiz.bku.online.applet.BKUApplet.class', - archive :'BKUApplet-1.0.2-SNAPSHOT.jar, commons-logging-1.1.1.jar, iaik_jce_me4se-3.04.jar', + archive :'BKUApplet.jar, commons-logging-1.1.1.jar, iaik_jce_me4se-3.04.jar', width : <%=width%>, height :<%=height%> }; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java index ed4b9bda..61d3d7a5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java @@ -65,7 +65,8 @@ public class AuthenticationClassifier { } catch (CertificateParsingException e) { log.error(e); } - if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) { + if ((cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) + || (cert.getExtensionValue("1.2.40.0.10.1.1.2") != null)) { return true; } return false; diff --git a/smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java b/smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java deleted file mode 100644 index 4835865f..00000000 --- a/smcc/src/test/java/at/gv/egiz/smcc/SMCCApplication.java +++ /dev/null @@ -1,49 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.util.Locale; - -import org.junit.Ignore; - -import at.gv.egiz.smcc.util.SMCCHelper; - -@Ignore -public class SMCCApplication { - - /** - * @param args - */ - public static void main(String[] args) { - - SignatureCard sc = null; - SMCCHelper smccHelper = new SMCCHelper(); - while (smccHelper.getResultCode() != SMCCHelper.CARD_FOUND) { - System.out.println("Did not get a signature card ... "+smccHelper.getResultCode()); - smccHelper.update(); - try { - Thread.sleep(1000); - } catch (InterruptedException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - sc = smccHelper.getSignatureCard(Locale.getDefault()); - System.out.println("Found supported siganture card: "+sc); - } - -} diff --git a/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java deleted file mode 100644 index 7f421474..00000000 --- a/smcc/src/test/java/at/gv/egiz/smcc/STARCOSCardTest.java +++ /dev/null @@ -1,121 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.PrintWriter; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Locale; - -import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.junit.Ignore; - -import sun.misc.HexDumpEncoder; - -import at.gv.egiz.smcc.SignatureCard.KeyboxName; -import at.gv.egiz.smcc.util.SMCCHelper; - -@Ignore -public class STARCOSCardTest { - - /** - * @param args - * @throws Exception - */ - public static void main(String[] args) throws Exception { - - SMCCHelper helper = new SMCCHelper(); - while (helper.getResultCode() != SMCCHelper.CARD_FOUND) { - System.out.println("Did not get a signature card ... " + helper.getResultCode()); - helper.update(); - try { - Thread.sleep(1000); - } catch (InterruptedException e) { - e.printStackTrace(); - } - } - - SignatureCard signatureCard = helper.getSignatureCard(Locale.getDefault()); - - System.out.println("Found '" + signatureCard + "'."); - - try { -// printJavaByteArray( -// signatureCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR), System.out); -// printJavaByteArray( -// signatureCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR), System.out); -// System.out. println(new String(signatureCard.getInfobox("IdentityLink", new CommandLinePINProvider(), null))); -// byte[] infobox = signatureCard.getInfobox("Status", new CommandLinePINProvider(), null); -// printJavaByteArray(infobox, System.out); - MessageDigest messageDigest = MessageDigest.getInstance("SHA-1"); - byte[] digest = messageDigest.digest("test".getBytes()); - byte[] signature = signatureCard.createSignature(digest, KeyboxName.SECURE_SIGNATURE_KEYPAIR, new CommandLinePINProvider()); - printJavaByteArray(signature, System.out); - } catch (SignatureCardException e) { - e.printStackTrace(); - } - - } - - public static void printJavaByteArray(byte[] bytes, OutputStream os) { - - PrintWriter w = new PrintWriter(os); - - w.write("new byte[] {"); - for (int i = 0; i < bytes.length;) { - if (i % 8 == 0) { - w.write("\n "); - } - w.write("(byte) 0x" + Integer.toHexString(0x0F & (bytes[i] >> 4)) + Integer.toHexString(0x0F & bytes[i])); - if (++i < bytes.length) { - w.write(", "); - } - } - w.write("\n};"); - w.flush(); - } - - private static class CommandLinePINProvider implements PINProvider { - - @Override - public String providePIN(PINSpec spec, int retries) { - - InputStreamReader inputStreamReader = new InputStreamReader(System.in); - BufferedReader in = new BufferedReader(inputStreamReader); - - System.out.print("Enter " + spec.getLocalizedName() + " [" - + spec.getMinLength() + "-" + spec.getMaxLength() + "] (" + retries - + " retries):"); - - try { - return in.readLine(); - } catch (IOException e) { - return null; - } - - } - - } - -} diff --git a/smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java b/smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java deleted file mode 100644 index 115edc16..00000000 --- a/smcc/src/test/java/at/gv/egiz/smcc/SWCardTest.java +++ /dev/null @@ -1,66 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.math.BigInteger; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import org.junit.Ignore; - -import at.gv.egiz.smcc.SignatureCard.KeyboxName; - -@Ignore -public class SWCardTest implements PINProvider { - - SWCard swCard = new SWCard(); - - public static void main(String[] args) throws Exception { - - SWCardTest swCardTest = new SWCardTest(); - swCardTest.test(); - - } - - public void test() throws SignatureCardException, NoSuchAlgorithmException, InterruptedException { - - swCard.getCertificate(KeyboxName.CERITIFIED_KEYPAIR); - swCard.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR); - - BigInteger t = BigInteger.valueOf(System.currentTimeMillis()); - - MessageDigest messageDigest = MessageDigest.getInstance("SHA-1"); - byte[] hash = messageDigest.digest(t.toByteArray()); - - byte[] signature; - signature = swCard.createSignature(hash, KeyboxName.CERITIFIED_KEYPAIR, this); - System.out.println(SignatureCardFactory.toString(signature)); - - signature = swCard.createSignature(hash, KeyboxName.SECURE_SIGNATURE_KEYPAIR, this); - System.out.println(SignatureCardFactory.toString(signature)); - - byte[] infobox = swCard.getInfobox("IdentityLink", this, null); - System.out.println(SignatureCardFactory.toString(infobox)); - - } - - @Override - public String providePIN(PINSpec spec, int retries) { - return "buerger"; - } - -} -- cgit v1.2.3 From 3d0112fcd64ea80ad698861ce5d16e6de93c0bd5 Mon Sep 17 00:00:00 2001 From: wbauer Date: Wed, 21 Jan 2009 11:22:03 +0000 Subject: Fixed Bug #371 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@278 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/conf/Configurator.java | 8 + .../bku/slcommands/impl/xsect/SignatureTest.java | 14 ++ .../HTTPURLProtocolHandlerImpl.java | 182 ++++++++++++--------- .../bku/utils/urldereferencer/URLDereferencer.java | 20 ++- .../utils/urldereferencer/URLProtocolHandler.java | 9 +- 5 files changed, 156 insertions(+), 77 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 733b47dc..7f180ad0 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -43,6 +43,7 @@ import at.gv.egiz.bku.binding.DataUrlConnection; import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; public abstract class Configurator { private Log log = LogFactory.getLog(Configurator.class); @@ -270,6 +271,7 @@ public abstract class Configurator { sslCtx.init(km, new TrustManager[] { pkixTM }, null); } DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory()); + URLDereferencer.getInstance().setSSLSocketFactory(sslCtx.getSocketFactory()); } catch (Exception e) { log.error("Cannot configure SSL", e); } @@ -283,6 +285,12 @@ public abstract class Configurator { return true; } }); + URLDereferencer.getInstance().setHostnameVerifier(new HostnameVerifier() { + @Override + public boolean verify(String hostname, SSLSession session) { + return true; + } + }); } } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java index 9e34d9ae..78172dcb 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/xsect/SignatureTest.java @@ -33,6 +33,8 @@ import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.List; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; @@ -191,6 +193,18 @@ public class SignatureTest { } + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + // TODO Auto-generated method stub + + } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + // TODO Auto-generated method stub + } }); diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java index 8d01fad1..99f804b7 100644 --- a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java +++ b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java @@ -1,78 +1,112 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.utils.urldereferencer; - -import java.io.IOException; -import java.io.InputStream; -import java.net.HttpURLConnection; -import java.net.URL; -import java.security.InvalidParameterException; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class HTTPURLProtocolHandlerImpl implements URLProtocolHandler { - - private static Log log = LogFactory.getLog(HTTPURLProtocolHandlerImpl.class); - - public final static String HTTP = "http"; - public final static String HTTPS = "https"; - public final static String FORMDATA = "formdata"; - public final static String[] PROTOCOLS = { HTTP, HTTPS, FORMDATA }; - - public StreamData dereference(String aUrl, URLDereferencerContext aContext) - throws IOException { - String urlString = aUrl.toLowerCase().trim(); - if (urlString.startsWith(FORMDATA)) { - log.debug("Requested to dereference a formdata url"); - return dereferenceFormData(aUrl, aContext); - } - - URL url = new URL(aUrl); - if ((!HTTP.equalsIgnoreCase(url.getProtocol()) && (!HTTPS - .equalsIgnoreCase(url.getProtocol())))) { - throw new InvalidParameterException("Url " + aUrl + " not supported"); - } - return dereferenceHTTP(url); - } - + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.utils.urldereferencer; + +import java.io.IOException; +import java.io.InputStream; +import java.net.HttpURLConnection; +import java.net.URL; +import java.security.InvalidParameterException; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class HTTPURLProtocolHandlerImpl implements URLProtocolHandler { + + private static Log log = LogFactory.getLog(HTTPURLProtocolHandlerImpl.class); + + public final static String HTTP = "http"; + public final static String HTTPS = "https"; + public final static String FORMDATA = "formdata"; + public final static String[] PROTOCOLS = { HTTP, HTTPS, FORMDATA }; + + private HostnameVerifier hostnameVerifier; + private SSLSocketFactory sslSocketFactory; + + public StreamData dereference(String aUrl, URLDereferencerContext aContext) + throws IOException { + String urlString = aUrl.toLowerCase().trim(); + if (urlString.startsWith(FORMDATA)) { + log.debug("Requested to dereference a formdata url"); + return dereferenceFormData(aUrl, aContext); + } + + URL url = new URL(aUrl); + if ((!HTTP.equalsIgnoreCase(url.getProtocol()) && (!HTTPS + .equalsIgnoreCase(url.getProtocol())))) { + throw new InvalidParameterException("Url " + aUrl + " not supported"); + } + return dereferenceHTTP(url); + } + protected StreamData dereferenceHTTP(URL url) throws IOException { - log.debug("Dereferencing url: "+url); + log.debug("Dereferencing url: " + url); HttpURLConnection httpConn = (HttpURLConnection) url.openConnection(); - log.trace("Successfully opened connection"); - return new StreamData(url.toString(), httpConn.getContentType(), httpConn - .getInputStream()); - } - - protected StreamData dereferenceFormData(String aUrl, - URLDereferencerContext aContext) throws IOException { - log.debug("Dereferencing formdata url: " + aUrl); - String[] parts = aUrl.split(":", 2); - FormDataURLSupplier supplier = (FormDataURLSupplier) aContext - .getProperty(FormDataURLSupplier.PROPERTY_KEY_NAME); - if (supplier == null) { - throw new NullPointerException( - "No FormdataUrlSupplier found in provided context"); - } - String contentType = supplier.getFormDataContentType(parts[1]); - InputStream is = supplier.getFormData(parts[1]); - if (is != null) { - return new StreamData(aUrl, contentType, is); - } - return null; - } + if (httpConn instanceof HttpsURLConnection) { + log.trace("Detected ssl connection"); + HttpsURLConnection https = (HttpsURLConnection) httpConn; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } else { + log.trace("No custom socket factory set"); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + https.setHostnameVerifier(hostnameVerifier); + } + } else { + log.trace("No secure connection with: "+url+ " class="+httpConn.getClass()); + } + log.trace("Successfully opened connection"); + return new StreamData(url.toString(), httpConn.getContentType(), httpConn + .getInputStream()); + } + + protected StreamData dereferenceFormData(String aUrl, + URLDereferencerContext aContext) throws IOException { + log.debug("Dereferencing formdata url: " + aUrl); + String[] parts = aUrl.split(":", 2); + FormDataURLSupplier supplier = (FormDataURLSupplier) aContext + .getProperty(FormDataURLSupplier.PROPERTY_KEY_NAME); + if (supplier == null) { + throw new NullPointerException( + "No FormdataUrlSupplier found in provided context"); + } + String contentType = supplier.getFormDataContentType(parts[1]); + InputStream is = supplier.getFormData(parts[1]); + if (is != null) { + return new StreamData(aUrl, contentType, is); + } + return null; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + } \ No newline at end of file diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLDereferencer.java b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLDereferencer.java index d747753f..8853a9c1 100644 --- a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLDereferencer.java +++ b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLDereferencer.java @@ -20,6 +20,9 @@ import java.io.IOException; import java.net.MalformedURLException; import java.util.HashMap; import java.util.Map; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -37,7 +40,10 @@ public class URLDereferencer { private static URLDereferencer instance = new URLDereferencer(); private Map handlerMap = new HashMap(); - + + private HostnameVerifier hostnameVerifier; + private SSLSocketFactory sslSocketFactory; + private URLDereferencer() { registerHandlers(); } @@ -62,7 +68,9 @@ public class URLDereferencer { if (handler == null) { throw new MalformedURLException("No handler for protocol: " + protocol + " found"); - } + } + handler.setHostnameVerifier(hostnameVerifier); + handler.setSSLSocketFactory(sslSocketFactory); return handler.dereference(aUrl, aContext); } @@ -86,5 +94,13 @@ public class URLDereferencer { for (String proto : HTTPURLProtocolHandlerImpl.PROTOCOLS) { handlerMap.put(proto, handler); } + } + + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } + + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; } } \ No newline at end of file diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLProtocolHandler.java b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLProtocolHandler.java index f584f450..f886bd4e 100644 --- a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLProtocolHandler.java +++ b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/URLProtocolHandler.java @@ -18,6 +18,9 @@ package at.gv.egiz.bku.utils.urldereferencer; import java.io.IOException; import java.net.MalformedURLException; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; public interface URLProtocolHandler { @@ -28,5 +31,9 @@ public interface URLProtocolHandler { * @return the streamdata of this url or null if the url cannot be resolved. * @throws IOException */ - public StreamData dereference(String aUrl, URLDereferencerContext aContext) throws IOException; + public StreamData dereference(String aUrl, URLDereferencerContext aContext) throws IOException; + + public void setSSLSocketFactory(SSLSocketFactory socketFactory); + + public void setHostnameVerifier(HostnameVerifier hostnameVerifier); } \ No newline at end of file -- cgit v1.2.3 From 54aa4703e3d66c5b1a63b8d925fd4c9c1766687c Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 28 Jan 2009 19:40:11 +0000 Subject: activation git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@291 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUApplet/pom.xml | 74 +- .../gv/egiz/bku/online/applet/AppletBKUWorker.java | 74 +- .../bku/online/applet/AppletParameterProvider.java | 57 -- .../at/gv/egiz/bku/online/applet/BKUApplet.java | 106 ++- BKUApplet/src/test/resources/appletTest.html | 2 +- BKULocal/pom.xml | 2 +- .../at/gv/egiz/bku/local/stal/LocalBKUWorker.java | 1 - BKULocalApp/pom.xml | 6 +- BKUOnline/pom.xml | 108 ++- .../egiz/bku/online/webapp/BKURequestHandler.java | 3 + .../stal/service/impl/STALRequestBrokerImpl.java | 8 +- .../gv/egiz/stal/service/impl/STALServiceImpl.java | 18 +- .../stal/service/impl/STALXJAXBContextFactory.java | 10 +- BKUOnline/src/main/webapp/applet.jsp | 14 +- BKUOnline/src/main/webapp/slRequestForm.html | 3 +- STALExt/pom.xml | 2 +- .../java/at/gv/egiz/stal/service/STALPortType.java | 2 +- .../stal/service/translator/STALTranslator.java | 5 +- STALXService/pom.xml | 25 + .../namespaces/cardchannel/service/ATRType.java | 100 +++ .../cardchannel/service/AttributeList.java | 71 ++ .../cardchannel/service/AttributeType.java | 264 +++++++ .../cardchannel/service/CommandAPDUType.java | 154 ++++ .../cardchannel/service/ObjectFactory.java | 172 +++++ .../namespaces/cardchannel/service/ResetType.java | 64 ++ .../cardchannel/service/ResponseAPDUType.java | 161 +++++ .../cardchannel/service/ResponseType.java | 82 +++ .../namespaces/cardchannel/service/ScriptType.java | 85 +++ .../cardchannel/service/VerifyAPDUType.java | 266 +++++++ .../cardchannel/service/package-info.java | 2 + .../at/gv/egiz/stalx/service/STALPortType.java | 45 ++ .../java/at/gv/egiz/stalx/service/STALService.java | 73 ++ .../translator/STALXTranslationHandler.java | 217 ++++++ .../src/main/resources/wsdl/CardChannel.xsd | 148 ++++ STALXService/src/main/resources/wsdl/stal.xsd | 162 +++++ STALXService/src/main/resources/wsdl/stalx.wsdl | 123 ++++ .../stalx/service/ClientJAXBContextFactory.java | 52 ++ .../at/gv/egiz/stalx/service/STALServiceTest.java | 112 +++ bkucommon/pom.xml | 7 +- .../slcommands/impl/AbstractAssocArrayInfobox.java | 6 +- .../impl/CreateXMLSignatureResultImpl.java | 145 ++-- .../slcommands/impl/InfoboxReadResultFileImpl.java | 197 ++--- .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 6 +- pom.xml | 7 + .../at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java | 5 +- utils/pom.xml | 5 + .../egiz/idlink/CompressedIdentityLinkFactory.java | 800 ++++++++++----------- .../at/gv/egiz/idlink/IdentityLinkFactory.java | 6 +- .../java/at/gv/egiz/marshal/MarshallerFactory.java | 52 ++ .../gv/egiz/marshal/NamespacePrefixMapperImpl.java | 86 +++ .../gv/egiz/xades/QualifyingPropertiesFactory.java | 418 +++++------ 51 files changed, 3519 insertions(+), 1094 deletions(-) delete mode 100644 BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletParameterProvider.java create mode 100644 STALXService/pom.xml create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/ATRType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/AttributeList.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/AttributeType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/CommandAPDUType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/ObjectFactory.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/ResetType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/ResponseAPDUType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/ResponseType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/ScriptType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/VerifyAPDUType.java create mode 100644 STALXService/src/main/java/at/buergerkarte/namespaces/cardchannel/service/package-info.java create mode 100644 STALXService/src/main/java/at/gv/egiz/stalx/service/STALPortType.java create mode 100644 STALXService/src/main/java/at/gv/egiz/stalx/service/STALService.java create mode 100644 STALXService/src/main/java/at/gv/egiz/stalx/service/translator/STALXTranslationHandler.java create mode 100644 STALXService/src/main/resources/wsdl/CardChannel.xsd create mode 100644 STALXService/src/main/resources/wsdl/stal.xsd create mode 100644 STALXService/src/main/resources/wsdl/stalx.wsdl create mode 100644 STALXService/src/test/java/at/gv/egiz/stalx/service/ClientJAXBContextFactory.java create mode 100644 STALXService/src/test/java/at/gv/egiz/stalx/service/STALServiceTest.java create mode 100644 utils/src/main/java/at/gv/egiz/marshal/MarshallerFactory.java create mode 100644 utils/src/main/java/at/gv/egiz/marshal/NamespacePrefixMapperImpl.java (limited to 'bkucommon/src/main') diff --git a/BKUApplet/pom.xml b/BKUApplet/pom.xml index 3b115399..da5dbc6f 100644 --- a/BKUApplet/pom.xml +++ b/BKUApplet/pom.xml @@ -23,35 +23,23 @@ at.gv.egiz true ${project.build.outputDirectory} - META-INF\/ + META-INF\/ + + + + + copy_testapplet + + copy-dependencies + + + ${project.build.directory}/test-classes + at.gv.egiz,commons-logging,iaik + commons-logging,iaik_jce_me4se + true + @@ -80,30 +68,6 @@ true - - maven-dependency-plugin - - - copytestlibs - - copy - - - - - commons-logging - commons-logging - - - iaik - iaik_jce_me4se - - - ${project.build.directory}/test-libs - - - - @@ -132,9 +96,5 @@ BKUCommonGUI 1.0.5-SNAPSHOT - - commons-logging - commons-logging - \ No newline at end of file diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java index 6ac892ec..388f045f 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletBKUWorker.java @@ -22,7 +22,6 @@ import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; import at.gv.egiz.stal.service.STALPortType; -import at.gv.egiz.stal.service.STALService; import at.gv.egiz.stal.service.translator.STALTranslator; import at.gv.egiz.stal.service.translator.TranslationException; import at.gv.egiz.stal.service.types.ErrorResponseType; @@ -31,13 +30,10 @@ import at.gv.egiz.stal.service.types.GetNextRequestType; import at.gv.egiz.stal.service.types.ObjectFactory; import at.gv.egiz.stal.service.types.RequestType; import at.gv.egiz.stal.service.types.ResponseType; -import java.applet.AppletContext; import java.net.MalformedURLException; -import java.net.URL; import java.util.ArrayList; import java.util.List; import javax.xml.bind.JAXBElement; -import javax.xml.namespace.QName; import javax.xml.ws.WebServiceException; /** @@ -46,29 +42,19 @@ import javax.xml.ws.WebServiceException; */ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { - protected AppletContext ctx; - protected AppletParameterProvider params; + protected BKUApplet applet; protected String sessionId; - protected STALPortType stalPort; + private ObjectFactory stalObjFactory = new ObjectFactory(); - private STALTranslator translator = new STALTranslator(); - public AppletBKUWorker(BKUGUIFacade gui, AppletContext ctx, - AppletParameterProvider paramProvider) { + public AppletBKUWorker(BKUApplet applet, BKUGUIFacade gui) { super(gui); - if (ctx == null) { - throw new NullPointerException("Applet context not provided"); - } - if (paramProvider == null) { - throw new NullPointerException("No applet parameters provided"); - } - this.ctx = ctx; - this.params = paramProvider; - - sessionId = params.getAppletParameter(BKUApplet.SESSION_ID); + this.applet = applet; + + sessionId = applet.getParameter(BKUApplet.SESSION_ID); if (sessionId == null) { sessionId = "TestSession"; - log.info("using dummy sessionId " + sessionId); + log.warn("using dummy sessionId " + sessionId); } } @@ -77,9 +63,11 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { gui.showWelcomeDialog(); try { - stalPort = getSTALPort(); + STALPortType stalPort = applet.getSTALPort(); + STALTranslator stalTranslator = applet.getSTALTranslator(); - registerSignRequestHandler(stalPort, sessionId); + addRequestHandler(SignRequest.class, + new AppletHashDataDisplay(stalPort, sessionId)); GetNextRequestResponseType nextRequestResp = stalPort.connect(sessionId); @@ -111,7 +99,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { List stalRequests = new ArrayList(); for (JAXBElement req : requests) { try { - stalRequests.add(translator.translate(req)); + stalRequests.add(stalTranslator.translate(req)); } catch (TranslationException ex) { log.error("Received unknown request from server STAL: " + ex.getMessage()); throw new RuntimeException(ex); @@ -123,7 +111,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { List stalResponses = handleRequest(stalRequests); for (STALResponse stalResponse : stalResponses) { try { - responses.add(translator.translate(stalResponse)); + responses.add(stalTranslator.translate(stalResponse)); } catch (TranslationException ex) { log.error("Received unknown response from STAL: " + ex.getMessage()); throw new RuntimeException(ex); @@ -184,7 +172,7 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { } } - sendRedirect(); + applet.sendRedirect(sessionId); } /** @@ -218,38 +206,4 @@ public class AppletBKUWorker extends AbstractBKUWorker implements Runnable { log.error(e); } } - - protected void sendRedirect() { - try { - URL redirectURL = params.getURLParameter(BKUApplet.REDIRECT_URL, - sessionId); - String redirectTarget = params.getAppletParameter(BKUApplet.REDIRECT_TARGET); - if (redirectTarget == null) { - log.info("Done. Redirecting to " + redirectURL + " ..."); - ctx.showDocument(redirectURL); - } else { - log.info("Done. Redirecting to " + redirectURL + " (target=" + redirectTarget + ") ..."); - ctx.showDocument(redirectURL, redirectTarget); - } - } catch (MalformedURLException ex) { - log.warn("Failed to redirect: " + ex.getMessage(), ex); - // gui.showErrorDialog(errorMsg, okListener, actionCommand) - } - } - - private STALPortType getSTALPort() throws MalformedURLException { - URL wsdlURL = params.getURLParameter(BKUApplet.WSDL_URL); - log.debug("STAL WSDL at " + wsdlURL); - QName endpointName = new QName(BKUApplet.STAL_WSDL_NS, - BKUApplet.STAL_SERVICE); - STALService stal = new STALService(wsdlURL, endpointName); - return stal.getSTALPort(); - } - - private void registerSignRequestHandler(STALPortType stalPort, String sessionId) { - log.debug("register SignRequestHandler (resolve hashdata via STAL Webservice)"); - AppletHashDataDisplay handler = new AppletHashDataDisplay(stalPort, - sessionId); - addRequestHandler(SignRequest.class, handler); - } } diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletParameterProvider.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletParameterProvider.java deleted file mode 100644 index 42e2d6ff..00000000 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletParameterProvider.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.bku.online.applet; - -import java.net.MalformedURLException; -import java.net.URL; - -/** - * - * @author Clemens Orthacker - */ -public interface AppletParameterProvider { - - /** - * Applet configuration parameters - * - * @param paramKey - * @return null if no parameter is provided for the given key - */ - String getAppletParameter(String paramKey); - - /** - * Get applet configuration parameter as (absolute) URL - * - * @param paramKey - * @return a URL - * @throws MalformedURLException if configured URL is invalid - * or no parameter is provided for the given key - */ - URL getURLParameter(String paramKey) throws MalformedURLException; - - /** - * Get applet configuration parameter as (absolute) URL - * - * @param paramKey - * @param sessionId adds the jsessionid to the URL - * @return a URL - * @throws MalformedURLException if configured URL is invalid - * or no parameter is provided for the given key - */ - URL getURLParameter(String paramKey, String sessionId) throws MalformedURLException; -} diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java index 5e60ed3e..d4b2018d 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java @@ -16,8 +16,10 @@ */ package at.gv.egiz.bku.online.applet; +import at.gv.egiz.bku.gui.BKUGUIFacade.Style; import at.gv.egiz.bku.gui.DefaultHelpListener; import at.gv.egiz.bku.gui.AbstractHelpListener; +import at.gv.egiz.stal.service.translator.STALTranslator; import java.net.MalformedURLException; import java.net.URL; import java.util.Locale; @@ -30,15 +32,18 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.gui.BKUGUIFacade; import at.gv.egiz.bku.gui.BKUGUIFactory; +import at.gv.egiz.stal.service.STALPortType; +import at.gv.egiz.stal.service.STALService; +import java.awt.Container; +import javax.xml.namespace.QName; /** * Note: all swing code is executed by the event dispatch thread (see * BKUGUIFacade) */ -public class BKUApplet extends JApplet implements AppletParameterProvider { +public class BKUApplet extends JApplet { private static Log log = LogFactory.getLog(BKUApplet.class); - /** * Applet parameter keys */ @@ -55,18 +60,15 @@ public class BKUApplet extends JApplet implements AppletParameterProvider { // public static final String HASHDATA_DISPLAY_INTERNAL = "internal"; // public static final String HASHDATA_DISPLAY_BROWSER = "browser"; public static final String HASHDATA_DISPLAY_FRAME = "frame"; - /** * STAL WSDL namespace and service name */ public static final String STAL_WSDL_NS = "http://www.egiz.gv.at/wsdl/stal"; public static final String STAL_SERVICE = "STALService"; - /** * Dummy session id, used if no sessionId parameter is provided */ protected static final String TEST_SESSION_ID = "TestSession"; - /** * STAL */ @@ -81,17 +83,17 @@ public class BKUApplet extends JApplet implements AppletParameterProvider { public void init() { log.info("Welcome to MOCCA"); log.debug("Called init()"); - + HttpsURLConnection.setDefaultSSLSocketFactory(InternalSSLSocketFactory.getInstance()); - String locale = getAppletParameter(LOCALE); + String locale = getParameter(LOCALE); if (locale != null) { this.setLocale(new Locale(locale)); } - log.debug("setting locale to " + getLocale()); + log.debug("setting locale: " + getLocale()); BKUGUIFacade.Style guiStyle; - String guiStyleParam = getAppletParameter(GUI_STYLE); + String guiStyleParam = getParameter(GUI_STYLE); if ("advanced".equals(guiStyleParam)) { guiStyle = BKUGUIFacade.Style.advanced; } else if ("tiny".equals(guiStyleParam)) { @@ -99,30 +101,33 @@ public class BKUApplet extends JApplet implements AppletParameterProvider { } else { guiStyle = BKUGUIFacade.Style.simple; } - + log.debug("setting gui-style: " + guiStyle); + URL backgroundImgURL = null; try { - backgroundImgURL = getURLParameter(BACKGROUND_IMG); + backgroundImgURL = getURLParameter(BACKGROUND_IMG, null); + log.debug("setting background: " + backgroundImgURL); } catch (MalformedURLException ex) { log.warn("failed to load applet background image: " + ex.getMessage() + ", using default"); } - + AbstractHelpListener helpListener = null; try { - URL helpURL = getURLParameter(HELP_URL); -// helpListener = new BrowserHelpListener(getAppletContext(), helpURL, getLocale()); - helpListener = new DefaultHelpListener(getAppletContext(), helpURL, getLocale()); + helpListener = new DefaultHelpListener(getAppletContext(), + getURLParameter(HELP_URL, null), getLocale()); + if (log.isDebugEnabled()) { + log.debug("setting helpURL: " + getURLParameter(HELP_URL, null)); + } } catch (MalformedURLException ex) { log.warn("failed to load help URL: " + ex.getMessage() + ", disabling help"); } - - BKUGUIFacade gui = BKUGUIFactory.createGUI(getContentPane(), - getLocale(), - guiStyle, - backgroundImgURL, + + BKUGUIFacade gui = createGUI(getContentPane(), getLocale(), + guiStyle, + backgroundImgURL, helpListener); - worker = new AppletBKUWorker(gui, getAppletContext(), this); + worker = new AppletBKUWorker(this, gui); } @Override @@ -145,15 +150,7 @@ public class BKUApplet extends JApplet implements AppletParameterProvider { log.debug("Called destroy()"); } - @Override - public String getAppletParameter(String paramKey) { - String param = getParameter(paramKey); - log.info("applet parameter: " + paramKey + ": " + param); - return param; - } - - @Override - public URL getURLParameter(String paramKey, String sessionId) throws MalformedURLException { + protected URL getURLParameter(String paramKey, String sessionId) throws MalformedURLException { String urlParam = getParameter(paramKey); if (urlParam != null) { URL codebase = getCodeBase(); @@ -173,15 +170,54 @@ public class BKUApplet extends JApplet implements AppletParameterProvider { } catch (MalformedURLException ex) { log.error("applet paremeter " + urlParam + " is not a valid URL: " + ex.getMessage()); throw ex; - } + } } else { log.error("applet paremeter " + urlParam + " not set"); throw new MalformedURLException(urlParam + " not set"); } } - - @Override - public URL getURLParameter(String paramKey) throws MalformedURLException { - return getURLParameter(paramKey, null); + + /** + * provides a means to for subclasses to inject a different GUI + */ + protected BKUGUIFacade createGUI(Container contentPane, + Locale locale, + Style guiStyle, + URL backgroundImgURL, + AbstractHelpListener helpListener) { + return BKUGUIFactory.createGUI(contentPane, + locale, + guiStyle, + backgroundImgURL, + helpListener); + } + + protected STALPortType getSTALPort() throws MalformedURLException { + URL wsdlURL = getURLParameter(WSDL_URL, null); + log.debug("setting STAL WSDL: " + wsdlURL); + QName endpointName = new QName(STAL_WSDL_NS, STAL_SERVICE); + STALService stal = new STALService(wsdlURL, endpointName); + return stal.getSTALPort(); + } + + protected STALTranslator getSTALTranslator() { + return new STALTranslator(); + } + + protected void sendRedirect(String sessionId) { + try { + URL redirectURL = getURLParameter(REDIRECT_URL, sessionId); + String redirectTarget = getParameter(REDIRECT_TARGET); + if (redirectTarget == null) { + log.info("Done. Redirecting to " + redirectURL + " ..."); + getAppletContext().showDocument(redirectURL); + } else { + log.info("Done. Redirecting to " + redirectURL + " (target=" + redirectTarget + ") ..."); + getAppletContext().showDocument(redirectURL, redirectTarget); + } + } catch (MalformedURLException ex) { + log.warn("Failed to redirect: " + ex.getMessage(), ex); + // gui.showErrorDialog(errorMsg, okListener, actionCommand) + } } } diff --git a/BKUApplet/src/test/resources/appletTest.html b/BKUApplet/src/test/resources/appletTest.html index c8bd99d3..4a768f91 100644 --- a/BKUApplet/src/test/resources/appletTest.html +++ b/BKUApplet/src/test/resources/appletTest.html @@ -18,7 +18,7 @@
diff --git a/BKULocal/pom.xml b/BKULocal/pom.xml index 0f5757b8..5fd142a2 100644 --- a/BKULocal/pom.xml +++ b/BKULocal/pom.xml @@ -9,7 +9,7 @@ BKULocal war BKU Local - 1.0.4-SNAPSHOT + 1.0.2-SNAPSHOT scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java index 91d0aba0..61cc7c4c 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java @@ -22,7 +22,6 @@ import at.gv.egiz.stal.QuitRequest; import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; -import at.gv.egiz.stal.ext.APDUScriptRequest; import java.util.List; import javax.swing.JDialog; diff --git a/BKULocalApp/pom.xml b/BKULocalApp/pom.xml index 52bc4e36..79a270d8 100644 --- a/BKULocalApp/pom.xml +++ b/BKULocalApp/pom.xml @@ -5,10 +5,10 @@ 1.0.5-SNAPSHOT 4.0.0 - at.gv.egiz.bku + at.gv.egiz BKULocalApp BKU Local App - 1.0.4-SNAPSHOT + 1.0.2-SNAPSHOT @@ -76,7 +76,7 @@ at.gv.egiz BKULocal - 1.0.4-SNAPSHOT + 1.0.2-SNAPSHOT war diff --git a/BKUOnline/pom.xml b/BKUOnline/pom.xml index c82cfc1e..fc5f04fa 100644 --- a/BKUOnline/pom.xml +++ b/BKUOnline/pom.xml @@ -1,4 +1,4 @@ - + bku @@ -56,25 +56,20 @@ 1.0.5-SNAPSHOT compile - - - at.gv.egiz - BKUApplet - 1.0.5-SNAPSHOT - provided - - + at.gv.egiz STALService 1.0.5-SNAPSHOT - at.gv.egiz STALXService 1.0.2-SNAPSHOT - + @@ -102,10 +97,30 @@ com.sun.xml.stream 1.0.1 + + + at.gv.egiz + BKUApplet + 1.0.5-SNAPSHOT + provided + + + at.gv.egiz + BKUAppletExt + 1.0.2-SNAPSHOT + provided + + + iaik + iaik_jce_me4se + provided + + - - Tomcat60 - scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKUOnline scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKUOnline @@ -117,75 +132,31 @@ maven-dependency-plugin - copyapplet-dependencies + copy_applet copy-dependencies ${project.build.directory}/${project.build.finalName}/applet - - at.gv.egiz - BKUApplet - true + at.gv.egiz,commons-logging,iaik + BKUApplet,BKUAppletExt,commons-logging,iaik_jce_me4se true - - - - copyapplet - - copy - - - ${project.build.directory}/${project.build.finalName}/applet - - - commons-logging - commons-logging - - - iaik - iaik_jce_me4se - - + true - + maven-war-plugin 2.0.2 - - true - + true - - ${project.version}-r${buildNumber} - + ${project.version}-r${buildNumber} @@ -211,7 +182,7 @@ - jaxb-generate + jaxb-generate-stal @@ -245,4 +216,7 @@ - \ No newline at end of file + + Tomcat60 + + diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index d9be0981..c758bcee 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -133,6 +133,9 @@ public class BKURequestHandler extends SpringBKUServlet { .getFormData("appletHashDataDisplay"), charset); String localeFormParam = getStringFromStream(bindingProcessor .getFormData("locale"), charset); + String extension = getStringFromStream(bindingProcessor + .getFormData("appletExtension"), charset); + if (width != null) { try { log.trace("Found applet width parameter: " + width); diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java index a617c61f..81b70b7c 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java @@ -19,19 +19,17 @@ package at.gv.egiz.stal.service.impl; import at.gv.egiz.stal.ErrorResponse; import at.gv.egiz.stal.HashDataInput; -import at.gv.egiz.stal.InfoboxReadRequest; import at.gv.egiz.stal.QuitRequest; import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; import at.gv.egiz.stal.service.translator.STALTranslator; import at.gv.egiz.stal.service.translator.TranslationException; -import at.gv.egiz.stal.service.types.InfoboxReadRequestType; import at.gv.egiz.stal.service.types.ObjectFactory; import at.gv.egiz.stal.service.types.QuitRequestType; import at.gv.egiz.stal.service.types.RequestType; import at.gv.egiz.stal.service.types.ResponseType; -import at.gv.egiz.stal.service.types.SignRequestType; +import at.gv.egiz.stalx.service.translator.STALXTranslationHandler; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -71,10 +69,12 @@ public class STALRequestBrokerImpl implements STALRequestBroker { if (timeoutMillisec <= 0) timeoutMillisec = DEFAULT_TIMEOUT_MS; timeout = timeoutMillisec; -// translator.registerTranslationHandler(handler); requests = new ArrayList>(); responses = new ArrayList>(); hashDataInputs = new ArrayList(); + + // register handler for STAL-X + translator.registerTranslationHandler(new STALXTranslationHandler()); } /** diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java index afeba9cb..a30c6bb2 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java @@ -18,6 +18,8 @@ package at.gv.egiz.stal.service.impl; //import at.buergerkarte.namespaces.cardchannel.service.CommandAPDUType; //import at.buergerkarte.namespaces.cardchannel.service.ScriptType; +import at.buergerkarte.namespaces.cardchannel.service.CommandAPDUType; +import at.buergerkarte.namespaces.cardchannel.service.ScriptType; import at.gv.egiz.bku.binding.BindingProcessor; import at.gv.egiz.bku.binding.BindingProcessorManager; import at.gv.egiz.bku.binding.Id; @@ -78,8 +80,10 @@ public class STALServiceImpl implements STALPortType { @Resource protected WebServiceContext wsContext; protected IdFactory idF = IdFactory.getInstance(); + /** JAXB ObjectFactories */ private at.gv.egiz.stal.service.types.ObjectFactory stalObjFactory = new at.gv.egiz.stal.service.types.ObjectFactory(); -// private at.buergerkarte.namespaces.cardchannel.service.ObjectFactory ccObjFactory = new at.buergerkarte.namespaces.cardchannel.service.ObjectFactory(); + /** don't confuse with at.buergerkarte.namespaces.cardchannel */ + private at.buergerkarte.namespaces.cardchannel.service.ObjectFactory ccObjFactory = new at.buergerkarte.namespaces.cardchannel.service.ObjectFactory(); @Override public GetNextRequestResponseType connect(String sessId) { @@ -331,12 +335,12 @@ public class STALServiceImpl implements STALPortType { if (responsesIn == null) { log.info("[TestSession] received CONNECT, return dummy requests "); -// ScriptType scriptT = ccObjFactory.createScriptType(); -// CommandAPDUType cmd = ccObjFactory.createCommandAPDUType(); -// cmd.setValue("TestSession CardChannelCMD 1234".getBytes()); -// scriptT.getResetOrCommandAPDUOrVerifyAPDU().add(cmd); -// reqs.add(ccObjFactory.createScript(scriptT)); - addDummyRequests(reqs); +// addDummyRequests(reqs); + ScriptType scriptT = ccObjFactory.createScriptType(); + CommandAPDUType cmd = ccObjFactory.createCommandAPDUType(); + cmd.setValue("TestSession CardChannelCMD 1234".getBytes()); + scriptT.getResetOrCommandAPDUOrVerifyAPDU().add(cmd); + reqs.add(ccObjFactory.createScript(scriptT)); } else if (responsesIn != null && responsesIn.size() > 0 && responsesIn.get(0).getValue() instanceof ErrorResponseType) { log.info("[TestSession] received ErrorResponse, return QUIT request"); QuitRequestType quitT = stalObjFactory.createQuitRequestType(); diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java index 92559254..9caf950f 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java @@ -47,11 +47,11 @@ public class STALXJAXBContextFactory implements JAXBContextFactory { } List classes = new ArrayList(); classes.addAll(classesToBind); -// Class ccOF = at.buergerkarte.namespaces.cardchannel.service.ObjectFactory.class; -// if (!classes.contains(ccOF)) { -// log.debug("adding " + ccOF + " to JAXBContext seed"); -// classes.add(ccOF); -// } + Class ccOF = at.buergerkarte.namespaces.cardchannel.service.ObjectFactory.class; + if (!classes.contains(ccOF)) { + log.debug("adding " + ccOF + " to JAXBContext seed"); + classes.add(ccOF); + } //TODO add typeReference? diff --git a/BKUOnline/src/main/webapp/applet.jsp b/BKUOnline/src/main/webapp/applet.jsp index 3bf0ff40..ada48f22 100644 --- a/BKUOnline/src/main/webapp/applet.jsp +++ b/BKUOnline/src/main/webapp/applet.jsp @@ -39,6 +39,16 @@ String backgroundImg = (String) session.getAttribute("appletBackground"); String guiStyle = (String) session.getAttribute("appletGuiStyle"); String locale = (String) session.getAttribute("locale"); + + String appletClass, appletArchive; + //if (Boolean.parseBoolean((String) session.getAttribute("appletExtension"))) { + if ("activation".equals(guiStyle)) { + appletArchive = "BKUAppletExt.jar"; + appletClass = "at.gv.egiz.bku.online.applet.ext.BKUAppletExt.class"; + } else { + appletArchive = "BKUApplet.jar"; + appletClass = "at.gv.egiz.bku.online.applet.BKUApplet.class"; + } %> + + + + + + + <% + String locale = request.getParameter("locale"); + if (locale == null) { + String acceptLanguage = request.getHeader("Accept-Language"); + locale = AcceptLanguage.getLocale(acceptLanguage).toString(); + } + String widthP = request.getParameter("appletWidth"); + String heightP = request.getParameter("appletHeight"); + int width = (widthP == null) ? 295 + : Integer.parseInt(widthP); + int height = (heightP == null) ? 195 + : Integer.parseInt(heightP); + String guiStyle = request.getParameter("appletGuiStyle"); + if (guiStyle == null) { + guiStyle = "advanced"; + } + String backgroundImg = request.getParameter("appletBackground"); + %> + + + + diff --git a/BKUOnline/src/main/webapp/SLRequestForm.html b/BKUOnline/src/main/webapp/SLRequestForm.html new file mode 100644 index 00000000..2aed5298 --- /dev/null +++ b/BKUOnline/src/main/webapp/SLRequestForm.html @@ -0,0 +1,155 @@ + + + + + Security-Layer v1.2 Request Formular + + + + + + +

Security-Layer v1.2 Request Formular

+ + +

+

+ +
Enter XML Request +

+ + + +

+ + tiny + simple + advanced +

+

+

+

+ + +

+ + Activation + PIN Management +

+ + +
+
+
+ + + diff --git a/BKUOnline/src/main/webapp/css/applet.css b/BKUOnline/src/main/webapp/css/applet.css index 4bfbd77d..d2c734a1 100644 --- a/BKUOnline/src/main/webapp/css/applet.css +++ b/BKUOnline/src/main/webapp/css/applet.css @@ -1,4 +1,3 @@ - root { display: block; } diff --git a/BKUOnline/src/main/webapp/css/main.css b/BKUOnline/src/main/webapp/css/main.css new file mode 100644 index 00000000..114b8da9 --- /dev/null +++ b/BKUOnline/src/main/webapp/css/main.css @@ -0,0 +1,48 @@ +/* +Document : main +Created on : 27.02.2009, 10:24:41 +Author : clemens +Description: +Purpose of the stylesheet follows. +*/ + +/* +TODO customize this sample style +Syntax recommendation http://www.w3.org/TR/REC-CSS2/ +*/ + +root { + display: block; +} + +body { + font-family: sans-serif; + font-size: 14px; +} + +h1 { + font-size: 16px; +} + +.box { + margin-top: 10px; + color: #292929; + width: 250px; + border: 1px solid #BABABA; + background-color: #ddd; + padding-left: 10px; + padding-right: 10px; + margin-left: 10px; + margin-bottom: 1em; + -o-border-radius: 10px; + -moz-border-radius: 12px; + -webkit-border-radius: 10px; + -webkit-box-shadow: 0px 3px 7px #adadad; + border-radius: 10px; + -moz-box-sizing: border-box; + -opera-sizing: border-box; + -webkit-box-sizing: border-box; + -khtml-box-sizing: border-box; + box-sizing: border-box; + overflow: hidden; +} \ No newline at end of file diff --git a/BKUOnline/src/main/webapp/index.html b/BKUOnline/src/main/webapp/index.html index 94e2890f..653da5b1 100644 --- a/BKUOnline/src/main/webapp/index.html +++ b/BKUOnline/src/main/webapp/index.html @@ -16,44 +16,21 @@ --> - -BKU Online - - - - -
-

-

TestRequest

-Security Layer Request -

STAL Service

-STAL Service Endpoint Information -

-
- - - + + BKU Online + + + + +
+

+

SL Request

+ Security Layer Request +

PIN Management

+ PIN Management Applet +

STAL Service

+ STAL Service Endpoint +

+
+ diff --git a/BKUOnline/src/main/webapp/slRequestForm.html b/BKUOnline/src/main/webapp/slRequestForm.html deleted file mode 100644 index 76cd1be9..00000000 --- a/BKUOnline/src/main/webapp/slRequestForm.html +++ /dev/null @@ -1,154 +0,0 @@ - - - - - Security-Layer v1.2 Request Formular - - - - - -

Security-Layer v1.2 Request Formular

- - -

-

- -
Enter XML Request -

- - - -

- - tiny - simple - advanced -

-

-

-

- - -

- - Activation - PIN Management -

- - -
-
-
- - - diff --git a/STAL/src/main/java/at/gv/egiz/stal/STAL.java b/STAL/src/main/java/at/gv/egiz/stal/STAL.java index 7015ec29..a88d8f89 100644 --- a/STAL/src/main/java/at/gv/egiz/stal/STAL.java +++ b/STAL/src/main/java/at/gv/egiz/stal/STAL.java @@ -39,5 +39,5 @@ public interface STAL { * If the locale is not set the default locale will be used. * @param locale must not be null. */ - public void setLocale(Locale locale); +// public void setLocale(Locale locale); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 5b061850..144416ed 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -216,7 +216,7 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { bindingProcessor.init(stal, commandInvokerClass.newInstance()); if (locale != null) { bindingProcessor.setLocale(locale); - stal.setLocale(locale); +// stal.setLocale(locale); } return bindingProcessor; } diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractBKUWorker.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractBKUWorker.java index b6c5a8ca..23b71690 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractBKUWorker.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractBKUWorker.java @@ -54,7 +54,7 @@ public abstract class AbstractBKUWorker extends AbstractSMCCSTAL implements Acti throw new NullPointerException("No BKU GUI provided"); } this.gui = gui; - this.locale = gui.getLocale(); +// this.locale = gui.getLocale(); addRequestHandler(QuitRequest.class, this); } @@ -149,7 +149,7 @@ public abstract class AbstractBKUWorker extends AbstractSMCCSTAL implements Acti } break; case SMCCHelper.CARD_FOUND: - signatureCard = smccHelper.getSignatureCard(locale); + signatureCard = smccHelper.getSignatureCard(gui.getLocale()); return false; } smccHelper.update(3000); diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java index 0074860f..3691156e 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractSMCCSTAL.java @@ -20,7 +20,7 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.List; -import java.util.Locale; +//import java.util.Locale; import java.util.Map; import java.util.Set; @@ -41,7 +41,7 @@ public abstract class AbstractSMCCSTAL implements STAL { public final static int DEFAULT_MAX_RETRIES = 1; - protected Locale locale = Locale.getDefault(); +// protected Locale locale = Locale.getDefault(); protected SignatureCard signatureCard = null; protected Map handlerMap = new HashMap(); @@ -159,13 +159,13 @@ public abstract class AbstractSMCCSTAL implements STAL { return handlerMap.get(request.getSimpleName()); } - @Override - public void setLocale(Locale locale) { - if (locale == null) { - throw new NullPointerException("Locale must not be set to null"); - } - this.locale = locale; - } +// @Override +// public void setLocale(Locale locale) { +// if (locale == null) { +// throw new NullPointerException("Locale must not be set to null"); +// } +// this.locale = locale; +// } public void setMaxRetries(int maxRetries) { this.maxRetries = maxRetries; -- cgit v1.2.3 From a8690cc956924e1d83b0c45d21995ee2e10fbba2 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 4 Mar 2009 16:44:34 +0000 Subject: 1.1-rc3 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@311 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/gui/PINManagementGUIFacade.java | 4 + .../smccstal/ext/PINManagementRequestHandler.java | 170 ++----------- .../gv/egiz/bku/gui/ActivationMessages.properties | 4 + .../egiz/bku/gui/ActivationMessages_en.properties | 4 + .../main/java/at/gv/egiz/bku/gui/BKUGUIFacade.java | 4 +- .../main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java | 177 ++++++------- .../gv/egiz/bku/online/webapp/ResultServlet.java | 9 +- .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 3 +- .../at/gv/egiz/bku/binding/DataUrlConnection.java | 6 - .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 7 +- .../bku/binding/LegacyDataUrlConnectionImpl.java | 11 +- .../java/at/gv/egiz/bku/conf/Configurator.java | 19 +- .../test/java/at/gv/egiz/stal/dummy/DummySTAL.java | 280 ++++++++++----------- smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java | 42 +++- .../at/gv/egiz/smcc/AbstractSignatureCard.java | 53 +++- .../src/main/java/at/gv/egiz/smcc/STARCOSCard.java | 90 +++++-- smcc/src/main/java/at/gv/egiz/smcc/SWCard.java | 8 + .../main/java/at/gv/egiz/smcc/SignatureCard.java | 11 +- 18 files changed, 445 insertions(+), 457 deletions(-) (limited to 'bkucommon/src/main') diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java index ffdc230d..6b083e16 100644 --- a/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java @@ -32,6 +32,10 @@ public interface PINManagementGUIFacade extends BKUGUIFacade { public static final String TITLE_ACTIVATE_PIN = "title.activate.pin"; public static final String TITLE_CHANGE_PIN = "title.change.pin"; public static final String TITLE_UNBLOCK_PIN = "title.unblock.pin"; + public static final String TITLE_ACTIVATE_SUCCESS = "title.activate.success"; + public static final String TITLE_CHANGE_SUCCESS = "title.change.success"; + public static final String MESSAGE_ACTIVATE_SUCCESS = "message.activate.success"; + public static final String MESSAGE_CHANGE_SUCCESS = "message.change.success"; public static final String MESSAGE_PINMGMT = "message.pin.mgmt"; public static final String MESSAGE_ACTIVATE_PIN = "message.activate.pin"; public static final String MESSAGE_CHANGE_PIN = "message.change.pin"; diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java index 851bff21..c8472c97 100644 --- a/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java @@ -32,8 +32,6 @@ import at.gv.egiz.stal.ext.PINManagementResponse; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.smartcardio.Card; import javax.smartcardio.CardChannel; import javax.smartcardio.CardException; @@ -50,11 +48,6 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { protected static final Log log = LogFactory.getLog(PINManagementRequestHandler.class); -// protected ResourceBundle messages; - -// public PINManagementRequestHandler(ResourceBundle messages) { -// this.messages = messages; -// } @Override public STALResponse handleRequest(STALRequest request) throws InterruptedException { if (request instanceof PINManagementRequest) { @@ -86,8 +79,14 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { gui.showUnblockPINDialog(selectedPIN, this, "unblock", this, "back"); } else if ("activate".equals(actionCommand)) { try { - byte[] pin = encodePIN(gui.getPin()); - activatePIN(selectedPIN.getKID(), selectedPIN.getContextAID(), pin); + card.activatePIN(selectedPIN.getKID(), + selectedPIN.getContextAID(), + String.valueOf(gui.getPin())); + gui.showMessageDialog(PINManagementGUIFacade.TITLE_ACTIVATE_SUCCESS, + PINManagementGUIFacade.MESSAGE_ACTIVATE_SUCCESS, + new Object[] {selectedPIN.getLocalizedName()}, + this, "ok"); + waitForAction(); showPINManagementDialog(gui); } catch (SignatureCardException ex) { log.error("failed to activate " + selectedPIN.getLocalizedName() + ": " + ex.getMessage()); @@ -97,9 +96,15 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { } } else if ("change".equals(actionCommand)) { try { - byte[] oldPin = encodePIN(gui.getOldPin()); //new byte[]{(byte) 0x25, (byte) 0x40, (byte) 0x01}; - byte[] pin = encodePIN(gui.getPin()); //new byte[]{(byte) 0x25, (byte) 0x40}; - changePIN(selectedPIN.getKID(), selectedPIN.getContextAID(), oldPin, pin); + card.changePIN(selectedPIN.getKID(), + selectedPIN.getContextAID(), + String.valueOf(gui.getOldPin()), + String.valueOf(gui.getPin())); + gui.showMessageDialog(PINManagementGUIFacade.TITLE_CHANGE_SUCCESS, + PINManagementGUIFacade.MESSAGE_CHANGE_SUCCESS, + new Object[] {selectedPIN.getLocalizedName()}, + this, "ok"); + waitForAction(); showPINManagementDialog(gui); } catch (VerificationFailedException ex) { log.error("failed to change " + selectedPIN.getLocalizedName() + ": " + ex.getMessage()); @@ -131,137 +136,6 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { return true; } - /** - * pin.length < 4bit - * @param kid - * @param contextAID - * @param pin - * @throws at.gv.egiz.smcc.SignatureCardException - */ - private void activatePIN(byte kid, byte[] contextAID, byte[] pin) throws SignatureCardException { - Card icc = card.getCard(); - try { - icc.beginExclusive(); - CardChannel channel = icc.getBasicChannel(); - - if (contextAID != null) { - CommandAPDU selectAPDU = new CommandAPDU(0x00, 0xa4, 0x04, 0x0c, contextAID); - ResponseAPDU responseAPDU = channel.transmit(selectAPDU); - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to activate PIN " + SMCCHelper.toString(new byte[]{kid}) + - ": Failed to select AID " + SMCCHelper.toString(contextAID) + - ": " + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - if (pin.length > 7) { - icc.endExclusive(); - log.error("PIN too long"); - throw new SignatureCardException("PIN too long"); - } - byte length = (byte) (0x20 | pin.length * 2); - - byte[] apdu = new byte[]{ - (byte) 0x00, (byte) 0x24, (byte) 0x01, kid, (byte) 0x08, - (byte) length, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - for (int i = 0; i < pin.length; i++) { - apdu[i + 6] = pin[i]; - } - - CommandAPDU verifyAPDU = new CommandAPDU(apdu); - ResponseAPDU responseAPDU = channel.transmit(verifyAPDU); - - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to activate PIN " + SMCCHelper.toString(new byte[]{kid}) + ": " + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - icc.endExclusive(); - } catch (CardException ex) { - log.error("Failed to activate PIN: " + ex.getMessage()); - throw new SignatureCardException(ex.getMessage(), ex); - } finally { - try { - icc.endExclusive(); - } catch (CardException ex) { - log.trace("failed to end exclusive card access"); - } - } - } - - private void changePIN(byte kid, byte[] contextAID, byte[] oldPIN, byte[] newPIN) throws SignatureCardException, VerificationFailedException { - Card icc = card.getCard(); - try { - icc.beginExclusive(); - CardChannel channel = icc.getBasicChannel(); - - if (contextAID != null) { - CommandAPDU selectAPDU = new CommandAPDU(0x00, 0xa4, 0x04, 0x0c, contextAID); - ResponseAPDU responseAPDU = channel.transmit(selectAPDU); - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to change PIN " + SMCCHelper.toString(new byte[]{kid}) + - ": Failed to select AID " + SMCCHelper.toString(contextAID) + - ": " + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - if (oldPIN.length > 7 || newPIN.length > 7) { - icc.endExclusive(); - log.error("PIN too long"); - throw new SignatureCardException("PIN too long"); - } - byte oldLength = (byte) (0x20 | oldPIN.length * 2); - byte newLength = (byte) (0x20 | newPIN.length * 2); - - byte[] apdu = new byte[]{ - (byte) 0x00, (byte) 0x24, (byte) 0x00, kid, (byte) 0x10, - oldLength, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - newLength, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - for (int i = 0; i < oldPIN.length; i++) { - apdu[i + 6] = oldPIN[i]; - } - for (int i = 0; i < newPIN.length; i++) { - apdu[i + 14] = newPIN[i]; - } - - CommandAPDU verifyAPDU = new CommandAPDU(apdu); - ResponseAPDU responseAPDU = channel.transmit(verifyAPDU); - - if (responseAPDU.getSW1() == 0x63 && responseAPDU.getSW2() >> 4 == 0xc) { - icc.endExclusive(); - int retries = responseAPDU.getSW2() & 0x0f; - log.error("Wrong PIN, " + retries + " tries left"); - throw new VerificationFailedException(retries); - } - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to change PIN " - + SMCCHelper.toString(new byte[]{kid}) + ": " - + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - - - } catch (CardException ex) { - log.error("Failed to change PIN: " + ex.getMessage()); - throw new SignatureCardException(ex.getMessage(), ex); - } finally { - try { - icc.endExclusive(); - } catch (CardException ex) { - log.trace("failed to end exclusive card access"); - } - } - } - public Map getPINStatuses() throws SignatureCardException { Card icc = card.getCard(); try { @@ -321,16 +195,6 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { } } - private byte[] encodePIN(char[] pinChars) { - int length = (int) Math.ceil(pinChars.length/2); - byte[] pin = new byte[length]; - for (int i = 0; i < length; i++) { - pin[i] = (byte) (16*Character.digit(pinChars[i*2], 16) + Character.digit(pinChars[i*2+1], 16)); - } -// log.trace("***** " + SMCCHelper.toString(pin) + " ******"); - return pin; - } - private void showPINManagementDialog(PINManagementGUIFacade gui) { try { Map pins = getPINStatuses(); diff --git a/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages.properties b/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages.properties index b6099db6..430f85b5 100644 --- a/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages.properties +++ b/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages.properties @@ -18,11 +18,15 @@ title.pin.mgmt=PIN Verwaltung title.activate.pin=PIN Aktivieren title.change.pin=PIN \u00C4ndern title.unblock.pin=PIN Entsperren +title.activate.success=Erfolg +title.change.success=Erfolg message.pin.mgmt=Die Karte verf\u00FCgt \u00FCber {0} PINs message.activate.pin={0} eingeben und best\u00E4tigen message.change.pin={0} eingeben und best\u00E4tigen message.unblock.pin=PUK zu {0} eingeben +message.activate.success={0} wurde erfolgreich aktiviert. +message.change.success={0} wurde erfolgreich ge\u00E4ndert. label.activation=e-card Aktivierungsprozess label.activation.step=Schritt {0} diff --git a/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages_en.properties b/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages_en.properties index 40332826..98d18633 100644 --- a/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages_en.properties +++ b/BKUAppletExt/src/main/resources/at/gv/egiz/bku/gui/ActivationMessages_en.properties @@ -18,11 +18,15 @@ title.pin.mgmt=PIN Management title.activate.pin=Activate PIN title.change.pin=Change PIN title.unblock.pin=Unblock PIN +title.activate.success=Success +title.change.success=Success message.pin.mgmt=The smartcard has {0} PINs message.activate.pin=Enter and confirm {0} message.change.pin=Enter and confirm {0} message.unblock.pin=Enter PUK for {0} +message.activate.success={0} successfully activated +message.change.success={0} successfully changed label.activation=e-card activation process label.activation.step=Step {0} diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIFacade.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIFacade.java index ae91670a..be5e3fc8 100644 --- a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIFacade.java +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIFacade.java @@ -127,7 +127,9 @@ public interface BKUGUIFacade { public void showHashDataInputDialog(List signedReferences, ActionListener okListener, String okCommand); - public void showErrorDialog(String errorMsgKey, Object[] errorMsgParams, ActionListener okListener, String actionCommand); + public void showErrorDialog(String errorMsgKey, Object[] errorMsgParams, ActionListener okListener, String okCommand); public void showErrorDialog(String errorMsgKey, Object[] errorMsgParams); + + public void showMessageDialog(String titleKey, String msgKey, Object[] msgParams, ActionListener okListener, String okCommand); } diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java index ca597701..d6c96627 100644 --- a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java @@ -19,8 +19,10 @@ package at.gv.egiz.bku.gui; import at.gv.egiz.smcc.PINSpec; import at.gv.egiz.stal.HashDataInput; +import java.awt.Color; import java.awt.Container; import java.awt.Cursor; +import java.awt.Font; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.MouseAdapter; @@ -882,145 +884,116 @@ public class BKUGUIImpl implements BKUGUIFacade { } @Override - public void showErrorDialog(final String errorMsgKey, final Object[] errorMsgParams, final ActionListener okListener, final String okCommand) { + public void showErrorDialog( + final String errorMsgKey, final Object[] errorMsgParams, + final ActionListener okListener, final String okCommand) { - log.debug("scheduling error dialog"); - + showMessageDialog(TITLE_ERROR, ERROR_COLOR, + errorMsgKey, errorMsgParams, okListener, okCommand); + } + + @Override + public void showErrorDialog( + final String errorMsgKey, final Object[] errorMsgParams) { + + showMessageDialog(TITLE_ERROR, ERROR_COLOR, + errorMsgKey, errorMsgParams, null, null); + } + + @Override + public void showMessageDialog( + final String titleKey, + final String msgKey, final Object[] msgParams, + final ActionListener okListener, final String okCommand) { + + showMessageDialog(titleKey, null, + msgKey, msgParams, okListener, okCommand); + } + + private void showMessageDialog( + final String titleKey, final Color titleColor, + final String msgKey, final Object[] msgParams, + final ActionListener okListener, final String okCommand) { + + log.debug("scheduling message dialog"); + SwingUtilities.invokeLater(new Runnable() { @Override public void run() { - log.debug("show error dialog"); - + log.debug("show message dialog"); + mainPanel.removeAll(); buttonPanel.removeAll(); if (renderHeaderPanel) { - titleLabel.setText(getMessage(TITLE_ERROR)); + titleLabel.setText(getMessage(titleKey)); } - helpListener.setHelpTopic(errorMsgKey); - - String errorMsgPattern = getMessage(errorMsgKey); - String errorMsg = MessageFormat.format(errorMsgPattern, errorMsgParams); - - JLabel errorMsgLabel = new JLabel(); - errorMsgLabel.setFont(errorMsgLabel.getFont().deriveFont(errorMsgLabel.getFont().getStyle() & ~java.awt.Font.BOLD)); - errorMsgLabel.setText(errorMsg); + helpListener.setHelpTopic(msgKey); + + String msgPattern = getMessage(msgKey); + String msg = MessageFormat.format(msgPattern, msgParams); + + JLabel msgLabel = new JLabel(); + msgLabel.setFont(msgLabel.getFont().deriveFont(msgLabel.getFont().getStyle() & ~Font.BOLD)); + msgLabel.setText(msg); GroupLayout mainPanelLayout = new GroupLayout(mainPanel); mainPanel.setLayout(mainPanelLayout); GroupLayout.ParallelGroup mainHorizontal = mainPanelLayout.createParallelGroup(GroupLayout.Alignment.LEADING); GroupLayout.SequentialGroup mainVertical = mainPanelLayout.createSequentialGroup(); - + if (!renderHeaderPanel) { - JLabel errorTitleLabel = new JLabel(); - errorTitleLabel.setFont(errorTitleLabel.getFont().deriveFont(errorTitleLabel.getFont().getStyle() | java.awt.Font.BOLD)); - errorTitleLabel.setText(getMessage(TITLE_ERROR)); - errorTitleLabel.setForeground(ERROR_COLOR); - + JLabel titleLabel = new JLabel(); + titleLabel.setFont(titleLabel.getFont().deriveFont(titleLabel.getFont().getStyle() | Font.BOLD)); + titleLabel.setText(getMessage(titleKey)); + if (titleColor != null) { + titleLabel.setForeground(titleColor); + } + mainHorizontal .addGroup(mainPanelLayout.createSequentialGroup() - .addComponent(errorTitleLabel) + .addComponent(titleLabel) .addPreferredGap(LayoutStyle.ComponentPlacement.UNRELATED, 0, Short.MAX_VALUE) .addComponent(helpLabel)); mainVertical .addGroup(mainPanelLayout.createParallelGroup(GroupLayout.Alignment.LEADING) - .addComponent(errorTitleLabel) + .addComponent(titleLabel) .addComponent(helpLabel)); } - + mainPanelLayout.setHorizontalGroup(mainHorizontal - .addComponent(errorMsgLabel)); + .addComponent(msgLabel)); mainPanelLayout.setVerticalGroup(mainVertical - .addComponent(errorMsgLabel)); - - JButton okButton = new JButton(); - okButton.setFont(okButton.getFont().deriveFont(okButton.getFont().getStyle() & ~java.awt.Font.BOLD)); - okButton.setText(getMessage(BUTTON_OK)); - okButton.setActionCommand(okCommand); - okButton.addActionListener(okListener); + .addComponent(msgLabel)); - GroupLayout buttonPanelLayout = new GroupLayout(buttonPanel); - buttonPanel.setLayout(buttonPanelLayout); + if (okListener != null && okCommand != null) { + JButton okButton = new JButton(); + okButton.setFont(okButton.getFont().deriveFont(okButton.getFont().getStyle() & ~java.awt.Font.BOLD)); + okButton.setText(getMessage(BUTTON_OK)); + okButton.setActionCommand(okCommand); + okButton.addActionListener(okListener); - buttonPanelLayout.setHorizontalGroup( - buttonPanelLayout.createSequentialGroup() - .addContainerGap(GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(okButton, GroupLayout.PREFERRED_SIZE, buttonSize, GroupLayout.PREFERRED_SIZE)); - buttonPanelLayout.setVerticalGroup( - buttonPanelLayout.createSequentialGroup() - .addComponent(okButton)); + GroupLayout buttonPanelLayout = new GroupLayout(buttonPanel); + buttonPanel.setLayout(buttonPanelLayout); + + buttonPanelLayout.setHorizontalGroup( + buttonPanelLayout.createSequentialGroup() + .addContainerGap(GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(okButton, GroupLayout.PREFERRED_SIZE, buttonSize, GroupLayout.PREFERRED_SIZE)); + buttonPanelLayout.setVerticalGroup( + buttonPanelLayout.createSequentialGroup() + .addComponent(okButton)); + } contentPanel.validate(); } }); } - @Override - public void showErrorDialog(final String errorMsgKey, final Object[] errorMsgParams) { - - log.debug("scheduling error dialog"); - - SwingUtilities.invokeLater(new Runnable() { - - @Override - public void run() { - - log.debug("show error dialog"); - - mainPanel.removeAll(); - buttonPanel.removeAll(); - - if (renderHeaderPanel) { - titleLabel.setText(getMessage(TITLE_ERROR)); - } - - helpListener.setHelpTopic(errorMsgKey); - - String errorMsgPattern = getMessage(errorMsgKey); - String errorMsg = MessageFormat.format(errorMsgPattern, errorMsgParams); - - JLabel errorMsgLabel = new JLabel(); - errorMsgLabel.setFont(errorMsgLabel.getFont().deriveFont(errorMsgLabel.getFont().getStyle() & ~java.awt.Font.BOLD)); - errorMsgLabel.setText(errorMsg); - - GroupLayout mainPanelLayout = new GroupLayout(mainPanel); - mainPanel.setLayout(mainPanelLayout); - - - GroupLayout.ParallelGroup mainHorizontal = mainPanelLayout.createParallelGroup(GroupLayout.Alignment.LEADING); - GroupLayout.SequentialGroup mainVertical = mainPanelLayout.createSequentialGroup(); - - if (!renderHeaderPanel) { - JLabel errorTitleLabel = new JLabel(); - errorTitleLabel.setFont(errorTitleLabel.getFont().deriveFont(errorTitleLabel.getFont().getStyle() | java.awt.Font.BOLD)); - errorTitleLabel.setText(getMessage(TITLE_ERROR)); - errorTitleLabel.setForeground(ERROR_COLOR); - - mainHorizontal - .addGroup(mainPanelLayout.createSequentialGroup() - .addComponent(errorTitleLabel) - .addPreferredGap(LayoutStyle.ComponentPlacement.UNRELATED, 0, Short.MAX_VALUE) - .addComponent(helpLabel)); - mainVertical - .addGroup(mainPanelLayout.createParallelGroup(GroupLayout.Alignment.LEADING) - .addComponent(errorTitleLabel) - .addComponent(helpLabel)); - } - - mainPanelLayout.setHorizontalGroup(mainHorizontal - .addComponent(errorMsgLabel)); - mainPanelLayout.setVerticalGroup(mainVertical - .addComponent(errorMsgLabel)); - - contentPanel.validate(); - } - }); - } - @Override public void showWaitDialog(final String waitMessage) { diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index 12707117..7855b73c 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -31,6 +31,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.HTTPBindingProcessor; import at.gv.egiz.bku.binding.HttpUtil; import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.conf.Configurator; import at.gv.egiz.bku.utils.NullOutputStream; /** @@ -40,7 +41,6 @@ import at.gv.egiz.bku.utils.NullOutputStream; public class ResultServlet extends SpringBKUServlet { private final static Log log = LogFactory.getLog(ResultServlet.class); - public final static String USER_AGENT_PROPERTY_KEY = "UserAgent"; private String encoding = "UTF-8"; private String expiredPage = "./expiredError.jsp"; @@ -116,15 +116,16 @@ public class ResultServlet extends SpringBKUServlet { return; } resp.setStatus(bp.getResponseCode()); +// log.info("ALLOW CACHING OF RESULT PAGE"); resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1 resp.setHeader("Pragma", "no-cache"); // HTTP 1.0 resp.setDateHeader("Expires", 0); - if (configurator.getProperty(USER_AGENT_PROPERTY_KEY) != null) { + if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, configurator - .getProperty(USER_AGENT_PROPERTY_KEY)); + .getProperty(Configurator.USERAGENT_CONFIG_P)); } else { resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, - "citizen-card-environment/1.2 MOCCA Unknown"); + Configurator.USERAGENT_DEFAULT); } for (Iterator it = bp.getResponseHeaders().keySet().iterator(); it .hasNext();) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index 7b682136..aaeacd98 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configurator; import java.net.MalformedURLException; import java.net.URL; import java.util.Properties; @@ -82,7 +83,7 @@ public class DataUrl { public static void setConfiguration(Properties props) { configuration = props; if (configuration != null) { - String className = configuration.getProperty(DataUrlConnection.DATAURLCONNECTION_CONFIG_P); + String className = configuration.getProperty(Configurator.DATAURLCONNECTION_CONFIG_P); if (className != null) { try { log.info("set DataURLConnection class: " + className); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java index 21407cc3..f954a017 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java @@ -34,12 +34,6 @@ import at.gv.egiz.bku.slcommands.SLResult; */ public interface DataUrlConnection { - public final static String USERAGENT_CONFIG_P = "UserAgent"; - public static final String USERAGENT_DEFAULT = "citizen-card-environment/1.2 MOCCA/UNKNOWN"; - public static final String USERAGENT_BASE = "citizen-card-environment/1.2 MOCCA/"; - - public static final String DATAURLCONNECTION_CONFIG_P = "DataURLConnectionImplClass"; - public static final String FORMPARAM_RESPONSETYPE = "ResponseType"; public static final String DEFAULT_RESPONSETYPE = "HTTP-Security-Layer-RESPONSE"; public static final String FORMPARAM_XMLRESPONSE = "XMLResponse"; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index d9a9454e..4c235456 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -43,6 +43,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.multipart.InputStreamPartSource; import at.gv.egiz.bku.binding.multipart.SLResultPart; +import at.gv.egiz.bku.conf.Configurator; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slcommands.SLResult.SLResultType; import at.gv.egiz.bku.slexceptions.SLRuntimeException; @@ -225,12 +226,12 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { boundary = "--" + IdFactory.getInstance().createId().toString(); requestHttpHeaders = new HashMap(); if ((config != null) - && (config.getProperty(USERAGENT_CONFIG_P) != null)) { + && (config.getProperty(Configurator.USERAGENT_CONFIG_P) != null)) { requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config - .getProperty(USERAGENT_CONFIG_P)); + .getProperty(Configurator.USERAGENT_CONFIG_P)); } else { requestHttpHeaders - .put(HttpUtil.HTTP_HEADER_USER_AGENT, USERAGENT_DEFAULT); + .put(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.USERAGENT_DEFAULT); } requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java index ef9dd199..cfccb7f1 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -1,6 +1,7 @@ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configurator; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; @@ -38,7 +39,7 @@ import at.gv.egiz.bku.utils.binding.Protocol; */ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { - private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); + private final static Log log = LogFactory.getLog(LegacyDataUrlConnectionImpl.class); public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; @@ -212,13 +213,13 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { this.url = url; requestHttpHeaders = new HashMap(); if ((config != null) - && (config.getProperty(USERAGENT_CONFIG_P) != null)) { - log.debug("setting User-Agent header: " + config.getProperty(USERAGENT_CONFIG_P)); + && (config.getProperty(Configurator.USERAGENT_CONFIG_P) != null)) { + log.debug("setting User-Agent header: " + config.getProperty(Configurator.USERAGENT_CONFIG_P)); requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config - .getProperty(USERAGENT_CONFIG_P)); + .getProperty(Configurator.USERAGENT_CONFIG_P)); } else { requestHttpHeaders - .put(HttpUtil.HTTP_HEADER_USER_AGENT, USERAGENT_DEFAULT); + .put(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.USERAGENT_DEFAULT); } requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index a6c70d2c..6213ffcf 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -49,6 +49,13 @@ public abstract class Configurator { private Log log = LogFactory.getLog(Configurator.class); + public final static String USERAGENT_CONFIG_P = "UserAgent"; + public static final String DATAURLCONNECTION_CONFIG_P = "DataURLConnectionImplClass"; + + public static final String USERAGENT_DEFAULT = "citizen-card-environment/1.2 MOCCA/UNKNOWN"; + public static final String USERAGENT_BASE = "citizen-card-environment/1.2 MOCCA/"; + + protected Properties properties; protected CertValidator certValidator; @@ -203,22 +210,22 @@ public abstract class Configurator { } public void configureVersion() { - if (properties.getProperty(DataUrlConnection.USERAGENT_CONFIG_P) == null) { + if (properties.getProperty(USERAGENT_CONFIG_P) == null) { Properties p = new Properties(); try { InputStream is = getManifest(); if (is != null) { p.load(getManifest()); String version = p.getProperty("Implementation-Build"); - properties.setProperty(DataUrlConnection.USERAGENT_CONFIG_P, - DataUrlConnection.USERAGENT_BASE + version); + properties.setProperty(USERAGENT_CONFIG_P, + USERAGENT_BASE + version); log.debug("Setting user agent to: " + properties - .getProperty(DataUrlConnection.USERAGENT_CONFIG_P)); + .getProperty(USERAGENT_CONFIG_P)); } else { log.warn("Cannot read manifest"); - properties.setProperty(DataUrlConnection.USERAGENT_CONFIG_P, - DataUrlConnection.USERAGENT_DEFAULT); + properties.setProperty(USERAGENT_CONFIG_P, + USERAGENT_DEFAULT); } } catch (IOException e) { log.error(e); diff --git a/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java b/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java index 77dd7e4f..8adeadee 100644 --- a/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java +++ b/bkucommon/src/test/java/at/gv/egiz/stal/dummy/DummySTAL.java @@ -14,149 +14,141 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.stal.dummy; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.Signature; -import java.security.cert.CertificateEncodingException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.List; -import java.util.Locale; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.stal.ErrorResponse; -import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; -import at.gv.egiz.stal.STAL; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; -import at.gv.egiz.stal.SignRequest; -import at.gv.egiz.stal.SignResponse; - -public class DummySTAL implements STAL { - - static Log log = LogFactory.getLog(DummySTAL.class); - - protected X509Certificate cert = null; - protected PrivateKey privateKey = null; - - public DummySTAL() { - try { +package at.gv.egiz.stal.dummy; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.Signature; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.List; +import java.util.Locale; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignResponse; + +public class DummySTAL implements STAL { + + static Log log = LogFactory.getLog(DummySTAL.class); + + protected X509Certificate cert = null; + protected PrivateKey privateKey = null; + + public DummySTAL() { + try { KeyStore ks = KeyStore.getInstance("pkcs12"); InputStream ksStream = getClass().getClassLoader().getResourceAsStream( - "at/gv/egiz/bku/slcommands/impl/Cert.p12"); - ks.load(ksStream, "1622".toCharArray()); - for (Enumeration aliases = ks.aliases(); aliases - .hasMoreElements();) { - String alias = aliases.nextElement(); - log.debug("Found alias " + alias + " in keystore"); - if (ks.isKeyEntry(alias)) { - log.debug("Found key entry for alias: " + alias); - privateKey = (PrivateKey) ks.getKey(alias, "1622".toCharArray()); - cert = (X509Certificate) ks.getCertificate(alias); - System.out.println(cert); - } - } - } catch (Exception e) { - log.error(e); - } - - } - - @Override - public List handleRequest(List requestList) { - - List responses = new ArrayList(); - for (STALRequest request : requestList) { - - log.debug("Got STALRequest " + request + "."); - - if (request instanceof InfoboxReadRequest) { - - String infoboxIdentifier = ((InfoboxReadRequest) request) - .getInfoboxIdentifier(); - InputStream stream = getClass().getClassLoader().getResourceAsStream( - "at/gv/egiz/stal/dummy/infoboxes4/" + infoboxIdentifier + ".bin"); - - STALResponse response; - if (stream != null) { - - log.debug("Infobox " + infoboxIdentifier + " found."); - - byte[] infobox; - try { - ByteArrayOutputStream buffer = new ByteArrayOutputStream(); - int b; - while ((b = stream.read()) != -1) { - buffer.write(b); - } - infobox = buffer.toByteArray(); - } catch (IOException e) { - throw new RuntimeException(e); - } - - InfoboxReadResponse infoboxReadResponse = new InfoboxReadResponse(); - infoboxReadResponse.setInfoboxValue(infobox); - response = infoboxReadResponse; - - } else if ((infoboxIdentifier.equals("SecureSignatureKeypair")) ||(infoboxIdentifier.equals("CertifiedKeypair"))) { - try { - InfoboxReadResponse infoboxReadResponse = new InfoboxReadResponse(); - infoboxReadResponse.setInfoboxValue(cert.getEncoded()); - response = infoboxReadResponse; - } catch (CertificateEncodingException e) { - log.error(e); - response = new ErrorResponse(); - } - } else { - - log.debug("Infobox " + infoboxIdentifier + " not found."); - - response = new ErrorResponse(); - } - responses.add(response); - - } else if (request instanceof SignRequest) { - try { - - SignRequest signReq = (SignRequest) request; - Signature s = Signature.getInstance("SHA1withRSA"); - s.initSign(privateKey); - s.update(signReq.getSignedInfo()); - byte[] sigVal = s.sign(); - SignResponse resp = new SignResponse(); - resp.setSignatureValue(sigVal); - responses.add(resp); - } catch (Exception e) { - log.error(e); - responses.add(new ErrorResponse()); - } - - } else { - - log.debug("Request not implemented."); - - responses.add(new ErrorResponse()); - } - - } - - return responses; - } - - @Override - public void setLocale(Locale locale) { - // TODO Auto-generated method stub - - } - - -} + "at/gv/egiz/bku/slcommands/impl/Cert.p12"); + ks.load(ksStream, "1622".toCharArray()); + for (Enumeration aliases = ks.aliases(); aliases + .hasMoreElements();) { + String alias = aliases.nextElement(); + log.debug("Found alias " + alias + " in keystore"); + if (ks.isKeyEntry(alias)) { + log.debug("Found key entry for alias: " + alias); + privateKey = (PrivateKey) ks.getKey(alias, "1622".toCharArray()); + cert = (X509Certificate) ks.getCertificate(alias); + System.out.println(cert); + } + } + } catch (Exception e) { + log.error(e); + } + + } + + @Override + public List handleRequest(List requestList) { + + List responses = new ArrayList(); + for (STALRequest request : requestList) { + + log.debug("Got STALRequest " + request + "."); + + if (request instanceof InfoboxReadRequest) { + + String infoboxIdentifier = ((InfoboxReadRequest) request) + .getInfoboxIdentifier(); + InputStream stream = getClass().getClassLoader().getResourceAsStream( + "at/gv/egiz/stal/dummy/infoboxes4/" + infoboxIdentifier + ".bin"); + + STALResponse response; + if (stream != null) { + + log.debug("Infobox " + infoboxIdentifier + " found."); + + byte[] infobox; + try { + ByteArrayOutputStream buffer = new ByteArrayOutputStream(); + int b; + while ((b = stream.read()) != -1) { + buffer.write(b); + } + infobox = buffer.toByteArray(); + } catch (IOException e) { + throw new RuntimeException(e); + } + + InfoboxReadResponse infoboxReadResponse = new InfoboxReadResponse(); + infoboxReadResponse.setInfoboxValue(infobox); + response = infoboxReadResponse; + + } else if ((infoboxIdentifier.equals("SecureSignatureKeypair")) ||(infoboxIdentifier.equals("CertifiedKeypair"))) { + try { + InfoboxReadResponse infoboxReadResponse = new InfoboxReadResponse(); + infoboxReadResponse.setInfoboxValue(cert.getEncoded()); + response = infoboxReadResponse; + } catch (CertificateEncodingException e) { + log.error(e); + response = new ErrorResponse(); + } + } else { + + log.debug("Infobox " + infoboxIdentifier + " not found."); + + response = new ErrorResponse(); + } + responses.add(response); + + } else if (request instanceof SignRequest) { + try { + + SignRequest signReq = (SignRequest) request; + Signature s = Signature.getInstance("SHA1withRSA"); + s.initSign(privateKey); + s.update(signReq.getSignedInfo()); + byte[] sigVal = s.sign(); + SignResponse resp = new SignResponse(); + resp.setSignatureValue(sigVal); + responses.add(resp); + } catch (Exception e) { + log.error(e); + responses.add(new ErrorResponse()); + } + + } else { + + log.debug("Request not implemented."); + + responses.add(new ErrorResponse()); + } + + } + + return responses; + } +} diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java index 86223854..57925240 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java @@ -28,6 +28,7 @@ // package at.gv.egiz.smcc; +import at.gv.egiz.smcc.util.SMCCHelper; import java.nio.charset.Charset; import javax.smartcardio.CardChannel; @@ -104,9 +105,12 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { public ACOSCard() { super("at/gv/egiz/smcc/ACOSCard"); - pinSpecs.add(PINSPEC_INF, new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("inf.pin.name"), KID_PIN_INF, null)); - pinSpecs.add(PINSPEC_DEC, new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("dec.pin.name"), KID_PIN_DEC, null)); - pinSpecs.add(PINSPEC_SIG, new PINSpec(6, 10, "[0-9]", getResourceBundle().getString("sig.pin.name"), KID_PIN_SIG, null)); + pinSpecs.add(PINSPEC_INF, + new PINSpec(0, 8, "[0-9]", getResourceBundle().getString("inf.pin.name"), KID_PIN_INF, AID_DEC)); + pinSpecs.add(PINSPEC_DEC, + new PINSpec(0, 8, "[0-9]", getResourceBundle().getString("dec.pin.name"), KID_PIN_DEC, AID_DEC)); + pinSpecs.add(PINSPEC_SIG, + new PINSpec(0, 8, "[0-9]", getResourceBundle().getString("sig.pin.name"), KID_PIN_SIG, AID_SIG)); } /* (non-Javadoc) @@ -334,14 +338,13 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { CardChannel channel = getCardChannel(); - byte[] asciiPIN = pin.getBytes(Charset.forName("ASCII")); - byte[] encodedPIN = new byte[8]; - System.arraycopy(asciiPIN, 0, encodedPIN, 0, Math.min(asciiPIN.length, - encodedPIN.length)); - ResponseAPDU resp; try { - resp = transmit(channel, new CommandAPDU(0x00, 0x20, 0x00, kid, encodedPIN), false); + if (pin != null) { + resp = transmit(channel, new CommandAPDU(0x00, 0x20, 0x00, kid, encodePINBlock(pin)), false); + } else { + resp = transmit(channel, new CommandAPDU(0x00, 0x20, 0x00, kid), false); + } } catch (CardException ex) { log.error("smart card communication failed: " + ex.getMessage()); throw new SignatureCardException("smart card communication failed: " + ex.getMessage(), ex); @@ -419,7 +422,28 @@ public class ACOSCard extends AbstractSignatureCard implements SignatureCard { } } + @Override public String toString() { return "a-sign premium"; } + + /** + * ASCII encoded pin, padded with 0x00 + * @param pin + * @return a 8 byte pin block + */ + @Override + public byte[] encodePINBlock(String pin) { + byte[] asciiPIN = pin.getBytes(Charset.forName("ASCII")); + byte[] encodedPIN = new byte[8]; + System.arraycopy(asciiPIN, 0, encodedPIN, 0, Math.min(asciiPIN.length, + encodedPIN.length)); +// System.out.println("ASCII encoded PIN block: " + SMCCHelper.toString(encodedPIN)); + return encodedPIN; + } + + @Override + public void activatePIN(byte kid, byte[] contextAID, String pin) throws SignatureCardException { + throw new SignatureCardException("PIN activation not supported by this card"); + } } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java index cb068725..63301bd1 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java @@ -28,14 +28,13 @@ // package at.gv.egiz.smcc; +import at.gv.egiz.smcc.util.SMCCHelper; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.nio.ByteBuffer; import java.util.ArrayList; -import java.util.HashMap; import java.util.List; import java.util.Locale; -import java.util.Map; import java.util.ResourceBundle; import javax.smartcardio.ATR; @@ -443,4 +442,54 @@ public abstract class AbstractSignatureCard implements SignatureCard { public List getPINSpecs() { return pinSpecs; } + + public void changePIN(byte kid, byte[] contextAID, String oldPIN, String newPIN) throws SignatureCardException, VerificationFailedException { + Card icc = getCard(); + try { + icc.beginExclusive(); + CardChannel channel = icc.getBasicChannel(); + + if (contextAID != null) { + ResponseAPDU responseAPDU = transmit(channel, + new CommandAPDU(0x00, 0xa4, 0x04, 0x0c, contextAID)); + if (responseAPDU.getSW() != 0x9000) { + icc.endExclusive(); + String msg = "Failed to change PIN " + SMCCHelper.toString(new byte[]{kid}) + + ": Failed to select AID " + SMCCHelper.toString(contextAID) + + ": " + SMCCHelper.toString(responseAPDU.getBytes()); + log.error(msg); + throw new SignatureCardException(msg); + } + } + + byte[] cmd = new byte[16]; + System.arraycopy(encodePINBlock(oldPIN), 0, cmd, 0, 8); + System.arraycopy(encodePINBlock(newPIN), 0, cmd, 8, 8); + + ResponseAPDU responseAPDU = transmit(channel, + new CommandAPDU(0x00, 0x24, 0x00, kid, cmd), false); + + icc.endExclusive(); + + if (responseAPDU.getSW1() == 0x63 && responseAPDU.getSW2() >> 4 == 0xc) { + int retries = responseAPDU.getSW2() & 0x0f; + log.error("Failed VERIFY PIN, " + retries + " tries left"); + throw new VerificationFailedException(retries); + } + if (responseAPDU.getSW() != 0x9000) { + String msg = "Failed to change PIN " + + SMCCHelper.toString(new byte[]{kid}) + ": " + + SMCCHelper.toString(responseAPDU.getBytes()); + log.error(msg); + throw new SignatureCardException(msg); + } + + } catch (CardException ex) { + log.error("Failed to change PIN: " + ex.getMessage()); + throw new SignatureCardException(ex.getMessage(), ex); + } + } + + abstract byte[] encodePINBlock(String pin); + } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java index ae43629e..b1288f74 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java @@ -28,9 +28,9 @@ // package at.gv.egiz.smcc; -import java.math.BigInteger; +import at.gv.egiz.smcc.util.SMCCHelper; import java.util.Arrays; - +import javax.smartcardio.Card; import javax.smartcardio.CardChannel; import javax.smartcardio.CardException; import javax.smartcardio.CommandAPDU; @@ -162,8 +162,14 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard */ public STARCOSCard() { super("at/gv/egiz/smcc/STARCOSCard"); - pinSpecs.add(PINSPEC_CARD, new PINSpec(4, 4, "[0-9]", getResourceBundle().getString("card.pin.name"), KID_PIN_CARD, null)); - pinSpecs.add(PINSPEC_SS, new PINSpec(6, 10, "[0-9]", getResourceBundle().getString("sig.pin.name"), KID_PIN_SS, AID_DF_SS)); + pinSpecs.add(PINSPEC_CARD, + new PINSpec(4, 12, "[0-9]", + getResourceBundle().getString("card.pin.name"), + KID_PIN_CARD, null)); + pinSpecs.add(PINSPEC_SS, + new PINSpec(6, 12, "[0-9]", + getResourceBundle().getString("sig.pin.name"), + KID_PIN_SS, AID_DF_SS)); } @Override @@ -491,21 +497,8 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard if (pin == null) { resp = transmit(channel, new CommandAPDU(0x00, 0x20, 0x00, kid)); } else { - // PIN length in bytes - int len = (int) Math.ceil(pin.length() / 2); - // BCD encode PIN and marshal PIN block - byte[] pinBytes = new BigInteger(pin, 16).toByteArray(); - byte[] pinBlock = new byte[8]; - if (len < pinBytes.length) { - System.arraycopy(pinBytes, pinBytes.length - len, pinBlock, 1, len); - } else { - System.arraycopy(pinBytes, 0, pinBlock, len - pinBytes.length + 1, - pinBytes.length); - } - pinBlock[0] = (byte) (0x20 + len * 2); - Arrays.fill(pinBlock, len + 1, 8, (byte) 0xff); - + byte[] pinBlock = encodePINBlock(pin); resp = transmit(channel, new CommandAPDU(0x00, 0x20, 0x00, kid, pinBlock), false); } @@ -553,6 +546,65 @@ public class STARCOSCard extends AbstractSignatureCard implements SignatureCard return "e-card"; } - + /** + * BCD encodes the pin, pads with 0xFF and prepends the pins length + * @param pin + * @return a 8 byte pin block consisting of length byte (0x2X), + * the BCD encoded pin and a 0xFF padding + */ + @Override + public byte[] encodePINBlock(String pin) { + char[] pinChars = pin.toCharArray(); + int numDigits = pinChars.length; + int numBytes = (int) Math.ceil(numDigits/2.0); + + byte[] pinBlock = new byte[8]; + pinBlock[0] = (byte) (0x20 | numDigits); + + for (int i = 0; i < numBytes; i++) { + int p1 = 16*Character.digit(pinChars[i*2], 16); + int p2 = (i*2+1 < numDigits) ? Character.digit(pinChars[i*2+1], 16) : 0xf; + pinBlock[i+1] = (byte) (p1 + p2); + } + Arrays.fill(pinBlock, numBytes + 1, pinBlock.length, (byte) 0xff); +// log.trace("BCD encoded PIN block: " + SMCCHelper.toString(pinBlock)); + + return pinBlock; + } + + public void activatePIN(byte kid, byte[] contextAID, String pin) throws SignatureCardException { + Card icc = getCard(); + try { + icc.beginExclusive(); + CardChannel channel = icc.getBasicChannel(); + + if (contextAID != null) { + ResponseAPDU responseAPDU = transmit(channel, + new CommandAPDU(0x00, 0xa4, 0x04, 0x0c, contextAID)); + if (responseAPDU.getSW() != 0x9000) { + icc.endExclusive(); + String msg = "Failed to activate PIN " + SMCCHelper.toString(new byte[]{kid}) + + ": Failed to select AID " + SMCCHelper.toString(contextAID) + + ": " + SMCCHelper.toString(responseAPDU.getBytes()); + log.error(msg); + throw new SignatureCardException(msg); + } + } + + ResponseAPDU responseAPDU = transmit(channel, + new CommandAPDU(0x00, 0x24, 0x01, kid, encodePINBlock(pin)), false); + + icc.endExclusive(); + + if (responseAPDU.getSW() != 0x9000) { + String msg = "Failed to activate PIN " + SMCCHelper.toString(new byte[]{kid}) + ": " + SMCCHelper.toString(responseAPDU.getBytes()); + log.error(msg); + throw new SignatureCardException(msg); + } + } catch (CardException ex) { + log.error("Failed to activate PIN: " + ex.getMessage()); + throw new SignatureCardException(ex.getMessage(), ex); + } + } } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java index 8dc4ac2a..57aeb994 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java @@ -403,4 +403,12 @@ public class SWCard implements SignatureCard { return new ArrayList(); } + @Override + public void changePIN(byte kid, byte[] contextAID, String oldPIN, String newPIN) throws SignatureCardException, VerificationFailedException { + } + + @Override + public void activatePIN(byte kid, byte[] contextAID, String pin) throws SignatureCardException { + } + } diff --git a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java index 1e5e09c8..a88593bc 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java @@ -31,7 +31,6 @@ package at.gv.egiz.smcc; import java.util.List; import java.util.Locale; -import java.util.Map; import javax.smartcardio.Card; import javax.smartcardio.CardTerminal; @@ -135,11 +134,19 @@ public interface SignatureCard { */ public int verifyPIN(String pin, byte kid) throws LockedException, NotActivatedException, SignatureCardException; + public void changePIN(byte kid, byte[] contextAID, + String oldPIN, String newPIN) + throws SignatureCardException, VerificationFailedException; + + public void activatePIN(byte kid, byte[] contextAID, + String pin) + throws SignatureCardException; + /** * Sets the local for evtl. required callbacks (e.g. PINSpec) * @param locale must not be null; */ public void setLocale(Locale locale); - + } -- cgit v1.2.3 From 2882e14d19cfa58ea382083434210aaf0cfea3e3 Mon Sep 17 00:00:00 2001 From: wbauer Date: Fri, 13 Mar 2009 07:49:49 +0000 Subject: Fixed Bug#405 and added according test case Fixed Bug#402 Added Feature#403 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@320 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/local/conf/SpringConfigurator.java | 2 + .../egiz/bku/local/webapp/BKURequestHandler.java | 21 ++++- .../gv/egiz/bku/local/webapp/SpringBKUServlet.java | 67 ++++++++------- BKULocal/src/main/webapp/WEB-INF/web.xml | 2 +- .../java/at/gv/egiz/bku/local/app/BKULauncher.java | 1 + .../gv/egiz/bku/online/webapp/ResultServlet.java | 23 ++++-- bkucommon/pom.xml | 80 ++++++++++-------- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 16 +++- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 4 +- .../main/java/at/gv/egiz/bku/binding/HttpUtil.java | 3 +- .../java/at/gv/egiz/bku/conf/Configurator.java | 59 ++++++++++--- .../slcommands/impl/xsect/LocRefDereferencer.java | 1 - .../bku/binding/EmptyMultipartSLRequestTest.java | 96 ++++++++++++++++++++++ .../at/gv/egiz/bku/binding/MultipartEmpty.txt | 17 ++++ .../HTTPURLProtocolHandlerImpl.java | 9 +- 15 files changed, 307 insertions(+), 94 deletions(-) create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/binding/MultipartEmpty.txt (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java index bcb96c2f..09b0ebab 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java @@ -29,6 +29,7 @@ import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.local.webapp.SpringBKUServlet; import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class SpringConfigurator extends Configurator implements @@ -72,6 +73,7 @@ public class SpringConfigurator extends Configurator implements defaultInit(); } super.configure(); + SpringBKUServlet.setConfigurator(this); } public void defaultInit() { diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java index 62705d1e..b39b4d02 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -33,16 +33,15 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.BindingProcessorManager; import at.gv.egiz.bku.binding.HTTPBindingProcessor; import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.conf.Configurator; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; -public abstract class BKURequestHandler extends HttpServlet { +public class BKURequestHandler extends SpringBKUServlet { public final static String ENCODING = "UTF-8"; protected Log log = LogFactory.getLog(BKURequestHandler.class); - protected abstract BindingProcessorManager getBindingProcessorManager(); - protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { log.debug("Got new request"); @@ -77,6 +76,22 @@ public abstract class BKURequestHandler extends HttpServlet { String header = it.next(); resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); } + String sigLayout=""; + String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); + if ((version != null) && (!"".equals(version.trim()))) { + resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); + } else { + log.debug("Do not set siglayout header"); + } + + if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator + .getProperty(Configurator.USERAGENT_CONFIG_P)); + } else { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, + Configurator.USERAGENT_DEFAULT); + } + resp.setContentType(bindingProcessor.getResultContentType()); resp.setCharacterEncoding(ENCODING); bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java index c573e52f..3bd50ba7 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java @@ -1,30 +1,39 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.local.webapp; - -import at.gv.egiz.bku.binding.BindingProcessorManager; - -public class SpringBKUServlet extends BKURequestHandler { - - public final static String BEAN_NAME="bindingProcessorManager"; - - @Override - protected BindingProcessorManager getBindingProcessorManager() { - return (BindingProcessorManager) getServletContext().getAttribute(BEAN_NAME); - } - -} + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import javax.servlet.http.HttpServlet; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.conf.Configurator; + +public abstract class SpringBKUServlet extends HttpServlet { + + public final static String BEAN_NAME = "bindingProcessorManager"; + + protected static Configurator configurator; + + protected BindingProcessorManager getBindingProcessorManager() { + return (BindingProcessorManager) getServletContext() + .getAttribute(BEAN_NAME); + } + + public static void setConfigurator(Configurator conf) { + configurator = conf; + } + +} diff --git a/BKULocal/src/main/webapp/WEB-INF/web.xml b/BKULocal/src/main/webapp/WEB-INF/web.xml index 36087d17..3b2e7e10 100644 --- a/BKULocal/src/main/webapp/WEB-INF/web.xml +++ b/BKULocal/src/main/webapp/WEB-INF/web.xml @@ -34,7 +34,7 @@ BKUServlet - at.gv.egiz.bku.local.webapp.SpringBKUServlet + at.gv.egiz.bku.local.webapp.BKURequestHandler help diff --git a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java index b2022d22..09695808 100644 --- a/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java +++ b/BKULocalApp/src/main/java/at/gv/egiz/bku/local/app/BKULauncher.java @@ -26,6 +26,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.local.ui.BKUControllerInterface; import at.gv.egiz.bku.local.ui.TrayIconDialog; +import at.gv.egiz.bku.utils.HexDump; import at.gv.egiz.bku.utils.StreamUtil; public class BKULauncher implements BKUControllerInterface { diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index a4d3e5d1..e9d9a38a 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -79,7 +79,21 @@ public class ResultServlet extends SpringBKUServlet { } protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, java.io.IOException { + throws ServletException, java.io.IOException { + String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); + if ((version != null) && (!"".equals(version.trim()))) { + resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); + } else { + log.debug("Do not set siglayout header"); + } + + if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator + .getProperty(Configurator.USERAGENT_CONFIG_P)); + } else { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, + Configurator.USERAGENT_DEFAULT); + } HttpSession session = req.getSession(false); if (session == null) { @@ -119,13 +133,6 @@ public class ResultServlet extends SpringBKUServlet { resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1 resp.setHeader("Pragma", "no-cache"); // HTTP 1.0 resp.setDateHeader("Expires", 0); - if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { - resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, configurator - .getProperty(Configurator.USERAGENT_CONFIG_P)); - } else { - resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, - Configurator.USERAGENT_DEFAULT); - } for (Iterator it = bp.getResponseHeaders().keySet().iterator(); it .hasNext();) { String header = it.next(); diff --git a/bkucommon/pom.xml b/bkucommon/pom.xml index ccc1814d..5084abcb 100644 --- a/bkucommon/pom.xml +++ b/bkucommon/pom.xml @@ -1,5 +1,6 @@ - + bku at.gv.egiz @@ -10,7 +11,43 @@ bkucommon BKU Common 1.0.5-SNAPSHOT - http://maven.apache.org + + + + + + + org.apache.maven.plugins + maven-jar-plugin + + + + + + 1.0 + + + + + + at.gv.egiz @@ -58,35 +95,14 @@ compile - org.springframework - spring-context - test - - - - com.sun.xml.bind - jaxb-impl - + org.springframework + spring-context + test + + + + com.sun.xml.bind + jaxb-impl + - - - - - - \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 4c235456..c8bddbbd 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -225,10 +225,17 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { this.url = url; boundary = "--" + IdFactory.getInstance().createId().toString(); requestHttpHeaders = new HashMap(); - if ((config != null) - && (config.getProperty(Configurator.USERAGENT_CONFIG_P) != null)) { - requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config - .getProperty(Configurator.USERAGENT_CONFIG_P)); + + if (config != null) { + String sigLayout=""; + String version = config.getProperty(Configurator.SIGNATURE_LAYOUT); + if ((version != null) && (!"".equals(version.trim()))) { + requestHttpHeaders.put(Configurator.SIGNATURE_LAYOUT, version); + } else { + log.debug("Do not set siglayout header"); + } + String userAgent = config.getProperty(Configurator.USERAGENT_CONFIG_P, Configurator.USERAGENT_DEFAULT); + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, userAgent); } else { requestHttpHeaders .put(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.USERAGENT_DEFAULT); @@ -251,6 +258,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { DataUrlConnectionSPI uc = new DataUrlConnectionImpl(); uc.setConfiguration(config); uc.setSSLSocketFactory(sslSocketFactory); + uc.setHostnameVerifier(hostnameVerifier); return uc; } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 43f42331..d0b2dac1 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -672,10 +672,10 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } else { FormParameterStore fps = new FormParameterStore(); fps.init(fp); - if (!fps.isEmpty()) { + //if (!fps.isEmpty()) { log.debug("Setting form parameter: " + fps.getFormParameterName()); formParameterMap.put(fps.getFormParameterName(), fps); - } + //} } } if (slCommand == null) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java index b11a4d85..5ea7b25e 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HttpUtil.java @@ -29,7 +29,8 @@ public class HttpUtil { public final static String CHAR_SET = "charset"; public final static String DEFAULT_CHARSET = "ISO-8859-1"; public final static String HTTP_HEADER_CONTENT_TYPE = "Content-Type"; - public static final String HTTP_HEADER_USER_AGENT = "User-Agent"; + public static final String HTTP_HEADER_USER_AGENT = "User-Agent"; + public static final String HTTP_HEADER_SERVER = "Server"; public final static String HTTP_HEADER_REFERER = "Referer"; public final static String CONTENT_TRANSFER_ENCODING = "Content-Transfer-Encoding"; public final static String MULTIPART_FOTMDATA = "multipart/form-data"; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 6213ffcf..8a94e88d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -9,6 +9,7 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.HttpURLConnection; +import java.net.URL; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; @@ -26,6 +27,8 @@ import java.util.LinkedList; import java.util.List; import java.util.Properties; import java.util.Set; +import java.util.jar.Attributes; +import java.util.jar.Manifest; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; @@ -39,7 +42,6 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.binding.DataUrl; -import at.gv.egiz.bku.binding.DataUrlConnection; import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; import at.gv.egiz.bku.slexceptions.SLRuntimeException; @@ -55,10 +57,12 @@ public abstract class Configurator { public static final String USERAGENT_DEFAULT = "citizen-card-environment/1.2 MOCCA/UNKNOWN"; public static final String USERAGENT_BASE = "citizen-card-environment/1.2 MOCCA/"; + public static final String SIGNATURE_LAYOUT = "SignatureLayout"; protected Properties properties; protected CertValidator certValidator; + protected String signaturLayoutVersion; protected Configurator() { } @@ -161,7 +165,7 @@ public abstract class Configurator { log.debug("Registering security providers"); Security.insertProviderAt(new IAIK(), 1); Security.insertProviderAt(new ECCProvider(false), 2); - + // registering STALProvider as delegation provider for XSECT STALProvider stalProvider = new STALProvider(); Set services = stalProvider.getServices(); @@ -171,8 +175,10 @@ public abstract class Configurator { XSecProvider.setDelegationProvider(algorithm, stalProvider.getName()); sb.append("\n" + algorithm); } - log.debug("Registered STALProvider as XSecProvider delegation provider for the following services : " + sb.toString()); - + log + .debug("Registered STALProvider as XSecProvider delegation provider for the following services : " + + sb.toString()); + Security.addProvider(stalProvider); XSecProvider.addAsProvider(false); sb = new StringBuilder(); @@ -193,6 +199,31 @@ public abstract class Configurator { } } + public void configureSingatureLayoutVersion() { + if (properties.get(SIGNATURE_LAYOUT) == null) { + try { + String classContainer = Configurator.class.getProtectionDomain() + .getCodeSource().getLocation().toString(); + URL manifestUrl = new URL("jar:" + classContainer + + "!/META-INF/MANIFEST.MF"); + Manifest manifest = new Manifest(manifestUrl.openStream()); + Attributes att = manifest.getMainAttributes(); + String layout = null; + if (att != null) { + layout = att.getValue(SIGNATURE_LAYOUT); + } + if (layout != null) { + log.info("Setting signature layout to: " + layout); + properties.put(SIGNATURE_LAYOUT, layout); + } else { + log.warn("No signature layout version defined"); + } + } catch (Exception ex) { + log.warn("Cannot read manifest", ex); + } + } + } + public void configureNetwork() { String proxy = getProperty("HTTPProxyHost"); String portString = getProperty("HTTPProxyPort"); @@ -217,15 +248,15 @@ public abstract class Configurator { if (is != null) { p.load(getManifest()); String version = p.getProperty("Implementation-Build"); - properties.setProperty(USERAGENT_CONFIG_P, - USERAGENT_BASE + version); + if (version == null) { + version="UNKNOWN"; + } + properties.setProperty(USERAGENT_CONFIG_P, USERAGENT_BASE + version); log.debug("Setting user agent to: " - + properties - .getProperty(USERAGENT_CONFIG_P)); + + properties.getProperty(USERAGENT_CONFIG_P)); } else { log.warn("Cannot read manifest"); - properties.setProperty(USERAGENT_CONFIG_P, - USERAGENT_DEFAULT); + properties.setProperty(USERAGENT_CONFIG_P, USERAGENT_DEFAULT); } } catch (IOException e) { log.error(e); @@ -240,6 +271,7 @@ public abstract class Configurator { configViewer(); configureSSL(); configureVersion(); + configureSingatureLayoutVersion(); configureNetwork(); } @@ -280,11 +312,14 @@ public abstract class Configurator { sslCtx.init(km, new TrustManager[] { pkixTM }, null); } DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory()); - URLDereferencer.getInstance().setSSLSocketFactory(sslCtx.getSocketFactory()); + URLDereferencer.getInstance().setSSLSocketFactory( + sslCtx.getSocketFactory()); } catch (Exception e) { log.error("Cannot configure SSL", e); } - if ((disableAll != null && Boolean.parseBoolean(disableAll)) || (disableHostnameVerification != null && Boolean.parseBoolean(disableHostnameVerification))) { + if ((disableAll != null && Boolean.parseBoolean(disableAll)) + || (disableHostnameVerification != null && Boolean + .parseBoolean(disableHostnameVerification))) { log.warn("---------------------------------"); log.warn(" Disabling Hostname Verification "); log.warn("---------------------------------"); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java index a6399c9b..f5394157 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/LocRefDereferencer.java @@ -105,7 +105,6 @@ public class LocRefDereferencer implements URIDereferencer { throw new URIReferenceException("Failed to dereference URI '" + locRef + "'. " + e.getMessage(), e); } - return new OctetStreamData(streamData.getStream(), locRef, streamData .getContentType()); } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java new file mode 100644 index 00000000..dd315f7f --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java @@ -0,0 +1,96 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.binding; + +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; +import iaik.xml.crypto.XSecProvider; + +import java.io.InputStream; +import java.net.MalformedURLException; +import java.security.Provider; +import java.security.Security; +import java.security.Provider.Service; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.junit.Before; +import org.junit.Test; + +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; + +public class EmptyMultipartSLRequestTest { + + private static Log log = LogFactory.getLog(EmptyMultipartSLRequestTest.class); + + protected String resourceName = "at/gv/egiz/bku/binding/MultipartEmpty.txt"; + + protected BindingProcessor bindingProcessor; + protected InputStream dataStream; + protected BindingProcessorManager manager; + + @Before + public void setUp() throws MalformedURLException, ClassNotFoundException { + manager = new BindingProcessorManagerImpl(new DummyStalFactory(), + new SLCommandInvokerImpl()); + HTTPBindingProcessor http = (HTTPBindingProcessor) manager + .createBindingProcessor("http://www.at/", null); + Map headers = new HashMap(); + headers.put("Content-Type", InputDecoderFactory.MULTIPART_FORMDATA + + ";boundary=uW10q_I9UeqKyw-1o5EW4jtEAaGs7-mC6o"); + http.setHTTPHeaders(headers); + dataStream = getClass().getClassLoader().getResourceAsStream(resourceName); + bindingProcessor = http; + Map commandMap = new HashMap(); + commandMap + .put( + "http://www.buergerkarte.at/namespaces/securitylayer/1.2#:CreateXMLSignatureRequest", + "at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl"); + commandMap + .put( + "http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxReadRequest", + "at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl"); + SLCommandFactory.getInstance().setCommandImpl(commandMap); + Security.insertProviderAt(new IAIK(), 1); + Security.insertProviderAt(new ECCProvider(false), 2); + XSecProvider.addAsProvider(false); + // registering STALProvider as delegation provider for XSECT + STALProvider stalProvider = new STALProvider(); + Security.addProvider(stalProvider); + Set services = stalProvider.getServices(); + StringBuilder sb = new StringBuilder(); + for (Service service : services) { + String algorithm = service.getType() + "." + service.getAlgorithm(); + XSecProvider.setDelegationProvider(algorithm, stalProvider.getName()); + sb.append("\n" + algorithm); + } + log.debug(sb); + } + + @Test + public void testBasicNop() { + bindingProcessor.consumeRequestStream(dataStream); + // manager.process(bindingProcessor); + bindingProcessor.run(); + } + +} diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/binding/MultipartEmpty.txt b/bkucommon/src/test/resources/at/gv/egiz/bku/binding/MultipartEmpty.txt new file mode 100644 index 00000000..97c29894 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/binding/MultipartEmpty.txt @@ -0,0 +1,17 @@ +POST /http-security-layer-request HTTP/1.1 +User-Agent: Jakarta Commons-HttpClient/3.0 +Host: 127.0.0.1:13495 +Content-Length: 855 +Content-Type: multipart/form-data; boundary=uW10q_I9UeqKyw-1o5EW4jtEAaGs7-mC6o + +--uW10q_I9UeqKyw-1o5EW4jtEAaGs7-mC6o +Content-Disposition: form-data; name="XMLRequest" + +SecureSignatureKeypairformdata:fileuploadtext/plain +--uW10q_I9UeqKyw-1o5EW4jtEAaGs7-mC6o +Content-Disposition: form-data; name="fileupload"; filename="myfile.txt" +Content-Type: text/plain; charset=ISO-8859-1 +Content-Transfer-Encoding: binary + + +--uW10q_I9UeqKyw-1o5EW4jtEAaGs7-mC6o-- diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java index 99f804b7..dfe7d5e6 100644 --- a/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java +++ b/utils/src/main/java/at/gv/egiz/bku/utils/urldereferencer/HTTPURLProtocolHandlerImpl.java @@ -81,6 +81,13 @@ public class HTTPURLProtocolHandlerImpl implements URLProtocolHandler { .getInputStream()); } + /** + * + * @param aUrl + * @param aContext + * @return + * @throws IOException if the data cannot be found or reading the stream failed. + */ protected StreamData dereferenceFormData(String aUrl, URLDereferencerContext aContext) throws IOException { log.debug("Dereferencing formdata url: " + aUrl); @@ -96,7 +103,7 @@ public class HTTPURLProtocolHandlerImpl implements URLProtocolHandler { if (is != null) { return new StreamData(aUrl, contentType, is); } - return null; + throw new IOException("Cannot dereference url: formdata not found"); } @Override -- cgit v1.2.3 From 1ad095128a98137e2b4c904814722be4ec43eebd Mon Sep 17 00:00:00 2001 From: wbauer Date: Mon, 30 Mar 2009 13:42:39 +0000 Subject: fixed bug#410 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@324 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index d0b2dac1..97b5b859 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -281,8 +281,11 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements String val = null; if (keyVal.length == 2) { val = keyVal[1]; + val = val.trim(); + } else { + log.error("Invalid transfer header encoding: "+paramString); + throw new SLBindingException(2005); } - val = val.trim(); log.debug("Setting header " + key + " to value " + val); conn.setHTTPHeader(key, val); } -- cgit v1.2.3 From ddec4b921578c3a2a84838788f3667cff45af3b6 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 17 Apr 2009 09:50:53 +0000 Subject: configure dataURL after complete Configurator initialization git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@337 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 8a94e88d..f5110799 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -262,9 +262,11 @@ public abstract class Configurator { log.error(e); } } - DataUrl.setConfiguration(properties); } + /** + * TODO cleanup configuration (read MANIFEST, DataURLconfig,...) + */ public void configure() { configureProviders(); configUrlConnections(); @@ -273,6 +275,8 @@ public abstract class Configurator { configureVersion(); configureSingatureLayoutVersion(); configureNetwork(); + //after configureVersion() and configureSignatureLayoutVersion() + DataUrl.setConfiguration(properties); } public void setConfiguration(Properties props) { -- cgit v1.2.3 From 9452928e56cc32092adbe146bfb2dd86211e63dc Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 17 Apr 2009 13:30:09 +0000 Subject: MANIFEST (TODO delete from svn) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@338 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java | 4 ++-- .../java/at/gv/egiz/bku/online/webapp/ResultServlet.java | 3 ++- BKUOnline/src/main/webapp/META-INF/MANIFEST.MF | 12 ++++++------ bkucommon/src/main/java/META-INF/MANIFEST.MF | 7 +++++-- .../java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java | 4 ++-- .../src/main/java/at/gv/egiz/bku/conf/Configurator.java | 4 ++-- 6 files changed, 19 insertions(+), 15 deletions(-) (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java index be37488b..98be4047 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -81,12 +81,12 @@ public class BKURequestHandler extends SpringBKUServlet { String header = it.next(); resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); } - String sigLayout=""; String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); if ((version != null) && (!"".equals(version.trim()))) { + log.debug("setting SignatureLayout header to " + version); resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); } else { - log.debug("Do not set siglayout header"); + log.debug("do not set SignatureLayout header"); } if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index e9d9a38a..9c2ec8bf 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -82,9 +82,10 @@ public class ResultServlet extends SpringBKUServlet { throws ServletException, java.io.IOException { String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); if ((version != null) && (!"".equals(version.trim()))) { + log.debug("setting SignatureLayout header to " + version); resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); } else { - log.debug("Do not set siglayout header"); + log.debug("do not set SignatureLayout header"); } if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { diff --git a/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF b/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF index ca7c7604..ae3f7b68 100644 --- a/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF +++ b/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF @@ -1,6 +1,6 @@ -Manifest-Version: 1.0 -Archiver-Version: Plexus Archiver -Created-By: Apache Maven -Built-By: wbauer -Build-Jdk: 1.6.0_10-beta -Implementation-Build: 1.0-SNAPSHOT-r31 \ No newline at end of file +Manifest-Version: 1.0 +Archiver-Version: Plexus Archiver +Created-By: Apache Maven +Built-By: clemens +Build-Jdk: 1.6.0_10 +Implementation-Build: 1.1.1-SNAPSHOT-r1 diff --git a/bkucommon/src/main/java/META-INF/MANIFEST.MF b/bkucommon/src/main/java/META-INF/MANIFEST.MF index 5e949512..46e7dd84 100644 --- a/bkucommon/src/main/java/META-INF/MANIFEST.MF +++ b/bkucommon/src/main/java/META-INF/MANIFEST.MF @@ -1,3 +1,6 @@ Manifest-Version: 1.0 -Class-Path: - +Archiver-Version: Plexus Archiver +Created-By: Apache Maven +Built-By: clemens +Build-Jdk: 1.6.0_10 +SignatureLayout: 1.0 diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index c8bddbbd..4f2d2e00 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -227,12 +227,12 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { requestHttpHeaders = new HashMap(); if (config != null) { - String sigLayout=""; String version = config.getProperty(Configurator.SIGNATURE_LAYOUT); if ((version != null) && (!"".equals(version.trim()))) { + log.debug("setting SignatureLayout header to " + version); requestHttpHeaders.put(Configurator.SIGNATURE_LAYOUT, version); } else { - log.debug("Do not set siglayout header"); + log.debug("do not set SignatureLayout header"); } String userAgent = config.getProperty(Configurator.USERAGENT_CONFIG_P, Configurator.USERAGENT_DEFAULT); requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, userAgent); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index f5110799..a3e07cda 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -213,10 +213,10 @@ public abstract class Configurator { layout = att.getValue(SIGNATURE_LAYOUT); } if (layout != null) { - log.info("Setting signature layout to: " + layout); + log.info("setting SignatureLayout header to " + layout); properties.put(SIGNATURE_LAYOUT, layout); } else { - log.warn("No signature layout version defined"); + log.warn("no SignatureLayout version defined"); } } catch (Exception ex) { log.warn("Cannot read manifest", ex); -- cgit v1.2.3 From e8fbfeb16c3f8ece59edbb75add7e2b88bf598f5 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 12 Jun 2009 11:22:00 +0000 Subject: user agent log msg git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@357 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java | 3 +++ 1 file changed, 3 insertions(+) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index a3e07cda..d9a118e5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -46,6 +46,7 @@ import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; import at.gv.egiz.bku.slexceptions.SLRuntimeException; import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; +import javax.net.ssl.SSLSocketFactory; public abstract class Configurator { @@ -261,6 +262,8 @@ public abstract class Configurator { } catch (IOException e) { log.error(e); } + } else { + log.info("using configured user agent " + properties.getProperty(USERAGENT_CONFIG_P)); } } -- cgit v1.2.3 From c09207ae05e1d0bf4398f05834d79aa301e867d5 Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 25 Jun 2009 11:54:21 +0000 Subject: MAX_DATAURL_HOPS = 80 (a-trust workflows) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@371 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 97b5b859..832b1770 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -91,7 +91,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements * Defines the maximum number of dataurl connects that are allowed within a * single SL Request processing. */ - protected static int MAX_DATAURL_HOPS = 50; + protected static int MAX_DATAURL_HOPS = 80; protected static String XML_MIME_TYPE = "text/xml"; protected static String BINARY_MIME_TYPE = "application/octet-stream"; -- cgit v1.2.3 From 696f0c337fdfa533ea3398c60a3d6ae4d0748d6c Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 9 Jul 2009 12:07:07 +0000 Subject: validationEventLogger git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@402 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/slcommands/SLCommandFactory.java | 4 ++ .../gv/egiz/validation/ValidationEventLogger.java | 55 ++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java index 1ef94e81..fe27bc54 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -27,6 +27,7 @@ import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.UnmarshalException; import javax.xml.bind.Unmarshaller; +import javax.xml.bind.ValidationEvent; import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.XMLInputFactory; @@ -48,6 +49,8 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; import at.gv.egiz.bku.utils.DebugReader; import at.gv.egiz.slbinding.RedirectEventFilter; import at.gv.egiz.slbinding.RedirectUnmarshallerListener; +import at.gv.egiz.validation.ValidationEventLogger; +import javax.xml.bind.ValidationEventHandler; public class SLCommandFactory { @@ -276,6 +279,7 @@ public class SLCommandFactory { unmarshaller.setSchema(slSchema); } log.trace("Before unmarshal()."); + unmarshaller.setEventHandler(new ValidationEventLogger()); object = unmarshaller.unmarshal(filteredReader); log.trace("After unmarshal()."); } catch (UnmarshalException e) { diff --git a/utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java b/utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java new file mode 100644 index 00000000..0fafdd7f --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java @@ -0,0 +1,55 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.validation; + +import javax.xml.bind.ValidationEvent; +import javax.xml.bind.ValidationEventHandler; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class ValidationEventLogger implements ValidationEventHandler { + + protected static final Log log = LogFactory.getLog(ValidationEventLogger.class); + + /** + * + * @param event + * @return false, terminate the current unmarshal, validate, or marshal operation after handling this warning/error + * (except for WARNING validation events) + */ + @Override + public boolean handleEvent(ValidationEvent event) { + switch (event.getSeverity()) { + case ValidationEvent.WARNING: + log.info(event.getMessage()); + return true; + case ValidationEvent.ERROR: + log.warn(event.getMessage()); + return false; + case ValidationEvent.FATAL_ERROR: + log.error(event.getMessage()); + return false; + default: + log.debug(event.getMessage()); + return false; + } + } +} -- cgit v1.2.3 From 275aae71fbac34cee00f009cd9c1a02d2786a662 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 11 Aug 2009 08:01:51 +0000 Subject: Fixed Bug#463 https://egovlabs.gv.at/tracker/index.php?func=detail&aid=463&group_id=13&atid=134. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@416 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java index 20d20c9d..c3a40713 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java @@ -278,9 +278,8 @@ public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox { new Object[] { issuerTemplate }); } } - } else { - result.setResultBytes(resultBytes.toByteArray()); - } + } + result.setResultBytes(resultBytes.toByteArray()); } return result; -- cgit v1.2.3 From 2dc37cef3cb0f5aa4dcc7a3bb28259181e6f5b3e Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 12 Aug 2009 14:16:58 +0000 Subject: Fixed Bug#463 https://egovlabs.gv.at/tracker/index.php?func=detail&aid=463&group_id=13&atid=134. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@417 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../slcommands/impl/IdentityLinkInfoboxImpl.java | 57 +++++++++++----------- 1 file changed, 29 insertions(+), 28 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java index c3a40713..7a82e43f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java @@ -172,9 +172,29 @@ public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox { InfoboxReadResultFileImpl result = new InfoboxReadResultFileImpl(); ByteArrayOutputStream resultBytes = null; - Result xmlResult = (isXMLEntity() || getDomainIdentifier() != null) - ? result.getXmlResult(true) - : new StreamResult((resultBytes = new ByteArrayOutputStream())); + Result xmlResult; + if (isXMLEntity()) { + // we will return the result as XML entity + xmlResult = result.getXmlResult(true); + } else { + // we will return the result as binary data + if (getDomainIdentifier() != null) { + // we need an XML result to be able to replace the domain identifier below + Document doc; + try { + doc = dbf.newDocumentBuilder().newDocument(); + } catch (ParserConfigurationException e) { + // it should always be possible to create a new Document + log.error("Failed to create XML document.", e); + throw new SLRuntimeException(e); + } + xmlResult = new DOMResult(doc); + } else { + resultBytes = new ByteArrayOutputStream(); + xmlResult = new StreamResult(resultBytes); + } + } + try { log.trace("Trying to transform identitylink"); identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult); @@ -235,23 +255,9 @@ public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox { if (!isXMLEntity()) { if (resultBytes == null) { resultBytes = new ByteArrayOutputStream(); - if (xmlResult instanceof DOMResult) { Node node = ((DOMResult) xmlResult).getNode(); - Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); - - DOMSource xmlSource; - if (nextSibling != null) { - xmlSource = new DOMSource(nextSibling.getPreviousSibling()); - } else if (node != null) { - xmlSource = new DOMSource(node.getFirstChild()); - } else { - log - .error("IssuerTemplate transformation returned no node."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } + DOMSource xmlSource = new DOMSource(node); TransformerFactory transformerFactory = TransformerFactory.newInstance(); try { Transformer transformer = transformerFactory.newTransformer(); @@ -267,16 +273,11 @@ public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox { SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, new Object[] { issuerTemplate }); } - } else if (xmlResult instanceof StreamResult) { - OutputStream outputStream = ((StreamResult) xmlResult).getOutputStream(); - if (outputStream instanceof ByteArrayOutputStream) { - result.setResultBytes(((ByteArrayOutputStream) outputStream).toByteArray()); - } else { - log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } + } else { + log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); } } result.setResultBytes(resultBytes.toByteArray()); -- cgit v1.2.3 From b16d733781a2f7d2a56f562be7f06090f724a02a Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 13 Aug 2009 09:32:12 +0000 Subject: minor changes (log) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@428 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java | 8 ++++---- bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 832b1770..cb11a3e6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -347,8 +347,8 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceUrl(conn.getUrl()); currentState = State.PROCESS; } else if (((contentType.startsWith(HttpUtil.TXT_HTML)) - || (contentType.startsWith(HttpUtil.TXT_PLAIN)) || (contentType - .startsWith(HttpUtil.TXT_XML))) + || (contentType.startsWith(HttpUtil.TXT_PLAIN)) + || (contentType.startsWith(HttpUtil.TXT_XML))) && (dataUrlResponse.isHttpResponseXMLOK())) { log.info("Dataurl response matches with content type: " + contentType); @@ -568,10 +568,10 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements commandCtx.setSTAL(getSTAL()); commandCtx.setURLDereferencerContext(new SimpleFormDataContextImpl(this)); commandCtx.setLocale(locale); - slCommand = SLCommandFactory.getInstance().createSLCommand(source, + slCommand = SLCommandFactory.getInstance().createSLCommand(source, commandCtx); log.debug("Created new command: " + slCommand); - } + } @Override public void run() { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index d9a118e5..41c2512f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -84,6 +84,7 @@ public abstract class Configurator { throw new SLRuntimeException( "Expecting directory as SSL.caDirectory parameter"); } + log.info("loading trustStore from " + caDir.getAbsolutePath()); CertificateFactory cf = CertificateFactory.getInstance("X.509"); for (File f : caDir.listFiles()) { try { @@ -114,6 +115,7 @@ public abstract class Configurator { throw new SLRuntimeException( "Expecting directory as SSL.certDirectory parameter"); } + log.info("loading certStore from " + certDir.getAbsolutePath()); List certCollection = new LinkedList(); CertificateFactory cf = CertificateFactory.getInstance("X.509"); for (File f : certDir.listFiles()) { @@ -256,7 +258,7 @@ public abstract class Configurator { log.debug("Setting user agent to: " + properties.getProperty(USERAGENT_CONFIG_P)); } else { - log.warn("Cannot read manifest"); + log.warn("Failed to read manifest, setting user-agent to " + USERAGENT_DEFAULT); properties.setProperty(USERAGENT_CONFIG_P, USERAGENT_DEFAULT); } } catch (IOException e) { -- cgit v1.2.3 From c1a8ed191e57b6c068d9a2733cca40dd4c209b9f Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 14 Aug 2009 11:14:32 +0000 Subject: [#354] HTTPBindingProcessor: MAX_DATAURL_HOPS not configurable git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@436 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../egiz/bku/binding/AbstractBindingProcessor.java | 141 +++++++++++---------- .../at/gv/egiz/bku/binding/BindingProcessor.java | 117 ++++++++--------- .../bku/binding/BindingProcessorManagerImpl.java | 10 +- .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 4 + .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 8 +- .../java/at/gv/egiz/bku/conf/Configuration.java | 100 +++++++++++++++ .../bku/binding/BindingProcessorManagerTest.java | 63 ++++----- .../gv/egiz/bku/binding/DataUrlConnectionTest.java | 4 +- .../bku/binding/EmptyMultipartSLRequestTest.java | 6 +- .../at/gv/egiz/bku/binding/ExpiryRemoverTest.java | 7 +- .../egiz/bku/binding/HttpBindingProcessorTest.java | 4 +- .../egiz/bku/binding/MultipartSLRequestTest.java | 83 ++++++------ .../at/gv/egiz/bku/binding/NullOperationTest.java | 73 +++++------ .../at/gv/egiz/bku/conf/DummyConfiguration.java | 32 +++++ 14 files changed, 403 insertions(+), 249 deletions(-) create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/conf/DummyConfiguration.java (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java index 17ce29ce..23f62134 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/AbstractBindingProcessor.java @@ -14,73 +14,76 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -import java.io.InputStream; -import java.util.Date; - -import at.gv.egiz.bku.slcommands.SLCommandInvoker; -import at.gv.egiz.stal.STAL; - -public abstract class AbstractBindingProcessor implements BindingProcessor { - protected Id id; - protected STAL stal; - protected SLCommandInvoker commandInvoker; - protected long lastAccessedTime = System.currentTimeMillis(); - - public AbstractBindingProcessor(String idString) { - this.id = IdFactory.getInstance().createId(idString); - } - - /** - * @see java.lang.Thread#run() - */ - public abstract void run(); - - /** - * The caller is advised to check the result in case an error occurred. - * - * @see #getResult() - */ - public abstract void consumeRequestStream(InputStream aIs); - - public Id getId() { - return id; - } - - public STAL getSTAL() { - return stal; - } - - public SLCommandInvoker getCommandInvoker() { - return commandInvoker; - } - - public void updateLastAccessTime() { - lastAccessedTime = System.currentTimeMillis(); - } - - public Date getLastAccessTime() { - return new Date(lastAccessedTime); - } - - /** - * To be called after object creation. - * - * @param aStal - * must not be null - * @param aCommandInvoker - * must not be null - */ - public void init(STAL aStal, SLCommandInvoker aCommandInvoker) { - if (aStal == null) { - throw new NullPointerException("STAL must not be set to null"); - } - if (aCommandInvoker == null) { - throw new NullPointerException("Commandinvoker must not be set to null"); - } - stal = aStal; - commandInvoker = aCommandInvoker; - Thread.currentThread().setName("BPID#"+getId().toString()); - } +package at.gv.egiz.bku.binding; + +import at.gv.egiz.bku.conf.Configuration; +import java.io.InputStream; +import java.util.Date; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.stal.STAL; + +public abstract class AbstractBindingProcessor implements BindingProcessor { + protected Id id; + protected Configuration config; + protected STAL stal; + protected SLCommandInvoker commandInvoker; + protected long lastAccessedTime = System.currentTimeMillis(); + + public AbstractBindingProcessor(String idString) { + this.id = IdFactory.getInstance().createId(idString); + } + + /** + * @see java.lang.Thread#run() + */ + public abstract void run(); + + /** + * The caller is advised to check the result in case an error occurred. + * + * @see #getResult() + */ + public abstract void consumeRequestStream(InputStream aIs); + + public Id getId() { + return id; + } + + public STAL getSTAL() { + return stal; + } + + public SLCommandInvoker getCommandInvoker() { + return commandInvoker; + } + + public void updateLastAccessTime() { + lastAccessedTime = System.currentTimeMillis(); + } + + public Date getLastAccessTime() { + return new Date(lastAccessedTime); + } + + /** + * To be called after object creation. + * + * @param aStal + * must not be null + * @param aCommandInvoker + * must not be null + */ + public void init(STAL aStal, SLCommandInvoker aCommandInvoker, Configuration conf) { + if (aStal == null) { + throw new NullPointerException("STAL must not be set to null"); + } + if (aCommandInvoker == null) { + throw new NullPointerException("Commandinvoker must not be set to null"); + } + config = conf; + stal = aStal; + commandInvoker = aCommandInvoker; + Thread.currentThread().setName("BPID#"+getId().toString()); + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java index 2569bf85..0d978992 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessor.java @@ -14,64 +14,65 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.util.Date; -import java.util.Locale; - -import at.gv.egiz.bku.slcommands.SLCommandInvoker; -import at.gv.egiz.stal.STAL; - -/** - * Represents an single instance of a SL HTTP binding. - * - * @author wbauer - * - */ -public interface BindingProcessor extends Runnable { - - /** - * The stream must be read completely within this method. - * - * The caller is advised to check the result in case an error occurred. - * - * @see #getResult() - */ - public void consumeRequestStream(InputStream aIs); - - /** - * The unique Id of this http binding instance. - * @return - */ - public Id getId(); - - /** - * The used underlying STAL instance - * @return - */ - public STAL getSTAL(); - - public SLCommandInvoker getCommandInvoker(); - - public Date getLastAccessTime(); - - public void updateLastAccessTime(); - - public String getResultContentType(); - - public void writeResultTo(OutputStream os, String encoding) throws IOException; - - public void init(STAL aStal, SLCommandInvoker aCommandInvoker); - - /** - * Sets the preferred locale for userinteraction. - * If the locale is not set the default locale will be used. - * @param locale must not be null. - */ +package at.gv.egiz.bku.binding; + +import at.gv.egiz.bku.conf.Configuration; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.util.Date; +import java.util.Locale; + +import at.gv.egiz.bku.slcommands.SLCommandInvoker; +import at.gv.egiz.stal.STAL; + +/** + * Represents an single instance of a SL HTTP binding. + * + * @author wbauer + * + */ +public interface BindingProcessor extends Runnable { + + /** + * The stream must be read completely within this method. + * + * The caller is advised to check the result in case an error occurred. + * + * @see #getResult() + */ + public void consumeRequestStream(InputStream aIs); + + /** + * The unique Id of this http binding instance. + * @return + */ + public Id getId(); + + /** + * The used underlying STAL instance + * @return + */ + public STAL getSTAL(); + + public SLCommandInvoker getCommandInvoker(); + + public Date getLastAccessTime(); + + public void updateLastAccessTime(); + + public String getResultContentType(); + + public void writeResultTo(OutputStream os, String encoding) throws IOException; + + public void init(STAL aStal, SLCommandInvoker aCommandInvoker, Configuration config); + + /** + * Sets the preferred locale for userinteraction. + * If the locale is not set the default locale will be used. + * @param locale must not be null. + */ public void setLocale(Locale locale); - public boolean isFinished(); + public boolean isFinished(); } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 144416ed..bf9a63e2 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configuration; import java.net.MalformedURLException; import java.net.URL; import java.util.Collections; @@ -49,6 +50,10 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { private static Log log = LogFactory.getLog(BindingProcessorManagerImpl.class); + /** spring injected config + * Passed to created bindingprocessors, to replace their configuration */ + protected Configuration config; + protected STALFactory stalFactory; protected SLCommandInvoker commandInvokerClass; @@ -105,7 +110,7 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { * @param ci * must not be null (prototype to generate new instances) */ - public BindingProcessorManagerImpl(STALFactory fab, SLCommandInvoker ci) { + public BindingProcessorManagerImpl(STALFactory fab, SLCommandInvoker ci, Configuration conf) { if (fab == null) { throw new NullPointerException("STALFactory must not be null"); } @@ -114,6 +119,7 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { throw new NullPointerException("SLCommandInvoker must not be null"); } commandInvokerClass = ci; + config = conf; executorService = Executors.newCachedThreadPool(); } @@ -213,7 +219,7 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { commandInvokerClass.newInstance(), url); stalFactory.setLocale(locale); STAL stal = stalFactory.createSTAL(); - bindingProcessor.init(stal, commandInvokerClass.newInstance()); + bindingProcessor.init(stal, commandInvokerClass.newInstance(), config); if (locale != null) { bindingProcessor.setLocale(locale); // stal.setLocale(locale); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index aaeacd98..1db8c836 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configuration; import at.gv.egiz.bku.conf.Configurator; import java.net.MalformedURLException; import java.net.URL; @@ -42,6 +43,9 @@ public class DataUrl { private static HostnameVerifier hostNameVerifier; private URL url; + /** spring injected config, to replace configuration */ + //private Configuration config; + /** * Sets the default DataUrlConnection implementation * @param aClass must not be null diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index cb11a3e6..ef603fc7 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -87,12 +87,6 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements public final static Collection XML_REQ_TRANSFER_ENCODING = Arrays .asList(new String[] { "binary" }); - /** - * Defines the maximum number of dataurl connects that are allowed within a - * single SL Request processing. - */ - protected static int MAX_DATAURL_HOPS = 80; - protected static String XML_MIME_TYPE = "text/xml"; protected static String BINARY_MIME_TYPE = "application/octet-stream"; @@ -592,7 +586,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements break; case DATAURL: handleDataUrl(); - if (++hopcounter > MAX_DATAURL_HOPS) { + if (++hopcounter > config.getMaxDataUrlHops()) { log.error("Maximum number of dataurl hops reached"); bindingProcessorError = new SLBindingException(2000); currentState = State.FINISHED; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java new file mode 100644 index 00000000..f813b14d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java @@ -0,0 +1,100 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.conf; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * BKU Common Configuration + * + * Injected to BKU Common classes as defined in mocca-conf.xml + * + * Replace at.gv.egiz.bku.conf.Configurator, + * currently only few configuration options are supported. + * + * @author Clemens Orthacker + */ +public class Configuration { + + public static final int MAX_DATAURL_HOPS_DEFAULT = 50; + public static final String IMPLEMENTATION_NAME_DEFAULT = "MOCCA"; + public static final String IMPLEMENTATION_VERSION_DEFAULT = "UNKNOWN"; + + private static final Log log = LogFactory.getLog(Configuration.class); + + private int maxDataUrlHops = -1; + private String implementationName; + private String implementationVersion; + + public void setMaxDataUrlHops(int maxDataUrlHops) { + this.maxDataUrlHops = maxDataUrlHops; + } + + /** + * Defines the maximum number of dataurl connects that are allowed within a + * single SL Request processing. + */ + public int getMaxDataUrlHops() { + if (maxDataUrlHops < 0) { + log.warn("maxDataUrlHops not configured, using default: " + MAX_DATAURL_HOPS_DEFAULT); + return MAX_DATAURL_HOPS_DEFAULT; + } + return maxDataUrlHops; + } + + /** + * @return the implementationName + */ + public String getImplementationName() { + if (implementationName == null) { + log.info("implementationName not configured, using default: " + IMPLEMENTATION_NAME_DEFAULT); + return "MOCCA"; + } + return implementationName; + } + + /** + * @param implementationName the implementationName to set + */ + public void setImplementationName(String implementationName) { + this.implementationName = implementationName; + } + + /** + * @return the implementationVersion + */ + public String getImplementationVersion() { + if (implementationName == null) { + log.info("implementationName not configured, using default: " + IMPLEMENTATION_VERSION_DEFAULT); + return IMPLEMENTATION_VERSION_DEFAULT; + } + return implementationVersion; + } + + /** + * @param implementationVersion the implementationVersion to set + */ + public void setImplementationVersion(String implementationVersion) { + this.implementationVersion = implementationVersion; + } + + + + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/BindingProcessorManagerTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/BindingProcessorManagerTest.java index 9481f0bc..22a7aa3b 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/BindingProcessorManagerTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/BindingProcessorManagerTest.java @@ -14,35 +14,38 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -import static org.junit.Assert.*; +package at.gv.egiz.bku.binding; + +import at.gv.egiz.bku.conf.Configuration; +import at.gv.egiz.bku.conf.DummyConfiguration; +import static org.junit.Assert.*; import java.net.MalformedURLException; - -import org.junit.Before; -import org.junit.Test; - -public class BindingProcessorManagerTest { - - @Before - public void setUp() { - IdFactory.getInstance().setNumberOfBits(24*10); - } - - - @Test(expected = MalformedURLException.class) - public void basicCreationTest() throws MalformedURLException { - BindingProcessorManager manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); - BindingProcessor bp = manager.createBindingProcessor("http://www.at/", null); - assertNotNull(bp.getId().toString()); - assertEquals(40, bp.getId().toString().length()); - String hansi = "Hansi"; - bp = manager.createBindingProcessor("http://www.iaik.at",hansi); - assertEquals(hansi, bp.getId().toString()); - bp = manager.createBindingProcessor("HtTp://www.iaik.at", null); - assertNotNull(bp); - manager.createBindingProcessor("seppl", null); - } - -} + +import org.junit.Before; +import org.junit.Test; + +public class BindingProcessorManagerTest { + + @Before + public void setUp() { + IdFactory.getInstance().setNumberOfBits(24*10); + } + + + @Test(expected = MalformedURLException.class) + public void basicCreationTest() throws MalformedURLException { + //TODO for the moment empty config sufficient (currently only maxDataURLHops configured) + BindingProcessorManager manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl(), new DummyConfiguration()); + BindingProcessor bp = manager.createBindingProcessor("http://www.at/", null); + assertNotNull(bp.getId().toString()); + assertEquals(40, bp.getId().toString().length()); + String hansi = "Hansi"; + bp = manager.createBindingProcessor("http://www.iaik.at",hansi); + assertEquals(hansi, bp.getId().toString()); + bp = manager.createBindingProcessor("HtTp://www.iaik.at", null); + assertNotNull(bp); + manager.createBindingProcessor("seppl", null); + } + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/DataUrlConnectionTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/DataUrlConnectionTest.java index 87726c49..6e48e6fa 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/DataUrlConnectionTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/DataUrlConnectionTest.java @@ -20,6 +20,8 @@ */ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configuration; +import at.gv.egiz.bku.conf.DummyConfiguration; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -71,7 +73,7 @@ public class DataUrlConnectionTest { log.debug("setting up HTTPBindingProcessor"); manager = new BindingProcessorManagerImpl(new DummyStalFactory(), - new SLCommandInvokerImpl()); + new SLCommandInvokerImpl(), new DummyConfiguration()); bindingProcessor = (HTTPBindingProcessor) manager.createBindingProcessor( "http://www.iaik.at", null); Map headers = new HashMap(); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java index dd315f7f..ee17f5e9 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/EmptyMultipartSLRequestTest.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configuration; import iaik.security.ecc.provider.ECCProvider; import iaik.security.provider.IAIK; import iaik.xml.crypto.XSecProvider; @@ -35,6 +36,7 @@ import org.junit.Before; import org.junit.Test; import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.conf.DummyConfiguration; import at.gv.egiz.bku.slcommands.SLCommandFactory; import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; @@ -51,7 +53,7 @@ public class EmptyMultipartSLRequestTest { @Before public void setUp() throws MalformedURLException, ClassNotFoundException { manager = new BindingProcessorManagerImpl(new DummyStalFactory(), - new SLCommandInvokerImpl()); + new SLCommandInvokerImpl(), new DummyConfiguration()); HTTPBindingProcessor http = (HTTPBindingProcessor) manager .createBindingProcessor("http://www.at/", null); Map headers = new HashMap(); @@ -89,7 +91,7 @@ public class EmptyMultipartSLRequestTest { @Test public void testBasicNop() { bindingProcessor.consumeRequestStream(dataStream); - // manager.process(bindingProcessor); + // manager.process(bindingProcessor); bindingProcessor.run(); } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java index 18ccc11a..faf08c54 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/ExpiryRemoverTest.java @@ -16,6 +16,8 @@ */ package at.gv.egiz.bku.binding; +import at.gv.egiz.bku.conf.Configuration; +import at.gv.egiz.bku.conf.DummyConfiguration; import java.net.MalformedURLException; import org.junit.Test; @@ -25,8 +27,9 @@ public class ExpiryRemoverTest { @Test public void testMe() throws InterruptedException, MalformedURLException { + //TODO for the moment empty config sufficient (currently only maxDataURLHops configured) BindingProcessorManager manager = new BindingProcessorManagerImpl(new DummyStalFactory(), - new SLCommandInvokerImpl()); + new SLCommandInvokerImpl(), new DummyConfiguration()); BindingProcessor bp = manager.createBindingProcessor("http://www.at", null); ExpiryRemover remover = new ExpiryRemover(); remover.setBindingProcessorManager(manager); @@ -46,7 +49,7 @@ public class ExpiryRemoverTest { @Test public void testMe2() throws InterruptedException, MalformedURLException { BindingProcessorManager manager = new BindingProcessorManagerImpl(new DummyStalFactory(), - new SLCommandInvokerImpl()); + new SLCommandInvokerImpl(), new DummyConfiguration()); BindingProcessor bp = manager.createBindingProcessor("http://www.iaik.at", null); ExpiryRemover remover = new ExpiryRemover(); remover.setBindingProcessorManager(manager); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java index 2130e7f1..d03e1807 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/HttpBindingProcessorTest.java @@ -33,6 +33,8 @@ import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egiz.bku.binding.MultiTestDataUrlConnection.DataSourceProvider; +import at.gv.egiz.bku.conf.Configuration; +import at.gv.egiz.bku.conf.DummyConfiguration; import at.gv.egiz.bku.utils.StreamUtil; public class HttpBindingProcessorTest { @@ -102,7 +104,7 @@ public class HttpBindingProcessorTest { server.setResponseContent(""); server.setResponseHeaders(serverHeaderMap); manager = new BindingProcessorManagerImpl(new DummyStalFactory(), - new SLCommandInvokerImpl()); + new SLCommandInvokerImpl(), new DummyConfiguration()); bindingProcessor = (HTTPBindingProcessor) manager.createBindingProcessor( "http://www.iaik.at", null); clientHeaderMap = new HashMap(); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java index 2c48bf4e..1a9a6a70 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/MultipartSLRequestTest.java @@ -14,45 +14,46 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -import java.io.InputStream; +package at.gv.egiz.bku.binding; + +import at.gv.egiz.bku.conf.DummyConfiguration; +import java.io.InputStream; import java.net.MalformedURLException; -import java.util.HashMap; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; - -import org.junit.Before; -import org.junit.Test; - -public class MultipartSLRequestTest { - - protected String resourceName = "at/gv/egiz/bku/binding/MultipartFromTutorial.txt"; - - protected BindingProcessor bindingProcessor; - protected InputStream dataStream; - protected BindingProcessorManager manager; - - @Before - public void setUp() throws MalformedURLException { - manager = new BindingProcessorManagerImpl(new DummyStalFactory(), - new SLCommandInvokerImpl()); - HTTPBindingProcessor http = (HTTPBindingProcessor) manager - .createBindingProcessor("http://www.at/", null); - Map headers = new HashMap(); - headers.put("Content-Type", InputDecoderFactory.MULTIPART_FORMDATA - + ";boundary=---------------------------2330864292941"); - http.setHTTPHeaders(headers); - dataStream = getClass().getClassLoader().getResourceAsStream(resourceName); - bindingProcessor = http; - } - - @Test - public void testBasicNop() { - bindingProcessor.consumeRequestStream(dataStream); - // manager.process(bindingProcessor); - bindingProcessor.run(); - } - -} +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import org.junit.Before; +import org.junit.Test; + +public class MultipartSLRequestTest { + + protected String resourceName = "at/gv/egiz/bku/binding/MultipartFromTutorial.txt"; + + protected BindingProcessor bindingProcessor; + protected InputStream dataStream; + protected BindingProcessorManager manager; + + @Before + public void setUp() throws MalformedURLException { + manager = new BindingProcessorManagerImpl(new DummyStalFactory(), + new SLCommandInvokerImpl(), new DummyConfiguration()); + HTTPBindingProcessor http = (HTTPBindingProcessor) manager + .createBindingProcessor("http://www.at/", null); + Map headers = new HashMap(); + headers.put("Content-Type", InputDecoderFactory.MULTIPART_FORMDATA + + ";boundary=---------------------------2330864292941"); + http.setHTTPHeaders(headers); + dataStream = getClass().getClassLoader().getResourceAsStream(resourceName); + bindingProcessor = http; + } + + @Test + public void testBasicNop() { + bindingProcessor.consumeRequestStream(dataStream); + // manager.process(bindingProcessor); + bindingProcessor.run(); + } + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java index b2a7d387..58c82c49 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/NullOperationTest.java @@ -14,40 +14,41 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package at.gv.egiz.bku.binding; - -import java.io.InputStream; +package at.gv.egiz.bku.binding; + +import at.gv.egiz.bku.conf.DummyConfiguration; +import java.io.InputStream; import java.net.MalformedURLException; -import java.util.HashMap; -import java.util.Map; - -import org.junit.Before; -import org.junit.Test; - -public class NullOperationTest { - - protected String resourceName = "at/gv/egiz/bku/binding/NulloperationRequest.txt.bin"; - - protected BindingProcessor bindingProcessor; - protected InputStream dataStream; - protected BindingProcessorManager manager; - - @Before - public void setUp() throws MalformedURLException { - manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl()); - HTTPBindingProcessor http = (HTTPBindingProcessor) manager.createBindingProcessor("http://www.at/", null); - Map headers = new HashMap(); - headers.put("Content-Type", "application/x-www-form-urlencoded"); - http.setHTTPHeaders(headers); - dataStream = getClass().getClassLoader().getResourceAsStream(resourceName); - bindingProcessor = http; - } - - @Test - public void testBasicNop() { - bindingProcessor.consumeRequestStream(dataStream); - //manager.process(bindingProcessor); - bindingProcessor.run(); - } - -} +import java.util.HashMap; +import java.util.Map; + +import org.junit.Before; +import org.junit.Test; + +public class NullOperationTest { + + protected String resourceName = "at/gv/egiz/bku/binding/NulloperationRequest.txt.bin"; + + protected BindingProcessor bindingProcessor; + protected InputStream dataStream; + protected BindingProcessorManager manager; + + @Before + public void setUp() throws MalformedURLException { + manager = new BindingProcessorManagerImpl(new DummyStalFactory(), new SLCommandInvokerImpl(), new DummyConfiguration()); + HTTPBindingProcessor http = (HTTPBindingProcessor) manager.createBindingProcessor("http://www.at/", null); + Map headers = new HashMap(); + headers.put("Content-Type", "application/x-www-form-urlencoded"); + http.setHTTPHeaders(headers); + dataStream = getClass().getClassLoader().getResourceAsStream(resourceName); + bindingProcessor = http; + } + + @Test + public void testBasicNop() { + bindingProcessor.consumeRequestStream(dataStream); + //manager.process(bindingProcessor); + bindingProcessor.run(); + } + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/conf/DummyConfiguration.java b/bkucommon/src/test/java/at/gv/egiz/bku/conf/DummyConfiguration.java new file mode 100644 index 00000000..1e0e5aa9 --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/conf/DummyConfiguration.java @@ -0,0 +1,32 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.conf; + +/** + * + * @author Clemens Orthacker + */ +public class DummyConfiguration extends Configuration { + + public DummyConfiguration() { + this.setMaxDataUrlHops(MAX_DATAURL_HOPS_DEFAULT); + //this.set... + } + + +} -- cgit v1.2.3 From bd070e82c276afb8c1c3a9ddc3b5712783760881 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 29 Sep 2009 17:36:06 +0000 Subject: Logging issues fixed: - Added possibility to configure logging of BKUWebstart. Logging is now configured from log4j configuration deployed with BKUWebstart in a first step. In a second step the webstart launcher looks for a log4j configuration file in the user's mooca configuration directory and updates the log4j configuration. - Logging of IAIK PKI properly initialized. IAIK PKI does not mess with the log4j configuration any longer. - Changed log4j accordingly (an appender is now needed as IAIK PKI does not reconfigure log4j any longer). Added css-stylesheet to ErrorResponses issued by the BKU to improve the presentation to the user. Changed dependencies of BKUWebStart (see Issue#469 https://egovlabs.gv.at/tracker/index.php?func=detail&aid=469&group_id=13&atid=134). DataURLConnection now uses the request encoding of SL < 1.2. application/x-www-form-urlencoded is now used as default encoding method. multipart/form-data is used only if transfer parameters are present in the request that require a Content-Type parameter. This can only be set with multipart/form-data. This is not in conformance with SL 1.2, however it should improve compatibility with applications. Therefore, removed the ability to configure the DataURLConnection implementation class. DataURLConnection now uses a streaming implementation for encoding of application/x-www-form-urlencoded requests. XWWWFormUrlImputDecoder now uses a streaming implementation for decoding of application/x-www-form-urlencoded requests. Fixed Bug in SLResultPart that caused a binary response to be provided as parameter "XMLResponse" in a multipart/form-data encoded request to DataURL. SLCommandFactory now supports unmarshalling of SL < 1.2 requests in order issue meaningful error messages. Therefore, the marshaling context for response marshaling had to be separated from the marshaling context for requests in order to avoid the marshaling of SL < 1.2 namespace prefixes in SL 1.2 responses. Target attribute in QualifiedProperties is now marshaled. (see Issue#470 https://egovlabs.gv.at/tracker/index.php?func=detail&aid=470&group_id=13&atid=134) Reporting of XML validation errors improved. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@510 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKULocal/src/main/resources/log4j.properties | 2 +- BKULocal/src/main/webapp/errorresponse.css | 12 + BKUOnline/src/main/webapp/errorresponse.css | 12 + BKUWebStart/pom.xml | 14 +- .../java/at/gv/egiz/bku/webstart/Configurator.java | 26 +- .../java/at/gv/egiz/bku/webstart/Container.java | 11 +- .../java/at/gv/egiz/bku/webstart/Launcher.java | 22 +- .../gv/egiz/bku/webstart/LogSecurityManager.java | 9 +- .../java/at/gv/egiz/bku/webstart/TLSServerCA.java | 9 +- .../at/gv/egiz/bku/webstart/gui/AboutDialog.java | 7 +- .../bku/webstart/gui/PINManagementInvoker.java | 7 +- BKUWebStart/src/main/resources/log4j.properties | 20 +- .../at/gv/egiz/bku/webstart/ConfiguratorTest.java | 2 - BKUWebStartPackage/pom.xml | 3 +- .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 9 +- .../at/gv/egiz/bku/binding/DataUrlConnection.java | 2 +- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 342 ++++++- .../gv/egiz/bku/binding/HTTPBindingProcessor.java | 29 +- .../bku/binding/LegacyDataUrlConnectionImpl.java | 259 ----- .../egiz/bku/binding/XWWWFormUrlInputDecoder.java | 83 +- .../egiz/bku/binding/XWWWFormUrlInputIterator.java | 376 +++++++ .../egiz/bku/binding/multipart/SLResultPart.java | 41 +- .../at/gv/egiz/bku/conf/CertValidatorImpl.java | 24 + .../java/at/gv/egiz/bku/conf/IAIKCommonsLog.java | 144 +++ .../at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java | 59 ++ .../gv/egiz/bku/slcommands/SLCommandFactory.java | 51 +- .../egiz/bku/slcommands/SLMarshallerFactory.java | 172 ++++ .../java/at/gv/egiz/bku/slcommands/SLResult.java | 8 +- .../slcommands/impl/AbstractAssocArrayInfobox.java | 13 +- .../impl/CreateXMLSignatureResultImpl.java | 15 +- .../egiz/bku/slcommands/impl/ErrorResultImpl.java | 6 +- .../bku/slcommands/impl/GetStatusCommandImpl.java | 2 - .../bku/slcommands/impl/GetStatusResultImpl.java | 4 +- .../slcommands/impl/IdentityLinkInfoboxImpl.java | 1 - .../slcommands/impl/InfoboxReadResultFileImpl.java | 15 +- .../bku/slcommands/impl/InfoboxReadResultImpl.java | 4 +- .../slcommands/impl/InfoboxUpdateResultImpl.java | 4 +- .../slcommands/impl/NullOperationResultImpl.java | 4 +- .../gv/egiz/bku/slcommands/impl/SLResultImpl.java | 94 +- .../egiz/bku/slcommands/impl/xsect/DataObject.java | 1 - .../egiz/bku/slcommands/impl/xsect/Signature.java | 18 +- .../egiz/bku/slexceptions/SLExceptionMessages.java | 6 + .../egiz/bku/slexceptions/SLVersionException.java | 28 + .../egiz/bku/slcommands/schema/Core.20020225.xsd | 33 + .../egiz/bku/slcommands/schema/Core.20020831.xsd | 10 + .../slexceptions/SLExceptionMessages.properties | 7 +- .../slexceptions/SLExceptionMessages_en.properties | 4 + .../bku/binding/XWWWFormUrlInputIteratorTest.java | 152 +++ .../egiz/bku/slcommands/SLCommandFactoryTest.java | 7 +- .../impl/CreateXMLSignatureComandImplTest.java | 9 +- .../bku/slcommands/impl/ErrorResultImplTest.java | 2 +- .../slcommands/impl/InfoboxReadComandImplTest.java | 9 +- .../impl/NullOperationResultImplTest.java | 2 +- .../impl/SVPersonendatenInfoboxImplTest.java | 15 +- .../securitylayer/_1/TransformsInfoType.java | 21 +- .../_20020225_/ErrorResponseType.java | 98 ++ .../securitylayer/_20020225_/ObjectFactory.java | 280 ++++++ .../securitylayer/_20020225_/package-info.java | 9 + .../securitylayer/_20020831_/ObjectFactory.java | 112 +++ .../gv/egiz/bku/utils/URLEncodingInputStream.java | 62 ++ .../gv/egiz/bku/utils/URLEncodingOutputStream.java | 134 +++ .../at/gv/egiz/bku/utils/URLEncodingWriter.java | 57 ++ .../java/at/gv/egiz/marshal/MarshallerFactory.java | 12 +- .../java/at/gv/egiz/marshal/NamespacePrefix.java | 34 - .../gv/egiz/marshal/NamespacePrefixMapperImpl.java | 54 +- .../ReportingValidationEventHandler.java | 64 ++ .../gv/egiz/validation/ValidationEventLogger.java | 55 - .../gv/egiz/xades/QualifyingPropertiesFactory.java | 8 +- .../bku/utils/URLEncodingOutputStreamTest.java | 147 +++ utils/src/test/resources/BigRequest.xml | 1060 ++++++++++++++++++++ 70 files changed, 3704 insertions(+), 723 deletions(-) create mode 100644 BKULocal/src/main/webapp/errorresponse.css create mode 100644 BKUOnline/src/main/webapp/errorresponse.css delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLMarshallerFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLVersionException.java create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020225.xsd create mode 100644 bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020831.xsd create mode 100644 bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java create mode 100644 utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ErrorResponseType.java create mode 100644 utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ObjectFactory.java create mode 100644 utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/package-info.java create mode 100644 utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020831_/ObjectFactory.java create mode 100644 utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingInputStream.java create mode 100644 utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingOutputStream.java create mode 100644 utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingWriter.java delete mode 100644 utils/src/main/java/at/gv/egiz/marshal/NamespacePrefix.java create mode 100644 utils/src/main/java/at/gv/egiz/validation/ReportingValidationEventHandler.java delete mode 100644 utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java create mode 100644 utils/src/test/java/at/gv/egiz/bku/utils/URLEncodingOutputStreamTest.java create mode 100644 utils/src/test/resources/BigRequest.xml (limited to 'bkucommon/src/main') diff --git a/BKULocal/src/main/resources/log4j.properties b/BKULocal/src/main/resources/log4j.properties index 8dc8644c..86ddc7b4 100644 --- a/BKULocal/src/main/resources/log4j.properties +++ b/BKULocal/src/main/resources/log4j.properties @@ -15,7 +15,7 @@ # assume log4j to be configured by servlet container (java web start) # loglever DEBUG, appender STDOUT -#log4j.rootLogger=DEBUG, STDOUT +log4j.rootLogger=DEBUG, STDOUT # STDOUT appender log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender diff --git a/BKULocal/src/main/webapp/errorresponse.css b/BKULocal/src/main/webapp/errorresponse.css new file mode 100644 index 00000000..41402e71 --- /dev/null +++ b/BKULocal/src/main/webapp/errorresponse.css @@ -0,0 +1,12 @@ +@CHARSET "UTF-8"; +sl\:ErrorResponse {margin: 0.5em; display: block;} +sl\:ErrorCode {display: inline;} +sl\:Info {display: inline;} + +ErrorResponse:lang(de):before {content: "Bei der Verarbeitung der Anfrage durch die Bürgerkartenumgebung ist ein Fehler aufgetreten: "; font-weight: bolder;} +ErrorResponse:before {content: "An error has occoured upon request processing by the citizen card software: "; font-weight: bold;} +ErrorResponse {margin: 0.5em; display: block;} +ErrorCode:lang(de):before {content: "Fehler-Code: ";} +ErrorCode:before {content: "Error Code: ";} +ErrorCode {display: block;} +Info {display: block;} \ No newline at end of file diff --git a/BKUOnline/src/main/webapp/errorresponse.css b/BKUOnline/src/main/webapp/errorresponse.css new file mode 100644 index 00000000..41402e71 --- /dev/null +++ b/BKUOnline/src/main/webapp/errorresponse.css @@ -0,0 +1,12 @@ +@CHARSET "UTF-8"; +sl\:ErrorResponse {margin: 0.5em; display: block;} +sl\:ErrorCode {display: inline;} +sl\:Info {display: inline;} + +ErrorResponse:lang(de):before {content: "Bei der Verarbeitung der Anfrage durch die Bürgerkartenumgebung ist ein Fehler aufgetreten: "; font-weight: bolder;} +ErrorResponse:before {content: "An error has occoured upon request processing by the citizen card software: "; font-weight: bold;} +ErrorResponse {margin: 0.5em; display: block;} +ErrorCode:lang(de):before {content: "Fehler-Code: ";} +ErrorCode:before {content: "Error Code: ";} +ErrorCode {display: block;} +Info {display: block;} \ No newline at end of file diff --git a/BKUWebStart/pom.xml b/BKUWebStart/pom.xml index ca19a0b3..f51f1332 100644 --- a/BKUWebStart/pom.xml +++ b/BKUWebStart/pom.xml @@ -172,6 +172,12 @@ BKUCertificates 1.0 + + iaik + iaik_jce_full_signed + compile + + + @@ -215,6 +222,11 @@ slf4j-log4j12 1.5.8 + + log4j + log4j + compile + diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index 923a70d9..d8fe3e70 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -16,8 +16,9 @@ */ package at.gv.egiz.bku.webstart; -import at.gv.egiz.bku.utils.StreamUtil; import iaik.asn1.CodingException; +import iaik.utils.StreamCopier; + import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.BufferedReader; @@ -42,8 +43,10 @@ import java.util.jar.Manifest; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; import java.util.zip.ZipOutputStream; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.apache.log4j.PropertyConfigurator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * @@ -71,7 +74,7 @@ public class Configurator { public static final String KEYSTORE_FILE = "keystore.ks"; public static final String PASSWD_FILE = ".secret"; - private static final Log log = LogFactory.getLog(Configurator.class); + private static final Logger log = LoggerFactory.getLogger(Configurator.class); /** currently installed configuration version */ private String version; @@ -110,6 +113,11 @@ public class Configurator { } else { initConfig(configDir); } + // re-configure logging + // TODO: move to appropriate place + String log4jconfig = configDir.getPath() + File.separatorChar + "log4j.properties"; + log.debug("Reconfiguring logging with " + log4jconfig); + PropertyConfigurator.configureAndWatch(log4jconfig); } /** @@ -312,7 +320,7 @@ public class Configurator { ZipEntry entry = new ZipEntry(relativePath.toString()); zip.putNextEntry(entry); BufferedInputStream entryIS = new BufferedInputStream(new FileInputStream(dir)); - StreamUtil.copyStream(entryIS, zip); + new StreamCopier(entryIS, zip).copyStream(); entryIS.close(); zip.closeEntry(); dir.delete(); @@ -341,7 +349,7 @@ public class Configurator { File confTemplateFile = new File(configDir, CONF_TEMPLATE_FILE); InputStream is = Configurator.class.getClassLoader().getResourceAsStream(CONF_TEMPLATE_RESOURCE); OutputStream os = new BufferedOutputStream(new FileOutputStream(confTemplateFile)); - StreamUtil.copyStream(is, os); + new StreamCopier(is, os).copyStream(); os.close(); unzip(confTemplateFile, configDir); confTemplateFile.delete(); @@ -374,7 +382,7 @@ public class Configurator { new File(certsDir, f.substring(0, f.lastIndexOf('/'))).mkdirs(); BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(new File(certsDir, f))); log.debug(f); - StreamUtil.copyStream(Configurator.class.getClassLoader().getResourceAsStream(entry), bos); + new StreamCopier(Configurator.class.getClassLoader().getResourceAsStream(entry), bos).copyStream(); bos.close(); } else { log.trace("ignore " + entry); @@ -399,8 +407,8 @@ public class Configurator { } File f = new File(eF.getParent()); f.mkdirs(); - StreamUtil.copyStream(zipFile.getInputStream(entry), - new FileOutputStream(eF)); + new StreamCopier(zipFile.getInputStream(entry), + new FileOutputStream(eF)).copyStream(); } zipFile.close(); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 2feae267..4d1fe658 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -1,6 +1,7 @@ package at.gv.egiz.bku.webstart; -import at.gv.egiz.bku.utils.StreamUtil; +import iaik.utils.StreamCopier; + import java.awt.AWTPermission; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; @@ -24,20 +25,20 @@ import java.security.SecurityPermission; import java.security.cert.Certificate; import java.util.PropertyPermission; import javax.smartcardio.CardPermission; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.mortbay.jetty.Connector; import org.mortbay.jetty.Server; import org.mortbay.jetty.nio.SelectChannelConnector; import org.mortbay.jetty.security.SslSocketConnector; import org.mortbay.jetty.webapp.WebAppContext; import org.mortbay.thread.QueuedThreadPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class Container { public static final String HTTP_PORT_PROPERTY = "mocca.http.port"; public static final String HTTPS_PORT_PROPERTY = "mocca.http.port"; - private static Log log = LogFactory.getLog(Container.class); + private static Logger log = LoggerFactory.getLogger(Container.class); static { if (log.isDebugEnabled()) { @@ -166,7 +167,7 @@ public class Container { log.debug("copying BKULocal classpath resource to " + webapp); InputStream is = getClass().getClassLoader().getResourceAsStream("BKULocal.war"); OutputStream os = new BufferedOutputStream(new FileOutputStream(webapp)); - StreamUtil.copyStream(is, os); + new StreamCopier(is, os).copyStream(); os.close(); return webapp.getPath(); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index 2bf42ccb..ef7edef1 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -10,8 +10,6 @@ import java.util.Locale; import java.util.ResourceBundle; import javax.jnlp.UnavailableServiceException; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import com.sun.javaws.security.JavaWebStartSecurity; import java.awt.AWTException; @@ -37,6 +35,8 @@ import javax.jnlp.BasicService; import javax.jnlp.ServiceManager; import javax.swing.JFrame; import org.mortbay.util.MultiException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class Launcher implements BKUControllerInterface, ActionListener { public static final String HELP_COMMAND = "help"; @@ -71,9 +71,10 @@ public class Launcher implements BKUControllerInterface, ActionListener { public static final String SHUTDOWN_COMMAND = "shutdown"; public static final String PIN_COMMAND = "pin"; public static final String ABOUT_COMMAND = "about"; + + private static Logger log = LoggerFactory.getLogger(Launcher.class); - private static Log log = LogFactory.getLog(Launcher.class); - + /** local bku uri */ public static final URL HTTP_SECURITY_LAYER_URL; public static final URL HTTPS_SECURITY_LAYER_URL; @@ -93,7 +94,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { cert = new URL(http, "/installCertificate"); help = new URL(http, "/help"); } catch (MalformedURLException ex) { - log.error(ex); + log.error("Failed to create URL.", ex); } finally { HTTP_SECURITY_LAYER_URL = http; HTTPS_SECURITY_LAYER_URL = https; @@ -132,6 +133,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { public Launcher() { + log.info("Initializing Launcher"); if (log.isTraceEnabled()) { SecurityManager sm = System.getSecurityManager(); if (sm instanceof JavaWebStartSecurity) { @@ -147,7 +149,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { try { initConfig(); } catch (Exception ex) { - log.fatal("Failed to initialize configuration", ex); + log.error("Failed to initialize configuration", ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_CONFIG), TrayIcon.MessageType.ERROR); throw ex; @@ -156,12 +158,12 @@ public class Launcher implements BKUControllerInterface, ActionListener { startServer(); initFinished(); } catch (BindException ex) { - log.fatal("Failed to launch server, " + ex.getMessage(), ex); + log.error("Failed to launch server, " + ex.getMessage(), ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_BIND), TrayIcon.MessageType.ERROR); throw ex; } catch (MultiException ex) { - log.fatal("Failed to launch server, " + ex.getMessage(), ex); + log.error("Failed to launch server, " + ex.getMessage(), ex); if (ex.getThrowable(0) instanceof BindException) { trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_BIND), TrayIcon.MessageType.ERROR); @@ -172,7 +174,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { throw ex; } catch (Exception ex) { ex.printStackTrace(); - log.fatal("Failed to launch server, " + ex.getMessage(), ex); + log.error("Failed to launch server, " + ex.getMessage(), ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_START), TrayIcon.MessageType.ERROR); throw ex; @@ -379,7 +381,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { launcher.launch(); } catch (Exception ex) { ex.printStackTrace(); - log.debug(ex); + log.debug("Caught exception " + ex.getMessage(), ex); log.info("waiting to shutdown..."); Thread.sleep(5000); log.info("exit"); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java index 99fd403b..d589812e 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java @@ -20,8 +20,9 @@ import com.sun.javaws.security.JavaWebStartSecurity; import java.io.FileDescriptor; import java.net.InetAddress; import java.security.Permission; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * JVM argument -Djava.security.debug=access,failure @@ -31,7 +32,7 @@ import org.apache.commons.logging.LogFactory; */ public class LogSecurityManager extends SecurityManager { - protected static final Log log = LogFactory.getLog(LogSecurityManager.class); + protected static final Logger log = LoggerFactory.getLogger(LogSecurityManager.class); JavaWebStartSecurity sm; public LogSecurityManager(JavaWebStartSecurity sm) { @@ -182,6 +183,7 @@ public class LogSecurityManager extends SecurityManager { } } + @SuppressWarnings("deprecation") @Override public void checkMulticast(InetAddress maddr, byte ttl) { try { @@ -399,6 +401,7 @@ public class LogSecurityManager extends SecurityManager { // protected Class[] getClassContext() { // log.info("getClassContext"); return sm.getClassContext(); // } + @SuppressWarnings("deprecation") @Override public boolean getInCheck() { log.info("getInCheck"); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java index 08a06570..745042f8 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java @@ -16,8 +16,6 @@ import iaik.x509.extensions.SubjectAltName; import iaik.x509.extensions.SubjectKeyIdentifier; import java.io.IOException; import java.math.BigInteger; -import java.net.InetAddress; -import java.net.UnknownHostException; import java.security.GeneralSecurityException; import java.security.KeyPair; import java.security.KeyPairGenerator; @@ -27,14 +25,15 @@ import java.util.Calendar; import java.util.GregorianCalendar; import java.util.Random; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class TLSServerCA { public static final int CA_VALIDITY_Y = 3; public static final String MOCCA_TLS_SERVER_ALIAS = "server"; public static final int SERVER_VALIDITY_Y = 3; - private final static Log log = LogFactory.getLog(TLSServerCA.class); + private final static Logger log = LoggerFactory.getLogger(TLSServerCA.class); private KeyPair caKeyPair; private X509Certificate caCert; diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java index 1e35af58..ba2c007d 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java @@ -11,7 +11,6 @@ package at.gv.egiz.bku.webstart.gui; -import java.text.Format; import java.text.MessageFormat; import java.util.ResourceBundle; @@ -21,6 +20,11 @@ import java.util.ResourceBundle; */ public class AboutDialog extends javax.swing.JDialog { + /** + * + */ + private static final long serialVersionUID = 1L; + /** Creates new form AboutDialog */ public AboutDialog(java.awt.Frame parent, boolean modal, String version) { super(parent, modal); @@ -33,7 +37,6 @@ public class AboutDialog extends javax.swing.JDialog { * WARNING: Do NOT modify this code. The content of this method is * always regenerated by the Form Editor. */ - @SuppressWarnings("unchecked") // //GEN-BEGIN:initComponents private void initComponents() { diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java index 55e26313..1f14d751 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java @@ -21,8 +21,9 @@ import java.awt.TrayIcon; import java.io.IOException; import java.net.HttpURLConnection; import java.util.ResourceBundle; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * GUI is painted using SwingUtilities.invokeLater, but TrayIcon ActionListener Thread (== webstart thread) joined Jetty Thread @@ -31,7 +32,7 @@ import org.apache.commons.logging.LogFactory; */ public class PINManagementInvoker implements Runnable { - private static final Log log = LogFactory.getLog(PINManagementInvoker.class); + private static final Logger log = LoggerFactory.getLogger(PINManagementInvoker.class); TrayIcon trayIcon; ResourceBundle messages; diff --git a/BKUWebStart/src/main/resources/log4j.properties b/BKUWebStart/src/main/resources/log4j.properties index 76562ccf..81832418 100644 --- a/BKUWebStart/src/main/resources/log4j.properties +++ b/BKUWebStart/src/main/resources/log4j.properties @@ -13,23 +13,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -# loglever DEBUG, appender STDOUT -log4j.rootLogger=DEBUG, file -log4j.logger.org.mortbay.log=INFO -log4j.logger.pki=INFO - -#log4j.additivity.pki=false +# root log level INFO, appender file +log4j.rootLogger=INFO, file -# STDOUT appender -log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender -log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout -#log4j.appender.STDOUT.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n -#log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n -log4j.appender.STDOUT.layout.ConversionPattern=%-5p |%d | %t | %c %x- %m%n +# jetty's log level +log4j.logger.org.mortbay.log=INFO -### FILE appender +# file appender log4j.appender.file=org.apache.log4j.DailyRollingFileAppender log4j.appender.file.datePattern='.'yyyy-MM-dd log4j.appender.file.File=${user.home}/.mocca/logs/webstart.log log4j.appender.file.layout=org.apache.log4j.PatternLayout -log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %-5p %c{1}:%L - %m%n \ No newline at end of file +log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %-5p %c{2} - %m%n \ No newline at end of file diff --git a/BKUWebStart/src/test/java/at/gv/egiz/bku/webstart/ConfiguratorTest.java b/BKUWebStart/src/test/java/at/gv/egiz/bku/webstart/ConfiguratorTest.java index 0ea126cb..4f5798d5 100644 --- a/BKUWebStart/src/test/java/at/gv/egiz/bku/webstart/ConfiguratorTest.java +++ b/BKUWebStart/src/test/java/at/gv/egiz/bku/webstart/ConfiguratorTest.java @@ -8,8 +8,6 @@ package at.gv.egiz.bku.webstart; import java.io.File; import java.net.URI; import java.util.zip.ZipOutputStream; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.junit.After; import org.junit.AfterClass; import org.junit.Before; diff --git a/BKUWebStartPackage/pom.xml b/BKUWebStartPackage/pom.xml index 63725fc3..0b226785 100644 --- a/BKUWebStartPackage/pom.xml +++ b/BKUWebStartPackage/pom.xml @@ -1,3 +1,4 @@ + 4.0.0 @@ -22,7 +23,7 @@ process-resources - jnlp-download-servlet + jnlp-single diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index 1db8c836..d3945253 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -16,7 +16,6 @@ */ package at.gv.egiz.bku.binding; -import at.gv.egiz.bku.conf.Configuration; import at.gv.egiz.bku.conf.Configurator; import java.net.MalformedURLException; import java.net.URL; @@ -89,13 +88,7 @@ public class DataUrl { if (configuration != null) { String className = configuration.getProperty(Configurator.DATAURLCONNECTION_CONFIG_P); if (className != null) { - try { - log.info("set DataURLConnection class: " + className); - Class c = Class.forName(className); - connection = (DataUrlConnectionSPI) c.newInstance(); - } catch (Exception ex) { - log.error("failed to instantiate DataURL connection " + className, ex); - } + log.warn("Set DataURLConnection class not supported!"); } } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java index f954a017..384cf71c 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnection.java @@ -62,7 +62,7 @@ public interface DataUrlConnection { * @param transferEncoding may be null */ public void setHTTPFormParameter(String name, InputStream data, String contentType, String charSet, String transferEncoding); - + /** * @pre httpHeaders != null * @throws java.net.SocketTimeoutException diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 4f2d2e00..b092ba41 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -18,10 +18,14 @@ package at.gv.egiz.bku.binding; import java.io.IOException; import java.io.InputStream; +import java.io.InputStreamReader; import java.io.OutputStream; +import java.io.OutputStreamWriter; import java.net.HttpURLConnection; import java.net.SocketTimeoutException; import java.net.URL; +import java.net.URLEncoder; +import java.nio.charset.Charset; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.HashMap; @@ -34,6 +38,7 @@ import java.util.Set; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSocketFactory; +import javax.xml.transform.stream.StreamResult; import org.apache.commons.httpclient.methods.multipart.FilePart; import org.apache.commons.httpclient.methods.multipart.Part; @@ -47,32 +52,92 @@ import at.gv.egiz.bku.conf.Configurator; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slcommands.SLResult.SLResultType; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.URLEncodingWriter; import at.gv.egiz.bku.utils.binding.Protocol; /** - * not thread-safe thus newInsance always returns a new object + * An implementation of the DataUrlConnectionSPI that supports + * multipart/form-data encoding and + * application/x-www-form-urlencoded for compatibility with legacy + * systems. * */ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); + + public static final byte[] B_DEFAULT_RESPONSETYPE = DEFAULT_RESPONSETYPE.getBytes(Charset.forName("UTF-8")); + /** + * Supported protocols are HTTP and HTTPS. + */ public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; + /** + * The X509 certificate of the DataURL server. + */ protected X509Certificate serverCertificate; + + /** + * The protocol of the DataURL. + */ protected Protocol protocol; + + /** + * Use application/x-www-form-urlencoded instead of + * standard conform application/x-www-form-urlencoded. + */ + protected boolean urlEncoded = true; + + /** + * The value of the DataURL. + */ protected URL url; + + /** + * The URLConnection used for communication with the DataURL server. + */ private HttpURLConnection connection; + + /** + * The HTTP request headers. + */ protected Map requestHttpHeaders; - protected ArrayList formParams; + + /** + * The HTTP form parameters. + */ + protected ArrayList httpFormParameter; + + /** + * The boundary for multipart/form-data requests. + */ protected String boundary; + + /** + * The configuration properties. + */ protected Properties config = null; + + /** + * The SSLSocketFactory for HTTPS connections. + */ protected SSLSocketFactory sslSocketFactory; + + /** + * The HostnameVerifier for HTTPS connections. + */ protected HostnameVerifier hostnameVerifier; + /** + * The response of the DataURL server. + */ protected DataUrlResponse result; + /* (non-Javadoc) + * @see at.gv.egiz.bku.binding.DataUrlConnection#getProtocol() + */ public String getProtocol() { if (protocol == null) { return null; @@ -80,13 +145,8 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { return protocol.toString(); } - /** - * opens a connection sets the headers gets the server certificate - * - * @throws java.net.SocketTimeoutException - * @throws java.io.IOException - * @pre url != null - * @pre httpHeaders != null + /* (non-Javadoc) + * @see at.gv.egiz.bku.binding.DataUrlConnection#connect() */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); @@ -104,9 +164,26 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { https.setHostnameVerifier(hostnameVerifier); } } else { - log.trace("No secure connection with: "+url+ " class="+connection.getClass()); + log.trace("No secure connection with: " + url + " class=" + + connection.getClass()); } connection.setDoOutput(true); + // Transfer-Encoding: chunked is problematic ... + // e.g. https://issues.apache.org/bugzilla/show_bug.cgi?id=37794 + // ... therefore disabled. + // connection.setChunkedStreamingMode(5*1024); + if (urlEncoded) { + log.debug("Setting DataURL Content-Type to " + + HttpUtil.APPLICATION_URL_ENCODED); + connection.addRequestProperty(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + HttpUtil.APPLICATION_URL_ENCODED); + } else { + log.debug("Setting DataURL Content-Type to " + + HttpUtil.MULTIPART_FOTMDATA_BOUNDARY); + connection.addRequestProperty(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + HttpUtil.MULTIPART_FOTMDATA + HttpUtil.SEPERATOR[0] + + HttpUtil.MULTIPART_FOTMDATA_BOUNDARY + "=" + boundary); + } Set headers = requestHttpHeaders.keySet(); Iterator headerIt = headers.iterator(); while (headerIt.hasNext()) { @@ -125,51 +202,128 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { } } + /* (non-Javadoc) + * @see at.gv.egiz.bku.binding.DataUrlConnection#getServerCertificate() + */ public X509Certificate getServerCertificate() { return serverCertificate; } + /* (non-Javadoc) + * @see at.gv.egiz.bku.binding.DataUrlConnection#setHTTPHeader(java.lang.String, java.lang.String) + */ public void setHTTPHeader(String name, String value) { if (name != null && value != null) { requestHttpHeaders.put(name, value); } } + /* (non-Javadoc) + * @see at.gv.egiz.bku.binding.DataUrlConnection#setHTTPFormParameter(java.lang.String, java.io.InputStream, java.lang.String, java.lang.String, java.lang.String) + */ public void setHTTPFormParameter(String name, InputStream data, String contentType, String charSet, String transferEncoding) { - InputStreamPartSource source = new InputStreamPartSource(null, data); - FilePart formParam = new FilePart(name, source, contentType, charSet); - if (transferEncoding != null) { - formParam.setTransferEncoding(transferEncoding); - } else { - formParam.setTransferEncoding(null); + // if a content type is specified we have to switch to multipart/formdata encoding + if (contentType != null && contentType.length() > 0) { + urlEncoded = false; } - formParams.add(formParam); + httpFormParameter.add(new HTTPFormParameter(name, data, contentType, + charSet, transferEncoding)); } - /** - * send all formParameters - * - * @throws java.io.IOException + + + /* (non-Javadoc) + * @see at.gv.egiz.bku.binding.DataUrlConnection#transmit(at.gv.egiz.bku.slcommands.SLResult) */ public void transmit(SLResult slResult) throws IOException { - SLResultPart slResultPart = new SLResultPart(slResult, - XML_RESPONSE_ENCODING); - if (slResult.getResultType() == SLResultType.XML) { - slResultPart.setTransferEncoding(null); - slResultPart.setContentType(slResult.getMimeType()); - slResultPart.setCharSet(XML_RESPONSE_ENCODING); + log.trace("Sending data"); + if (urlEncoded) { + // + // application/x-www-form-urlencoded (legacy, SL < 1.2) + // + + OutputStream os = connection.getOutputStream(); + OutputStreamWriter streamWriter = new OutputStreamWriter(os, HttpUtil.DEFAULT_CHARSET); + + // ResponseType + streamWriter.write(FORMPARAM_RESPONSETYPE); + streamWriter.write("="); + streamWriter.write(URLEncoder.encode(DEFAULT_RESPONSETYPE, "UTF-8")); + streamWriter.write("&"); + + // XMLResponse / Binary Response + if (slResult.getResultType() == SLResultType.XML) { + streamWriter.write(DataUrlConnection.FORMPARAM_XMLRESPONSE); + } else { + streamWriter.write(DataUrlConnection.FORMPARAM_BINARYRESPONSE); + } + streamWriter.write("="); + streamWriter.flush(); + URLEncodingWriter urlEnc = new URLEncodingWriter(streamWriter); + slResult.writeTo(new StreamResult(urlEnc), false); + urlEnc.flush(); + + // transfer parameters + char[] cbuf = new char[512]; + int len; + for (HTTPFormParameter formParameter : httpFormParameter) { + streamWriter.write("&"); + streamWriter.write(URLEncoder.encode(formParameter.getName(), "UTF-8")); + streamWriter.write("="); + InputStreamReader reader = new InputStreamReader(formParameter.getData(), + (formParameter.getCharSet() != null) + ? formParameter.getCharSet() + : null); + while ((len = reader.read(cbuf)) != -1) { + urlEnc.write(cbuf, 0, len); + } + urlEnc.flush(); + } + streamWriter.close(); + } else { - slResultPart.setTransferEncoding(null); - slResultPart.setContentType(slResult.getMimeType()); - } - formParams.add(slResultPart); + // + // multipart/form-data (conforming to SL 1.2) + // - OutputStream os = connection.getOutputStream(); - log.trace("Sending data"); - Part[] parts = new Part[formParams.size()]; - Part.sendParts(os, formParams.toArray(parts), boundary.getBytes()); - os.close(); + ArrayList parts = new ArrayList(); + + // ResponseType + StringPart responseType = new StringPart(FORMPARAM_RESPONSETYPE, + DEFAULT_RESPONSETYPE, "UTF-8"); + responseType.setTransferEncoding(null); + parts.add(responseType); + + // XMLResponse / Binary Response + SLResultPart slResultPart = new SLResultPart(slResult, + XML_RESPONSE_ENCODING); + if (slResult.getResultType() == SLResultType.XML) { + slResultPart.setTransferEncoding(null); + slResultPart.setContentType(slResult.getMimeType()); + slResultPart.setCharSet(XML_RESPONSE_ENCODING); + } else { + slResultPart.setTransferEncoding(null); + slResultPart.setContentType(slResult.getMimeType()); + } + parts.add(slResultPart); + + // transfer parameters + for (HTTPFormParameter formParameter : httpFormParameter) { + InputStreamPartSource source = new InputStreamPartSource(null, + formParameter.getData()); + FilePart part = new FilePart(formParameter.getName(), source, + formParameter.getContentType(), formParameter.getCharSet()); + part.setTransferEncoding(formParameter.getTransferEncoding()); + parts.add(part); + } + + OutputStream os = connection.getOutputStream(); + Part.sendParts(os, parts.toArray(new Part[parts.size()]), boundary.getBytes()); + os.close(); + + } + // MultipartRequestEntity PostMethod InputStream is = null; try { @@ -241,16 +395,9 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { .put(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.USERAGENT_DEFAULT); } - requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, - HttpUtil.MULTIPART_FOTMDATA + HttpUtil.SEPERATOR[0] - + HttpUtil.MULTIPART_FOTMDATA_BOUNDARY + "=" + boundary); - - formParams = new ArrayList(); - StringPart responseType = new StringPart(FORMPARAM_RESPONSETYPE, - DEFAULT_RESPONSETYPE); - responseType.setCharSet("UTF-8"); - responseType.setTransferEncoding(null); - formParams.add(responseType); + + httpFormParameter = new ArrayList(); + } @Override @@ -281,4 +428,107 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { this.hostnameVerifier = hostnameVerifier; } + + public class HTTPFormParameter { + + private String name; + + private InputStream data; + + private String contentType; + + private String charSet; + + private String transferEncoding; + + /** + * @param name + * @param data + * @param contentType + * @param charSet + * @param transferEncoding + */ + public HTTPFormParameter(String name, InputStream data, String contentType, + String charSet, String transferEncoding) { + super(); + this.name = name; + this.data = data; + this.contentType = contentType; + this.charSet = charSet; + this.transferEncoding = transferEncoding; + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the data + */ + public InputStream getData() { + return data; + } + + /** + * @param data the data to set + */ + public void setData(InputStream data) { + this.data = data; + } + + /** + * @return the contentType + */ + public String getContentType() { + return contentType; + } + + /** + * @param contentType the contentType to set + */ + public void setContentType(String contentType) { + this.contentType = contentType; + } + + /** + * @return the charSet + */ + public String getCharSet() { + return charSet; + } + + /** + * @param charSet the charSet to set + */ + public void setCharSet(String charSet) { + this.charSet = charSet; + } + + /** + * @return the transferEncoding + */ + public String getTransferEncoding() { + return transferEncoding; + } + + /** + * @param transferEncoding the transferEncoding to set + */ + public void setTransferEncoding(String transferEncoding) { + this.transferEncoding = transferEncoding; + } + + + + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index ef603fc7..a1c4d5fc 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -22,6 +22,7 @@ import java.io.InputStreamReader; import java.io.OutputStream; import java.io.OutputStreamWriter; import java.io.Reader; +import java.io.Writer; import java.net.URL; import java.security.cert.X509Certificate; import java.util.ArrayList; @@ -46,6 +47,7 @@ import javax.xml.transform.stream.StreamSource; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.bku.slcommands.ErrorResult; import at.gv.egiz.bku.slcommands.SLCommand; import at.gv.egiz.bku.slcommands.SLCommandContext; import at.gv.egiz.bku.slcommands.SLCommandFactory; @@ -635,7 +637,6 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements throw new SLBindingException(2006); } InputDecoder id = InputDecoderFactory.getDecoder(cl, is); - id.setContentType(cl); if (id == null) { log.error("Cannot get inputdecoder for is"); throw new SLException(2006); @@ -730,9 +731,20 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements Templates templates) throws IOException { log.debug("Writing error as result"); ErrorResultImpl error = new ErrorResultImpl(bindingProcessorError, locale); - error.writeTo(new StreamResult(new OutputStreamWriter(os, encoding)), templates); + Writer writer = writeXMLDeclarationAndProcessingInstruction(os, encoding); + error.writeTo(new StreamResult(writer), templates, true); } + protected Writer writeXMLDeclarationAndProcessingInstruction(OutputStream os, String encoding) throws IOException { + if (encoding == null) { + encoding = HttpUtil.DEFAULT_CHARSET; + } + OutputStreamWriter writer = new OutputStreamWriter(os, encoding); + writer.write("\n"); + writer.write("\n"); + return writer; + } + @Override public void writeResultTo(OutputStream os, String encoding) throws IOException { @@ -772,9 +784,16 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements return; } else { log.debug("Getting result from invoker"); - OutputStreamWriter osw = new OutputStreamWriter(os, encoding); - slResult.writeTo(new StreamResult(osw), templates); - osw.flush(); + boolean fragment = false; + Writer writer; + if (slResult instanceof ErrorResult) { + writer = writeXMLDeclarationAndProcessingInstruction(os, encoding); + fragment = true; + } else { + writer = new OutputStreamWriter(os, encoding); + } + slResult.writeTo(new StreamResult(writer), templates, fragment); + writer.flush(); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java deleted file mode 100644 index cfccb7f1..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java +++ /dev/null @@ -1,259 +0,0 @@ -package at.gv.egiz.bku.binding; - - -import at.gv.egiz.bku.conf.Configurator; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.StringWriter; -import java.net.HttpURLConnection; -import java.net.SocketTimeoutException; -import java.net.URL; -import java.net.URLEncoder; -import java.security.cert.X509Certificate; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Properties; -import java.util.Set; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.SSLSocketFactory; -import javax.xml.transform.stream.StreamResult; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.slcommands.SLResult; -import at.gv.egiz.bku.slcommands.SLResult.SLResultType; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.bku.utils.binding.Protocol; - -/** - * not thread-safe thus newInsance always returns a new object - * - */ -public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { - - private final static Log log = LogFactory.getLog(LegacyDataUrlConnectionImpl.class); - - public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, - Protocol.HTTPS }; - protected X509Certificate serverCertificate; - protected Protocol protocol; - protected URL url; - private HttpURLConnection connection; - protected Map requestHttpHeaders; - protected Map formParams; - protected String boundary; - protected Properties config = null; - protected SSLSocketFactory sslSocketFactory; - protected HostnameVerifier hostnameVerifier; - - protected DataUrlResponse result; - - public String getProtocol() { - if (protocol == null) { - return null; - } - return protocol.toString(); - } - - /** - * opens a connection sets the headers gets the server certificate - * - * @throws java.net.SocketTimeoutException - * @throws java.io.IOException - * @pre url != null - * @pre httpHeaders != null - */ - public void connect() throws SocketTimeoutException, IOException { - connection = (HttpURLConnection) url.openConnection(); - if (connection instanceof HttpsURLConnection) { - HttpsURLConnection https = (HttpsURLConnection) connection; - if (sslSocketFactory != null) { - log.debug("Setting custom ssl socket factory for ssl connection"); - https.setSSLSocketFactory(sslSocketFactory); - } - if (hostnameVerifier != null) { - log.debug("Setting custom hostname verifier"); - https.setHostnameVerifier(hostnameVerifier); - } - } - connection.setDoOutput(true); - Set headers = requestHttpHeaders.keySet(); - Iterator headerIt = headers.iterator(); - while (headerIt.hasNext()) { - String name = headerIt.next(); - connection.setRequestProperty(name, requestHttpHeaders.get(name)); - } - log.trace("Connecting to: "+url); - connection.connect(); - if (connection instanceof HttpsURLConnection) { - HttpsURLConnection ssl = (HttpsURLConnection) connection; - X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); - if ((certs != null) && (certs.length >= 1)) { - log.trace("Server certificate: "+certs[0]); - serverCertificate = certs[0]; - } - } - } - - public X509Certificate getServerCertificate() { - return serverCertificate; - } - - public void setHTTPHeader(String name, String value) { - if (name != null && value != null) { - requestHttpHeaders.put(name, value); - } - } - - public void setHTTPFormParameter(String name, InputStream data, - String contentType, String charSet, String transferEncoding) { - StringBuilder sb = new StringBuilder(); - try { - InputStreamReader reader = new InputStreamReader(data, (charSet != null) ? charSet : "UTF-8"); - char[] c = new char[512]; - for (int l; (l = reader.read(c)) != -1;) { - sb.append(c, 0, l); - } - } catch (IOException e) { - throw new SLRuntimeException("Failed to set HTTP form parameter.", e); - } - formParams.put(name, sb.toString()); - } - - /** - * send all formParameters - * - * @throws java.io.IOException - */ - public void transmit(SLResult slResult) throws IOException { - StringWriter writer = new StringWriter(); - slResult.writeTo(new StreamResult(writer)); - formParams.put( - (slResult.getResultType() == SLResultType.XML) - ? DataUrlConnection.FORMPARAM_XMLRESPONSE - : DataUrlConnection.FORMPARAM_BINARYRESPONSE, - writer.toString()); - - OutputStream os = connection.getOutputStream(); - OutputStreamWriter streamWriter = new OutputStreamWriter(os, HttpUtil.DEFAULT_CHARSET); - - log.trace("Sending data"); - Iterator keys = formParams.keySet().iterator(); - while(keys.hasNext()) { - String key = keys.next(); - streamWriter.write(URLEncoder.encode(key, "UTF-8")); - streamWriter.write("="); - streamWriter.write(URLEncoder.encode(formParams.get(key), "UTF-8")); - if (keys.hasNext()) { - streamWriter.write("&"); - } - } - streamWriter.flush(); - os.close(); - - // MultipartRequestEntity PostMethod - InputStream is = null; - try { - is = connection.getInputStream(); - } catch (IOException iox) { - log.info(iox); - } - log.trace("Reading response"); - result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); - Map responseHttpHeaders = new HashMap(); - Map> httpHeaders = connection.getHeaderFields(); - for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt - .hasNext();) { - String key = keyIt.next(); - StringBuffer value = new StringBuffer(); - for (String val : httpHeaders.get(key)) { - value.append(val); - value.append(HttpUtil.SEPERATOR[0]); - } - String valString = value.substring(0, value.length() - 1); - if ((key != null) && (value.length() > 0)) { - responseHttpHeaders.put(key, valString); - } - } - result.setResponseHttpHeaders(responseHttpHeaders); - } - - @Override - public DataUrlResponse getResponse() throws IOException { - return result; - } - - /** - * inits protocol, url, httpHeaders, formParams - * - * @param url - * must not be null - */ - @Override - public void init(URL url) { - - for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { - if (SUPPORTED_PROTOCOLS[i].toString().equalsIgnoreCase(url.getProtocol())) { - protocol = SUPPORTED_PROTOCOLS[i]; - break; - } - } - if (protocol == null) { - throw new SLRuntimeException("Protocol " + url.getProtocol() - + " not supported for data url"); - } - this.url = url; - requestHttpHeaders = new HashMap(); - if ((config != null) - && (config.getProperty(Configurator.USERAGENT_CONFIG_P) != null)) { - log.debug("setting User-Agent header: " + config.getProperty(Configurator.USERAGENT_CONFIG_P)); - requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config - .getProperty(Configurator.USERAGENT_CONFIG_P)); - } else { - requestHttpHeaders - .put(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.USERAGENT_DEFAULT); - - } - requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, - HttpUtil.APPLICATION_URL_ENCODED); - - formParams = new HashMap(); - } - - @Override - public DataUrlConnectionSPI newInstance() { - DataUrlConnectionSPI uc = new LegacyDataUrlConnectionImpl(); - uc.setConfiguration(config); - uc.setSSLSocketFactory(sslSocketFactory); - uc.setHostnameVerifier(hostnameVerifier); - return uc; - } - - @Override - public URL getUrl() { - return url; - } - - @Override - public void setConfiguration(Properties config) { - this.config = config; - } - - @Override - public void setSSLSocketFactory(SSLSocketFactory socketFactory) { - this.sslSocketFactory = socketFactory; - } - - @Override - public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { - this.hostnameVerifier = hostnameVerifier; - } -} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java index f4ebe288..69c659e1 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputDecoder.java @@ -16,86 +16,43 @@ */ package at.gv.egiz.bku.binding; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.URLDecoder; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; +import java.io.InputStream; +import java.util.Iterator; +import java.util.Map; + +import org.apache.commons.fileupload.ParameterParser; -import org.apache.commons.fileupload.ParameterParser; - -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.bku.utils.StreamUtil; - -/** - * Implementation based on Java's URLDecoder class - * - */ -// FIXME replace this code by a streaming variant public class XWWWFormUrlInputDecoder implements InputDecoder { - - public final static String CHAR_SET = "charset"; - public final static String NAME_VAL_SEP = "="; - public final static String SEP = "\\&"; - - private String contentType; - private InputStream dataStream; - private String charset = "UTF-8"; - - protected List decodeInput(InputStream is) throws IOException { - List result = new LinkedList(); - ByteArrayOutputStream bos = new ByteArrayOutputStream(); - StreamUtil.copyStream(is, bos); - String inputString = new String(bos.toByteArray()); - String[] nameValuePairs = inputString.split(SEP); - //inputString = URLDecoder.decode(inputString, charset); - for (int i = 0; i < nameValuePairs.length; i++) { - String[] fields = nameValuePairs[i].split(NAME_VAL_SEP, 2); - if (fields.length != 2) { - throw new SLRuntimeException("Invalid form encoding, missing value"); - } - String name = URLDecoder.decode(fields[0], charset); - String value =URLDecoder.decode(fields[1], charset); - ByteArrayInputStream bais = new ByteArrayInputStream(value - .getBytes(charset)); - FormParameterImpl fpi = new FormParameterImpl(contentType, name, bais, null); - result.add(fpi); - } - return result; - } - - @SuppressWarnings("unchecked") + + /** + * The MIME type 'application/x-www-form-urlencoded'. + */ + public static final String CONTENT_TYPE = "application/x-www-form-urlencoded"; + + /** + * The form parameter iterator. + */ + protected XWWWFormUrlInputIterator iterator; + + @SuppressWarnings("unchecked") @Override public void setContentType(String contentType) { ParameterParser pp = new ParameterParser(); pp.setLowerCaseNames(true); Map params = pp.parse(contentType, new char[] { ':', ';' }); - if (!params.containsKey("application/x-www-form-urlencoded")) { + if (!params.containsKey(CONTENT_TYPE)) { throw new IllegalArgumentException( "not a url encoded content type specification: " + contentType); } - String cs = params.get(CHAR_SET); - if (cs != null) { - charset = cs; - } - this.contentType = contentType; } @Override public Iterator getFormParameterIterator() { - try { - return decodeInput(dataStream).iterator(); - } catch (IOException e) { - throw new SLRuntimeException(e); - } + return iterator; } @Override public void setInputStream(InputStream is) { - dataStream = is; + iterator = new XWWWFormUrlInputIterator(is); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java new file mode 100644 index 00000000..f052ce05 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java @@ -0,0 +1,376 @@ +package at.gv.egiz.bku.binding; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.FilterInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.nio.charset.Charset; +import java.util.Collections; +import java.util.Iterator; +import java.util.List; +import java.util.NoSuchElementException; + +public class XWWWFormUrlInputIterator implements Iterator { + + public static final byte NAME_VALUE_SEP = '='; + + public static final byte PARAM_SEP = '&'; + + public static final Charset UTF_8 = Charset.forName("UTF-8"); + + /** + * The default buffer size. + */ + protected static final int DEFAULT_BUFFER_SIZE = 4096; + + /** + * Are we done with parsing the input. + */ + protected boolean done = false; + + /** + * The x-www-formdata-urlencoded input stream to be parsed. + */ + protected final InputStream in; + + /** + * The buffer size. + */ + protected int bufferSize = DEFAULT_BUFFER_SIZE; + + /** + * The read buffer. + */ + protected final byte[] buf = new byte[bufferSize]; + + /** + * The read position. + */ + protected int pos; + + /** + * The number of valid bytes in the buffer; + */ + protected int count; + + /** + * The parameter returned by the last call of {@link #next()}; + */ + protected XWWWFormUrlEncodedParameter currentParameter; + + /** + * An IOException that cannot be reported immediately. + */ + protected IOException deferredIOException; + + /** + * Creates a new instance of this x-www-formdata-urlencoded input iterator + * with the given InputStream in to be parsed. + * + * @param in the InputStream to be parsed + */ + public XWWWFormUrlInputIterator(InputStream in) { + this.in = in; + } + + /* (non-Javadoc) + * @see java.util.Iterator#hasNext() + */ + @Override + public boolean hasNext() { + if (done) { + return false; + } + if (currentParameter != null) { + // we have to disconnect the current parameter + // to look for further parameters + try { + currentParameter.formParameterValue.disconnect(); + // fill buffer if empty + if (pos >= count) { + if ((count = in.read(buf)) == -1) { + // done + done = true; + return false; + } + pos = 0; + } + } catch (IOException e) { + deferredIOException = e; + } + } + return true; + } + + @Override + public FormParameter next() { + if (hasNext()) { + // skip separator + pos++; + currentParameter = new XWWWFormUrlEncodedParameter(); + return currentParameter; + } else { + throw new NoSuchElementException(); + } + } + + @Override + public void remove() { + throw new UnsupportedOperationException(); + } + + public class XWWWFormUrlEncodedParameter implements FormParameter { + + /** + * The list of header names. + */ + // x-www-form-urlencoded parameters do not provide headers + protected final List headers = Collections.emptyList(); + + /** + * The name of the form parameter. + */ + protected String formParameterName; + + /** + * The value of the form parameter. + */ + protected URLDecodingInputStream formParameterValue; + + public XWWWFormUrlEncodedParameter() { + // parse parameter name + URLDecodingInputStream urldec = new URLDecodingInputStream(in, NAME_VALUE_SEP); + InputStreamReader reader = new InputStreamReader(urldec, UTF_8); + try { + StringBuilder sb = new StringBuilder(); + char[] b = new char[128]; + for (int l = 0; (l = reader.read(b)) != -1;) { + sb.append(b, 0, l); + } + formParameterName = sb.toString(); + // fill buffer if empty + if (pos >= count) { + if ((count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + pos = 0; + } + // skip separator + pos++; + } catch (IOException e) { + deferredIOException = e; + formParameterName = ""; + } + formParameterValue = new URLDecodingInputStream(in, PARAM_SEP); + } + + @Override + public String getFormParameterContentType() { + // x-www-form-urlencoded parameters do not specify a content type + return null; + } + + @Override + public String getFormParameterName() { + return formParameterName; + } + + @Override + public InputStream getFormParameterValue() { + if (deferredIOException != null) { + final IOException e = deferredIOException; + deferredIOException = null; + return new InputStream() { + @Override + public int read() throws IOException { + throw e; + } + }; + } else { + return formParameterValue; + } + } + + @Override + public Iterator getHeaderNames() { + return headers.iterator(); + } + + @Override + public String getHeaderValue(String headerName) { + return null; + } + + } + + public class URLDecodingInputStream extends FilterInputStream { + + /** + * Has this stream already been closed. + */ + private boolean closed = false; + + /** + * Has this stream been disconnected. + */ + private boolean disconnected = false; + + /** + * Read until this byte occurs. + */ + protected final byte term; + + /** + * Creates a new instance of this URLDecodingInputStream. + * + * @param in + * @param separator + */ + protected URLDecodingInputStream(InputStream in, byte separator) { + super(in); + this.term = separator; + } + + /* (non-Javadoc) + * @see java.io.FilterInputStream#read() + */ + @Override + public int read() throws IOException { + if (closed) { + throw new IOException("The stream has already been closed."); + } + if (disconnected) { + return in.read(); + } + + if (pos >= count) { + if ((count = in.read(buf)) == -1) { + return -1; + } + pos = 0; + } if (buf[pos] == term) { + return -1; + } else if (buf[pos] == '+') { + pos++; + return ' '; + } else if (buf[pos] == '%') { + if (++pos == count) { + if ((count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + pos = 0; + } + int c1 = Character.digit(buf[pos], 16); + if (++pos == count) { + if ((count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + pos = 0; + } + int c2 = Character.digit(buf[pos], 16); + return ((c1 << 4) | c2); + } else { + return buf[pos++]; + } + } + + /* (non-Javadoc) + * @see java.io.FilterInputStream#read(byte[], int, int) + */ + @Override + public int read(byte[] b, int off, int len) throws IOException { + if (closed) { + throw new IOException("The stream has already been closed."); + } + if (disconnected) { + return in.read(b, off, len); + } + + if ((off | len | (off + len) | (b.length - (off + len))) < 0) { + throw new IndexOutOfBoundsException(); + } else if (len == 0) { + return 0; + } + + if (pos >= count) { + if ((count = in.read(buf)) == -1) { + return -1; + } + pos = 0; + } + if (buf[pos] == term) { + return -1; + } + + int l = 0; + for (;;) { + while (pos < count) { + if (l == len || buf[pos] == term) { + return l; + } else if (buf[pos] == '+') { + b[off] = ' '; + } else if (buf[pos] == '%') { + if (++pos == count && (count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + int c1 = Character.digit(buf[pos], 16); + if (++pos == count && (count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + int c2 = Character.digit(buf[pos], 16); + b[off] = (byte) ((c1 << 4) | c2); + } else { + b[off] = buf[pos]; + } + pos++; + off++; + l++; + } + if ((count = in.read(buf)) == -1) { + return l; + } + pos = 0; + } + } + + /** + * Disconnect from the InputStream and buffer all remaining data. + * + * @throws IOException + */ + public void disconnect() throws IOException { + if (!disconnected) { + // don't waste space for a buffer if end of stream has already been + // reached + byte[] b = new byte[1]; + if ((read(b)) != -1) { + ByteArrayOutputStream os = new ByteArrayOutputStream(); + os.write(b); + b = new byte[1024]; + for (int l; (l = read(b, 0, b.length)) != -1;) { + os.write(b, 0, l); + } + super.in = new ByteArrayInputStream(os.toByteArray()); + } + disconnected = true; + } + } + + /* (non-Javadoc) + * @see java.io.FilterInputStream#close() + */ + @Override + public void close() throws IOException { + if (!hasNext()) { + // don't close the underlying stream until all parts are read + super.close(); + } + disconnect(); + closed = true; + } + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java index 5585f02e..d896ea9f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/multipart/SLResultPart.java @@ -16,37 +16,56 @@ */ package at.gv.egiz.bku.binding.multipart; +import at.gv.egiz.bku.binding.DataUrlConnection; import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLResult.SLResultType; + import java.io.IOException; +import java.io.InputStream; import java.io.OutputStream; import java.io.OutputStreamWriter; import javax.xml.transform.stream.StreamResult; -import org.apache.commons.httpclient.methods.multipart.ByteArrayPartSource; import org.apache.commons.httpclient.methods.multipart.FilePart; +import org.apache.commons.httpclient.methods.multipart.PartSource; -/** - * - * @author clemens - */ public class SLResultPart extends FilePart { protected SLResult slResult; protected String encoding; public SLResultPart(SLResult slResult, String encoding) { - super("XMLResponse", - new ByteArrayPartSource(null, "dummySource".getBytes())); + super((slResult.getResultType() == SLResultType.XML) + ? DataUrlConnection.FORMPARAM_XMLRESPONSE + : DataUrlConnection.FORMPARAM_BINARYRESPONSE, + new PartSource() { + + @Override + public long getLength() { + // may return null, as sendData() is overridden + return 0; + } + + @Override + public String getFileName() { + // return null, to prevent content-disposition header + return null; + } + + @Override + public InputStream createInputStream() throws IOException { + // may return null, as sendData() is overridden below + return null; + } + } + ); this.slResult = slResult; this.encoding = encoding; } @Override protected void sendData(OutputStream out) throws IOException { - slResult.writeTo(new StreamResult(new OutputStreamWriter(out, encoding))); - // slResult.writeTo(new StreamResult(new OutputStreamWriter(System.out, - // encoding))); - // super.sendData(out); + slResult.writeTo(new StreamResult(new OutputStreamWriter(out, encoding)), false); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java index 125233c1..3b2d1b99 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java @@ -1,7 +1,9 @@ package at.gv.egiz.bku.conf; +import iaik.logging.LogConfigurationException; import iaik.logging.TransactionId; import iaik.logging.impl.TransactionIdImpl; +import iaik.logging.LoggerConfig; import iaik.pki.DefaultPKIConfiguration; import iaik.pki.DefaultPKIProfile; import iaik.pki.PKIConfiguration; @@ -18,6 +20,7 @@ import iaik.x509.X509Certificate; import java.io.File; import java.util.Date; +import java.util.Properties; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -37,6 +40,27 @@ public class CertValidatorImpl implements CertValidator { * @see at.gv.egiz.bku.conf.CertValidator#init(java.io.File, java.io.File) */ public void init(File certDir, File caDir) { + // initialize IAIK logging for PKI module + log.debug("Configuring logging for IAIK PKI module"); + iaik.logging.LogFactory.configure(new LoggerConfig() { + + @Override + public Properties getProperties() throws LogConfigurationException { + return null; + } + + @Override + public String getNodeId() { + return "pki"; + } + + @Override + public String getFactory() { + return IAIKCommonsLogFactory.class.getName(); + } + }); + + // the parameters specifying the directory certstore CertStoreParameters[] certStoreParameters = { new DefaultDirectoryCertStoreParameters( "CS-001", certDir.getAbsolutePath(), true, false) }; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java new file mode 100644 index 00000000..1b7dd189 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java @@ -0,0 +1,144 @@ +/** + * + */ +package at.gv.egiz.bku.conf; + +import iaik.logging.Log; +import iaik.logging.TransactionId; + +/** + * @author mcentner + * + */ +public class IAIKCommonsLog implements Log { + + /** + * The id that will be written to the log if the transactionid == null + */ + public final static String NO_ID = "Null-ID"; + + protected org.apache.commons.logging.Log commonsLog; + + protected String nodeId; + + public IAIKCommonsLog(org.apache.commons.logging.Log log) { + this.commonsLog = log; + } + + /* (non-Javadoc) + * @see iaik.logging.Log#debug(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void debug(TransactionId transactionId, Object message, Throwable t) { + if (commonsLog.isDebugEnabled()) { + commonsLog.debug(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#info(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void info(TransactionId transactionId, Object message, Throwable t) { + if (commonsLog.isInfoEnabled()) { + commonsLog.info(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#warn(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void warn(TransactionId transactionId, Object message, Throwable t) { + if (commonsLog.isWarnEnabled()) { + commonsLog.warn(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#error(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void error(TransactionId transactionId, Object message, Throwable t) { + if (commonsLog.isErrorEnabled()) { + commonsLog.error(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#fatal(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void fatal(TransactionId transactionId, Object message, Throwable t) { + if (commonsLog.isFatalEnabled()) { + commonsLog.fatal(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#setNodeId(java.lang.String) + */ + @Override + public void setNodeId(String nodeId) { + this.nodeId = nodeId; + } + + /* (non-Javadoc) + * @see iaik.logging.Log#getNodeId() + */ + @Override + public String getNodeId() { + return nodeId; + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isDebugEnabled() + */ + @Override + public boolean isDebugEnabled() { + return commonsLog.isDebugEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isInfoEnabled() + */ + @Override + public boolean isInfoEnabled() { + return commonsLog.isInfoEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isWarnEnabled() + */ + @Override + public boolean isWarnEnabled() { + return commonsLog.isWarnEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isErrorEnabled() + */ + @Override + public boolean isErrorEnabled() { + return commonsLog.isErrorEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isFatalEnabled() + */ + @Override + public boolean isFatalEnabled() { + return commonsLog.isFatalEnabled(); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java new file mode 100644 index 00000000..14e2c757 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java @@ -0,0 +1,59 @@ +/** + * + */ +package at.gv.egiz.bku.conf; + +import org.apache.commons.logging.impl.WeakHashtable; + +import iaik.logging.Log; +import iaik.logging.LogConfigurationException; +import iaik.logging.LogFactory; + +/** + * @author mcentner + * + */ +public class IAIKCommonsLogFactory extends LogFactory { + + protected WeakHashtable instances = new WeakHashtable(); + + /* (non-Javadoc) + * @see iaik.logging.LogFactory#getInstance(java.lang.String) + */ + @Override + public Log getInstance(String name) throws LogConfigurationException { + org.apache.commons.logging.Log commonsLog = org.apache.commons.logging.LogFactory.getLog(name); + Log log = (Log) instances.get(commonsLog); + if (log == null) { + log = new IAIKCommonsLog(commonsLog); + log.setNodeId(node_id_); + instances.put(commonsLog, log); + } + return log; + } + + /* (non-Javadoc) + * @see iaik.logging.LogFactory#getInstance(java.lang.Class) + */ + @SuppressWarnings("unchecked") + @Override + public Log getInstance(Class clazz) throws LogConfigurationException { + org.apache.commons.logging.Log commonsLog = org.apache.commons.logging.LogFactory.getLog(clazz); + Log log = (Log) instances.get(commonsLog); + if (log == null) { + log = new IAIKCommonsLog(commonsLog); + log.setNodeId(node_id_); + instances.put(commonsLog, log); + } + return log; + } + + /* (non-Javadoc) + * @see iaik.logging.LogFactory#release() + */ + @Override + public void release() { + instances.clear(); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java index fe27bc54..8e3f6ece 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -28,6 +28,7 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.UnmarshalException; import javax.xml.bind.Unmarshaller; import javax.xml.bind.ValidationEvent; +import javax.xml.bind.ValidationEventLocator; import javax.xml.namespace.QName; import javax.xml.stream.XMLEventReader; import javax.xml.stream.XMLInputFactory; @@ -46,11 +47,11 @@ import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLExceptionMessages; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.slexceptions.SLVersionException; import at.gv.egiz.bku.utils.DebugReader; import at.gv.egiz.slbinding.RedirectEventFilter; import at.gv.egiz.slbinding.RedirectUnmarshallerListener; -import at.gv.egiz.validation.ValidationEventLogger; -import javax.xml.bind.ValidationEventHandler; +import at.gv.egiz.validation.ReportingValidationEventHandler; public class SLCommandFactory { @@ -60,7 +61,9 @@ public class SLCommandFactory { public static final String[] SCHEMA_FILES = new String[]{ "at/gv/egiz/bku/slcommands/schema/xml.xsd", "at/gv/egiz/bku/slcommands/schema/xmldsig-core-schema.xsd", - "at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd" + "at/gv/egiz/bku/slcommands/schema/Core-1.2.xsd", + "at/gv/egiz/bku/slcommands/schema/Core.20020225.xsd", + "at/gv/egiz/bku/slcommands/schema/Core.20020831.xsd" }; /** * Logging facility. @@ -169,7 +172,10 @@ public class SLCommandFactory { String slPkg = at.buergerkarte.namespaces.securitylayer._1.ObjectFactory.class.getPackage().getName(); String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); String cardChannelPkg = at.buergerkarte.namespaces.cardchannel.ObjectFactory.class.getPackage().getName(); - setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg + ":" + cardChannelPkg)); + String slPkgLegacy1_0 = at.buergerkarte.namespaces.securitylayer._20020225_.ObjectFactory.class.getPackage().getName(); + String slPkgLegacy1_1 = at.buergerkarte.namespaces.securitylayer._20020831_.ObjectFactory.class.getPackage().getName(); + setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg + ":" + cardChannelPkg + + ":" + slPkgLegacy1_0 + ":" + slPkgLegacy1_1)); } catch (JAXBException e) { log.error("Failed to setup JAXBContext security layer request.", e); throw new SLRuntimeException(e); @@ -248,26 +254,9 @@ public class SLCommandFactory { SLRequestException { Object object; + ReportingValidationEventHandler validationEventHandler = new ReportingValidationEventHandler(); try { -// ValidatorHandler validator = slSchema.newValidatorHandler(); -// validator.getContentHandler(); -// -// SAXParserFactory spf = SAXParserFactory.newInstance(); -// spf.setNamespaceAware(true); -// XMLReader saxReader = spf.newSAXParser().getXMLReader(); -// //TODO extend validator to implement redirectContentHandler (validate+redirect) -// saxReader.setContentHandler(validator); -// //TODO get a InputSource -// SAXSource saxSource = new SAXSource(saxReader, source); -// -// Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); -// //turn off duplicate jaxb validation -// unmarshaller.setSchema(null); -// unmarshaller.setListener(listener); -// unmarshaller.unmarshal(saxSource); - - XMLInputFactory inputFactory = XMLInputFactory.newInstance(); XMLEventReader eventReader = inputFactory.createXMLEventReader(source); RedirectEventFilter redirectEventFilter = new RedirectEventFilter(); @@ -279,7 +268,7 @@ public class SLCommandFactory { unmarshaller.setSchema(slSchema); } log.trace("Before unmarshal()."); - unmarshaller.setEventHandler(new ValidationEventLogger()); + unmarshaller.setEventHandler(validationEventHandler); object = unmarshaller.unmarshal(filteredReader); log.trace("After unmarshal()."); } catch (UnmarshalException e) { @@ -288,6 +277,13 @@ public class SLCommandFactory { } else { log.info("Failed to unmarshall security layer request." + e.getMessage()); } + if (validationEventHandler.getErrorEvent() != null) { + // Validation Error + ValidationEvent errorEvent = validationEventHandler.getErrorEvent(); + ValidationEventLocator locator = errorEvent.getLocator(); + throw new SLRequestException(3002, + SLExceptionMessages.EC3002_INVALID, new Object[]{errorEvent.getMessage()}); + } Throwable cause = e.getCause(); if (cause instanceof SAXParseException) { throw new SLRequestException(3000, @@ -328,10 +324,11 @@ public class SLCommandFactory { * if an unexpected error occurs configuring the unmarshaller, if * unmarshalling fails with an unexpected error or if the * corresponding SLCommand could not be instantiated + * @throws SLVersionException */ @SuppressWarnings("unchecked") public SLCommand createSLCommand(Source source, SLCommandContext context) - throws SLCommandException, SLRuntimeException, SLRequestException { + throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { DebugReader dr = null; if (log.isTraceEnabled() && source instanceof StreamSource) { @@ -361,6 +358,12 @@ public class SLCommandFactory { } QName qName = ((JAXBElement) object).getName(); + if (!SLCommand.NAMESPACE_URI.equals(qName.getNamespaceURI())) { + // security layer request version not supported + log.info("Unsupported security layer request version : " + qName.getNamespaceURI()); + throw new SLVersionException(qName.getNamespaceURI()); + } + Class implClass = getImplClass(qName); if (implClass == null) { // command not supported diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLMarshallerFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLMarshallerFactory.java new file mode 100644 index 00000000..e0a375cf --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLMarshallerFactory.java @@ -0,0 +1,172 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.marshal.MarshallerFactory; + +public class SLMarshallerFactory { + + static Log log = LogFactory.getLog(SLMarshallerFactory.class); + + /** + * The JAXBContext used for result marshaling. + *

+ * Note: Different contexts are used for marshaling and unmarshaling of + * security layer requests and responses to avoid propagation of namespace + * declarations of legacy namespaces into marshaled results. + *

+ * @see #jaxbContextLegacy + */ + protected static JAXBContext context; + + /** + * The JAXBContext used for marshaling of of results in the legacy namespace. + */ + protected static JAXBContext legacyContext; + + // ------------------- initialization on demand idiom ------------------- + // see http://en.wikipedia.org/wiki/Initialization_on_demand_holder_idiom + // ---------------------------------------------------------------------- + + /** + * Private constructor called by {@link SLMarshallerFactoryInstanceHolder}. + */ + private SLMarshallerFactory() { + // context is initialized immediately while the legacy context is initialized only on demand + try { + String slPkg = at.buergerkarte.namespaces.securitylayer._1.ObjectFactory.class.getPackage().getName(); + String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); + String cardChannelPkg = at.buergerkarte.namespaces.cardchannel.ObjectFactory.class.getPackage().getName(); + context = JAXBContext.newInstance(slPkg + ":" + xmldsigPkg + ":" + cardChannelPkg); + } catch (JAXBException e) { + log.error("Failed to setup JAXBContext security layer request.", e); + throw new SLRuntimeException(e); + } + } + + /** + * The lazy instance holder for this SLMarshallerFactory. + */ + private static class SLMarshallerFactoryInstanceHolder { + /** + * The instance returned by {@link SLMarshallerFactory#getInstance()} + */ + private static final SLMarshallerFactory instance = new SLMarshallerFactory(); + } + + /** + * Get an instance of the SLMarshallerFactory. + */ + public static SLMarshallerFactory getInstance() { + return SLMarshallerFactoryInstanceHolder.instance; + } + + // ---------------------------------------------------------------------- + + /** + * Initialize the JAXBContext for the legacy namespace. + */ + private static synchronized void ensureLegacyContext() { + // legacy marshaller is initialized only on demand + if (legacyContext == null) { + try { + String slPkgLegacy1_0 = at.buergerkarte.namespaces.securitylayer._20020225_.ObjectFactory.class.getPackage().getName(); + String slPkgLegacy1_1 = at.buergerkarte.namespaces.securitylayer._20020831_.ObjectFactory.class.getPackage().getName(); + String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); + String cardChannelPkg = at.buergerkarte.namespaces.cardchannel.ObjectFactory.class.getPackage().getName(); + legacyContext = JAXBContext.newInstance(slPkgLegacy1_0 + ":" + slPkgLegacy1_1 + ":" + xmldsigPkg + ":" + cardChannelPkg); + } catch (JAXBException e) { + log.error("Failed to setup JAXBContext security layer request.", e); + throw new SLRuntimeException(e); + } + } + } + + /** + * Creates an SL marshaller. + * + * @param formattedOutput + * true if the marshaller should produce formated + * output, false otherwise + * @return an SL marshaller + */ + public Marshaller createMarshaller(boolean formattedOutput) { + return createMarshaller(formattedOutput, false); + } + + /** + * Creates an SL marshaller. + * + * @param formattedOutput + * true if the marshaller should produce formated + * output, false otherwise + * @param fragment + * true if the marshaller should produce a XML fragment + * (omit XML declaration), false otherwise + * @return an SL marshaller + */ + public Marshaller createMarshaller(boolean formattedOutput, boolean fragment) { + try { + return MarshallerFactory.createMarshaller(context, formattedOutput, fragment); + } catch (JAXBException e) { + log.fatal("Failed to marshall error response.", e); + throw new SLRuntimeException("Failed to marshall error response.", e); + } + } + + /** + * Creates a legacy SL marshaller. + * + * @param formattedOutput + * true if the marshaller should produce formated + * output, false otherwise + * @return a legacy SL marshaller + */ + public Marshaller createLegacyMarshaller(boolean formattedOutput) { + return createLegacyMarshaller(formattedOutput, false); + } + + /** + * Creates a legacy SL marshaller. + * + * @param formattedOutput + * true if the marshaller should produce formated + * output, false otherwise + * @param fragment + * true if the marshaller should produce a XML fragment + * (omit XML declaration), false otherwise + * @return a legacy SL marshaller + */ + public Marshaller createLegacyMarshaller(boolean formattedOutput, boolean fragment) { + try { + ensureLegacyContext(); + return MarshallerFactory.createMarshaller(legacyContext, formattedOutput, fragment); + } catch (JAXBException e) { + log.fatal("Failed to marshall error response.", e); + throw new SLRuntimeException("Failed to marshall error response.", e); + } + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java index 7989a771..e9e483c5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLResult.java @@ -32,12 +32,14 @@ public interface SLResult { */ public String getMimeType(); - public void writeTo(Result aResult); + public void writeTo(Result aResult, boolean fragment); /** * - * @param result + * @param result + * @param fragment TODO * @param transformer may be null. */ - public void writeTo(Result result, Templates templates); + public void writeTo(Result result, Templates templates, boolean fragment); + } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java index ce03dcf9..9a4536e6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java @@ -16,7 +16,6 @@ */ package at.gv.egiz.bku.slcommands.impl; -import at.gv.egiz.marshal.NamespacePrefixMapperImpl; import java.io.ByteArrayOutputStream; import java.util.Arrays; import java.util.Collections; @@ -24,7 +23,6 @@ import java.util.List; import java.util.Map; import java.util.regex.Pattern; -import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -42,10 +40,8 @@ import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayTy import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; import at.gv.egiz.bku.slcommands.InfoboxReadResult; import at.gv.egiz.bku.slcommands.SLCommandContext; -import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLMarshallerFactory; import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.marshal.MarshallerFactory; -import javax.xml.bind.PropertyException; /** * An abstract base class for {@link Infobox} implementations of type associative array. @@ -255,13 +251,10 @@ public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl } protected byte[] marshallValue(Object jaxbElement) throws SLCommandException { - SLCommandFactory commandFactory = SLCommandFactory.getInstance(); - JAXBContext jaxbContext = commandFactory.getJaxbContext(); - ByteArrayOutputStream result; + Marshaller marshaller = SLMarshallerFactory.getInstance().createMarshaller(false); + ByteArrayOutputStream result = new ByteArrayOutputStream(); try { - Marshaller marshaller = MarshallerFactory.createMarshaller(jaxbContext); - result = new ByteArrayOutputStream(); marshaller.marshal(jaxbElement, result); } catch (JAXBException e) { log.info("Failed to marshall infobox content.", e); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java index b352a51e..19df4334 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java @@ -16,8 +16,6 @@ */ package at.gv.egiz.bku.slcommands.impl; -import at.gv.egiz.marshal.NamespacePrefixMapperImpl; -import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -33,10 +31,8 @@ import org.w3c.dom.Node; import at.buergerkarte.namespaces.securitylayer._1.CreateXMLSignatureResponseType; import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLMarshallerFactory; import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.marshal.MarshallerFactory; -import javax.xml.bind.PropertyException; /** * This calls implements the result of the security layer command CreateXMLSignature. @@ -86,10 +82,9 @@ public class CreateXMLSignatureResultImpl extends SLResultImpl { JAXBElement createCreateXMLSignatureResponse = factory.createCreateXMLSignatureResponse(createCreateXMLSignatureResponseType); DocumentFragment fragment = doc.createDocumentFragment(); - - JAXBContext jaxbContext = SLCommandFactory.getInstance().getJaxbContext(); + + Marshaller marshaller = SLMarshallerFactory.getInstance().createMarshaller(false); try { - Marshaller marshaller = MarshallerFactory.createMarshaller(jaxbContext); marshaller.marshal(createCreateXMLSignatureResponse, fragment); } catch (JAXBException e) { log.error("Failed to marshall 'CreateXMLSignatureResponse'", e); @@ -105,8 +100,8 @@ public class CreateXMLSignatureResultImpl extends SLResultImpl { } @Override - public void writeTo(Result result, Templates templates) { - writeTo(doc, result, templates); + public void writeTo(Result result, Templates templates, boolean fragment) { + writeTo(doc, result, templates, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java index 5d0f0de0..aedde238 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImpl.java @@ -56,11 +56,11 @@ public class ErrorResultImpl extends SLResultImpl implements ErrorResult { } @Override - public void writeTo(Result result, Templates templates) { + public void writeTo(Result result, Templates templates, boolean fragment) { if (locale == null) { - writeErrorTo(slException, result, templates); + writeErrorTo(slException, result, templates, fragment); } else { - writeErrorTo(slException, result, templates, locale); + writeErrorTo(slException, result, templates, locale, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusCommandImpl.java index 46bfe18b..0c2b96f9 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusCommandImpl.java @@ -19,10 +19,8 @@ package at.gv.egiz.bku.slcommands.impl; import at.buergerkarte.namespaces.securitylayer._1.GetStatusRequestType; import at.gv.egiz.bku.slcommands.GetStatusCommand; -import at.gv.egiz.bku.slcommands.SLCommandContext; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.stal.ErrorResponse; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.STALResponse; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusResultImpl.java index fddd3b0b..fb1f627f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/GetStatusResultImpl.java @@ -45,8 +45,8 @@ public class GetStatusResultImpl extends SLResultImpl implements GetStatusResult } @Override - public void writeTo(Result result, Templates templates) { + public void writeTo(Result result, Templates templates, boolean fragment) { JAXBElement response = of.createGetStatusResponse(responseType); - writeTo(response, result, templates); + writeTo(response, result, templates, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java index 7a82e43f..160e9589 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java @@ -18,7 +18,6 @@ package at.gv.egiz.bku.slcommands.impl; import java.io.ByteArrayOutputStream; import java.io.IOException; -import java.io.OutputStream; import java.net.MalformedURLException; import java.security.cert.X509Certificate; import java.util.ArrayList; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index 75e44afa..422b424f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -16,8 +16,6 @@ */ package at.gv.egiz.bku.slcommands.impl; -import at.gv.egiz.marshal.NamespacePrefixMapperImpl; -import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -39,10 +37,8 @@ import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; import at.gv.egiz.bku.slcommands.InfoboxReadResult; import at.gv.egiz.bku.slcommands.SLCommand; -import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLMarshallerFactory; import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.marshal.MarshallerFactory; -import javax.xml.bind.PropertyException; /** * This class implements the result of the security layer command InfoboxReadRequest. @@ -98,10 +94,9 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements infoboxReadResponseType.setBinaryFileData(base64XMLContentType); JAXBElement infoboxReadResponse = factory.createInfoboxReadResponse(infoboxReadResponseType); - - JAXBContext context = SLCommandFactory.getInstance().getJaxbContext(); + + Marshaller marshaller = SLMarshallerFactory.getInstance().createMarshaller(false); try { - Marshaller marshaller = MarshallerFactory.createMarshaller(context); marshaller.marshal(infoboxReadResponse, doc); } catch (JAXBException e) { log.error("Failed to marshal 'InfoboxReadResponse' document.", e); @@ -158,8 +153,8 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements } @Override - public void writeTo(Result result, Templates templates) { - writeTo(xmlDocument, result, templates); + public void writeTo(Result result, Templates templates, boolean fragment) { + writeTo(xmlDocument, result, templates, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java index e508941d..271ec955 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java @@ -55,10 +55,10 @@ public class InfoboxReadResultImpl extends SLResultImpl implements InfoboxReadRe } @Override - public void writeTo(Result result, Templates templates) { + public void writeTo(Result result, Templates templates, boolean fragment) { ObjectFactory objectFactory = new ObjectFactory(); JAXBElement response = objectFactory.createInfoboxReadResponse(infoboxReadResponse); - writeTo(response, result, templates); + writeTo(response, result, templates, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java index 15064756..e12536ba 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java @@ -36,8 +36,8 @@ public class InfoboxUpdateResultImpl extends SLResultImpl implements } @Override - public void writeTo(Result result, Templates templates) { - writeTo(RESPONSE, result, templates); + public void writeTo(Result result, Templates templates, boolean fragment) { + writeTo(RESPONSE, result, templates, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java index 05986f85..87733e39 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImpl.java @@ -41,8 +41,8 @@ public class NullOperationResultImpl extends SLResultImpl implements NullOperati } @Override - public void writeTo(Result result, Templates templates) { - writeTo(RESPONSE, result, templates); + public void writeTo(Result result, Templates templates, boolean fragment) { + super.writeTo(RESPONSE, result, templates, fragment); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java index 0452bddf..0077b7b2 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java @@ -17,12 +17,14 @@ package at.gv.egiz.bku.slcommands.impl; import java.io.UnsupportedEncodingException; +import java.math.BigInteger; import java.util.Locale; -import javax.xml.bind.JAXBContext; +import javax.xml.XMLConstants; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; +import javax.xml.transform.OutputKeys; import javax.xml.transform.Result; import javax.xml.transform.Templates; import javax.xml.transform.Transformer; @@ -41,17 +43,15 @@ import org.w3c.dom.Node; import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.gv.egiz.marshal.NamespacePrefixMapperImpl; -import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLMarshallerFactory; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slexceptions.SLBindingException; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.slexceptions.SLVersionException; import at.gv.egiz.bku.utils.DebugOutputStream; import at.gv.egiz.bku.utils.DebugWriter; -import at.gv.egiz.marshal.MarshallerFactory; -import javax.xml.bind.PropertyException; /** * This class serves as an abstract base class for the implementation of a @@ -90,20 +90,18 @@ public abstract class SLResultImpl implements SLResult { return resultingMimeType; } - private Marshaller getMarshaller() { - try { - JAXBContext context = SLCommandFactory.getInstance().getJaxbContext(); - Marshaller marshaller = MarshallerFactory.createMarshaller(context, true); - return marshaller; - } catch (JAXBException e) { - log.fatal("Failed to marshall error response.", e); - throw new SLRuntimeException("Failed to marshall error response.", e); - } + @Override + public void writeTo(Result result, boolean fragment) { + writeTo(result, null, false); } + @Override + public abstract void writeTo(Result result, Templates templates, boolean fragment); + private TransformerHandler getTransformerHandler(Templates templates, Result result) throws SLException { try { SAXTransformerFactory transformerFactory = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); + transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); TransformerHandler transformerHandler = transformerFactory.newTransformerHandler(templates); transformerHandler.setResult(result); return transformerHandler; @@ -119,12 +117,6 @@ public abstract class SLResultImpl implements SLResult { } } - @Override - public void writeTo(Result result) { - writeTo(result, null); - } - - /** * Writes the given response to the SAX result using * the given transform templates. @@ -133,7 +125,7 @@ public abstract class SLResultImpl implements SLResult { * @param result * @param templates */ - protected void writeTo(JAXBElement response, Result result, Templates templates) { + protected void writeTo(JAXBElement response, Result result, Templates templates, boolean fragment) { DebugWriter dw = null; DebugOutputStream ds = null; @@ -154,11 +146,11 @@ public abstract class SLResultImpl implements SLResult { try { transformerHandler = getTransformerHandler(templates, result); } catch (SLException e) { - writeErrorTo(e, result, templates); + writeErrorTo(e, result, templates, fragment); } } - Marshaller marshaller = getMarshaller(); + Marshaller marshaller = SLMarshallerFactory.getInstance().createMarshaller(true); try { if (transformerHandler != null) { marshaller.marshal(response, transformerHandler); @@ -168,7 +160,7 @@ public abstract class SLResultImpl implements SLResult { } catch (JAXBException e) { log.info("Failed to marshall " + response.getName() + " result." , e); SLCommandException commandException = new SLCommandException(4000); - writeErrorTo(commandException, result, templates); + writeErrorTo(commandException, result, templates, fragment); } if (ds != null) { @@ -185,7 +177,7 @@ public abstract class SLResultImpl implements SLResult { } - protected void writeTo(Node node, Result result, Templates templates) { + protected void writeTo(Node node, Result result, Templates templates, boolean fragment) { DebugWriter dw = null; DebugOutputStream ds = null; @@ -205,24 +197,30 @@ public abstract class SLResultImpl implements SLResult { try { TransformerFactory transformerFactory = TransformerFactory.newInstance(); Transformer transformer = transformerFactory.newTransformer(); + if (fragment) { + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + } transformer.transform(new DOMSource(node), result); } catch (TransformerConfigurationException e) { log.error("Failed to create Transformer.", e); - writeErrorTo(new SLException(4000), result, null); + writeErrorTo(new SLException(4000), result, null, fragment); } catch (TransformerException e) { log.error("Failed to transform result.", e); - writeErrorTo(new SLException(4000), result, null); + writeErrorTo(new SLException(4000), result, null, fragment); } } else { try { Transformer transformer = templates.newTransformer(); + if (fragment) { + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + } transformer.transform(new DOMSource(node), result); } catch (TransformerConfigurationException e) { log.info("Failed to create transformer.", e); - writeErrorTo(new SLException(2008), result, templates); + writeErrorTo(new SLException(2008), result, templates, fragment); } catch (TransformerException e) { log.error("Failed to transform result.", e); - writeErrorTo(new SLException(2008), result, templates); + writeErrorTo(new SLException(2008), result, templates, fragment); } } @@ -240,11 +238,11 @@ public abstract class SLResultImpl implements SLResult { } - protected void writeErrorTo(SLException slException, Result result, Templates templates) { - writeErrorTo(slException, result, templates, Locale.getDefault()); + protected void writeErrorTo(SLException slException, Result result, Templates templates, boolean fragment) { + writeErrorTo(slException, result, templates, Locale.getDefault(), fragment); } - protected void writeErrorTo(SLException slException, Result result, Templates templates, Locale locale) { + protected void writeErrorTo(SLException slException, Result result, Templates templates, Locale locale, boolean fragment) { TransformerHandler transformerHandler = null; if (templates != null) { @@ -256,13 +254,33 @@ public abstract class SLResultImpl implements SLResult { } } - ObjectFactory factory = new ObjectFactory(); - ErrorResponseType responseType = factory.createErrorResponseType(); - responseType.setErrorCode(slException.getErrorCode()); - responseType.setInfo(slException.getLocalizedMessage(locale)); - JAXBElement response = factory.createErrorResponse(responseType); + Object response; + + Marshaller marshaller; + if (slException instanceof SLVersionException + && ("http://www.buergerkarte.at/namespaces/securitylayer/20020225#" + .equals(((SLVersionException) slException).getNamespaceURI()) || + "http://www.buergerkarte.at/namespaces/securitylayer/20020831#" + .equals(((SLVersionException) slException).getNamespaceURI()))) { + // issue ErrorResponse in the legacy namespace + at.buergerkarte.namespaces.securitylayer._20020225_.ObjectFactory factory + = new at.buergerkarte.namespaces.securitylayer._20020225_.ObjectFactory(); + at.buergerkarte.namespaces.securitylayer._20020225_.ErrorResponseType errorResponseType = factory + .createErrorResponseType(); + errorResponseType.setErrorCode(BigInteger.valueOf(slException + .getErrorCode())); + errorResponseType.setInfo(slException.getLocalizedMessage(locale)); + response = factory.createErrorResponse(errorResponseType); + marshaller = SLMarshallerFactory.getInstance().createLegacyMarshaller(true, fragment); + } else { + ObjectFactory factory = new ObjectFactory(); + ErrorResponseType responseType = factory.createErrorResponseType(); + responseType.setErrorCode(slException.getErrorCode()); + responseType.setInfo(slException.getLocalizedMessage(locale)); + response = factory.createErrorResponse(responseType); + marshaller = SLMarshallerFactory.getInstance().createMarshaller(true, fragment); + } - Marshaller marshaller = getMarshaller(); try { if (transformerHandler != null) { marshaller.marshal(response, transformerHandler); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java index b64306aa..2088a684 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/DataObject.java @@ -81,7 +81,6 @@ import at.gv.egiz.bku.viewer.ValidationException; import at.gv.egiz.bku.viewer.Validator; import at.gv.egiz.bku.viewer.ValidatorFactory; import at.gv.egiz.dom.DOMUtils; -import at.gv.egiz.marshal.NamespacePrefix; import at.gv.egiz.marshal.NamespacePrefixMapperImpl; import at.gv.egiz.slbinding.impl.XMLContentType; import javax.xml.namespace.NamespaceContext; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java index 9182e824..26ddb153 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/Signature.java @@ -16,7 +16,6 @@ */ package at.gv.egiz.bku.slcommands.impl.xsect; -import at.gv.egiz.stal.HashDataInput; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -31,9 +30,7 @@ import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; import java.util.Date; -import java.util.HashMap; import java.util.List; -import java.util.Map; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; @@ -87,8 +84,6 @@ import at.gv.egiz.bku.utils.urldereferencer.StreamData; import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; import at.gv.egiz.bku.utils.urldereferencer.URLDereferencerContext; import at.gv.egiz.dom.DOMUtils; -import at.gv.egiz.marshal.NamespacePrefix; -import at.gv.egiz.marshal.NamespacePrefixMapperImpl; import at.gv.egiz.slbinding.impl.XMLContentType; import at.gv.egiz.stal.STAL; import at.gv.egiz.xades.QualifyingPropertiesException; @@ -327,6 +322,8 @@ public class Signature { */ public void buildXMLSignature() throws SLCommandException { + String signatureId = ctx.getIdValueFactory().createIdValue("Signature"); + List objects = new ArrayList(); List references = new ArrayList(); @@ -340,7 +337,7 @@ public class Signature { } } - addXAdESObjectAndReference(objects, references); + addXAdESObjectAndReference(objects, references, signatureId); XMLSignatureFactory signatureFactory = ctx.getSignatureFactory(); AlgorithmMethodFactory algorithmMethodFactory = ctx.getAlgorithmMethodFactory(); @@ -369,7 +366,6 @@ public class Signature { ki = kif.newKeyInfo(Collections.singletonList(x509Data)); } - String signatureId = ctx.getIdValueFactory().createIdValue("Signature"); String signatureValueId = ctx.getIdValueFactory().createIdValue("SignatureValue"); xmlSignature = signatureFactory.newXMLSignature(si, ki, objects, signatureId, signatureValueId); @@ -588,7 +584,7 @@ public class Signature { * @param references * the list of ds:References to add the created * ds:Reference to - * + * @param signatureId TODO * @throws SLCommandException * if creating and adding the XAdES * QualifyingProperties fails @@ -596,7 +592,7 @@ public class Signature { * if objects or references is * null */ - private void addXAdESObjectAndReference(List objects, List references) throws SLCommandException { + private void addXAdESObjectAndReference(List objects, List references, String signatureId) throws SLCommandException { QualifyingPropertiesFactory factory = QualifyingPropertiesFactory.getInstance(); @@ -630,9 +626,11 @@ public class Signature { } } + String target = "#" + signatureId; + JAXBElement qualifyingProperties; try { - qualifyingProperties = factory.createQualifyingProperties111(date, signingCertificates, idValue, dataObjectFormats); + qualifyingProperties = factory.createQualifyingProperties111(target, date, signingCertificates, idValue, dataObjectFormats); } catch (QualifyingPropertiesException e) { log.error("Failed to create QualifyingProperties.", e); throw new SLCommandException(4000); diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java index 5ce5cba1..73ac8d1b 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLExceptionMessages.java @@ -47,4 +47,10 @@ public final class SLExceptionMessages { public static final String EC4011_NOTIMPLEMENTED = "ec4011.notimplemented"; + // + // Legacy error codes + // + + public static final String LEC2901_NOTIMPLEMENTED = "lec2901.notimplemented"; + } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLVersionException.java b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLVersionException.java new file mode 100644 index 00000000..45501746 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slexceptions/SLVersionException.java @@ -0,0 +1,28 @@ +package at.gv.egiz.bku.slexceptions; + +public class SLVersionException extends SLException { + + private static final long serialVersionUID = 1L; + + protected String namespaceURI; + + public SLVersionException(String namespaceURI) { + super(2901, SLExceptionMessages.LEC2901_NOTIMPLEMENTED, new Object[] {namespaceURI}); + this.namespaceURI = namespaceURI; + } + + public SLVersionException(int errorCode, String namespaceURI) { + super(errorCode); + this.namespaceURI = namespaceURI; + } + + public SLVersionException(int errorCode, String namespaceURI, String message, Object[] arguments) { + super(errorCode, message, arguments); + this.namespaceURI = namespaceURI; + } + + public String getNamespaceURI() { + return namespaceURI; + } + +} diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020225.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020225.xsd new file mode 100644 index 00000000..76d1d7cb --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020225.xsd @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020831.xsd b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020831.xsd new file mode 100644 index 00000000..6759d791 --- /dev/null +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slcommands/schema/Core.20020831.xsd @@ -0,0 +1,10 @@ + + + + + + + + + + diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties index 73409c8b..db56184e 100644 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages.properties @@ -95,5 +95,10 @@ ec4000.infobox.invalid=Die Infobox '{0}' enth ec4000.idlink.transfomation.failed=Die komprimierte Personenbindung konnte mit dem Stylesheet {0} nicht transformiert werden. ec4002.infobox.unknown=Unbekannter Infoboxbezeichner {0}. ec4003.not.resolved=Zu signierendes Datum kann nicht aufgelöst werden (URI={0}). -ec4011.notimplemented=Befehl {0} ist nicht implementiert. +ec4011.notimplemented=Befehl {0} ist nicht implementiert. + +# Legacy error messages +# + +lec2901.notimplemented=Die in der Anfrage verwendete Version des Security-Layer Protokolls ({0}) wird nicht mehr unterstützt. diff --git a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties index 91ca20e8..6c67ba87 100644 --- a/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties +++ b/bkucommon/src/main/resources/at/gv/egiz/bku/slexceptions/SLExceptionMessages_en.properties @@ -96,3 +96,7 @@ ec4000.idlink.transfomation.failed=Failed to transform CompressedIdentityLink wi ec4002.infobox.unknown=Unknown info box identifier {0}. ec4003.not.resolved=Data to be signed cannot be resolved from URI={0}. ec4011.notimplemented=Command {0} not implemented. + +# Legacy error codes +# +lec2901.notimplemented=The version ({0}) of the security-layer protocol used in the request is not supported. diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java new file mode 100644 index 00000000..703e4460 --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java @@ -0,0 +1,152 @@ +package at.gv.egiz.bku.binding; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.net.URLEncoder; +import java.nio.charset.Charset; + +import org.junit.Ignore; +import org.junit.Test; +import static org.junit.Assert.*; + +public class XWWWFormUrlInputIteratorTest { + + @Test + public void testOneParam() throws IOException { + + final String name = "name"; + final String value = "value"; + + ByteArrayOutputStream os = new ByteArrayOutputStream(); + OutputStreamWriter w = new OutputStreamWriter(os, Charset.forName("UTF-8")); + w.write(name); + w.write("="); + w.write(value); + w.flush(); + w.close(); + + ByteArrayInputStream in = new ByteArrayInputStream(os.toByteArray()); + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(in); + + assertTrue(decoder.hasNext()); + FormParameter param = decoder.next(); + assertNotNull(param); + assertEquals(name, param.getFormParameterName()); + InputStream vis = param.getFormParameterValue(); + assertNotNull(vis); + InputStreamReader r = new InputStreamReader(vis); + char[] buf = new char[value.length() + 1]; + int len = r.read(buf); + assertEquals(value.length(), len); + assertEquals(value, new String(buf, 0, len)); + assertFalse(decoder.hasNext()); + Exception ex = null; + try { + decoder.next(); + } catch (Exception e) { + ex = e; + } + assertNotNull(ex); + + } + + @Test + public void testTwoParam() throws IOException { + + final String name1 = "name"; + final String value1 = "value"; + final String name2 = "Name_2"; + final String value2 = "Value 2"; + + ByteArrayOutputStream os = new ByteArrayOutputStream(); + OutputStreamWriter w = new OutputStreamWriter(os, Charset.forName("UTF-8")); + w.write(name1); + w.write("="); + w.write(value1); + w.write("&"); + w.write(URLEncoder.encode(name2, "UTF-8")); + w.write("="); + w.write(URLEncoder.encode(value2, "UTF-8")); + w.flush(); + w.close(); + + ByteArrayInputStream in = new ByteArrayInputStream(os.toByteArray()); + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(in); + + assertTrue(decoder.hasNext()); + FormParameter param = decoder.next(); + assertNotNull(param); + assertEquals(name1, param.getFormParameterName()); + InputStream vis = param.getFormParameterValue(); + assertNotNull(vis); + InputStreamReader r = new InputStreamReader(vis); + char[] buf = new char[value1.length() + 1]; + int len = r.read(buf); + assertEquals(value1.length(), len); + assertEquals(value1, new String(buf, 0, len)); + + assertTrue(decoder.hasNext()); + param = decoder.next(); + assertNotNull(param); + assertEquals(name2, param.getFormParameterName()); + vis = param.getFormParameterValue(); + assertNotNull(vis); + r = new InputStreamReader(vis); + buf = new char[value2.length() + 1]; + len = r.read(buf); + assertEquals(value2.length(), len); + assertEquals(value2, new String(buf, 0, len)); + + assertFalse(decoder.hasNext()); + } + + @Test + public void testURLEnc() throws IOException { + + String name = "name"; + byte[] value = new byte[128]; + for (int i = 0; i < value.length; i++) { + value[i] = (byte) i; + } + + String encValue = URLEncoder.encode(new String(value, "UTF-8"), "ASCII"); + System.out.println(encValue); + + ByteArrayOutputStream os = new ByteArrayOutputStream(); + OutputStreamWriter w = new OutputStreamWriter(os, Charset.forName("UTF-8")); + w.write(name); + w.write("="); + w.write(encValue); + w.flush(); + w.close(); + + ByteArrayInputStream in = new ByteArrayInputStream(os.toByteArray()); + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(in); + + assertTrue(decoder.hasNext()); + FormParameter param = decoder.next(); + assertNotNull(param); + assertEquals(name, param.getFormParameterName()); + InputStream vis = param.getFormParameterValue(); + assertNotNull(vis); + byte[] buf = new byte[value.length]; + int len = vis.read(buf); + assertArrayEquals(value, buf); + assertEquals(value.length, len); + assertFalse(decoder.hasNext()); + Exception ex = null; + try { + decoder.next(); + } catch (Exception e) { + ex = e; + } + assertNotNull(ex); + + } + + +} diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java index cd931878..7a087b38 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/SLCommandFactoryTest.java @@ -33,6 +33,7 @@ import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.slexceptions.SLVersionException; import at.gv.egiz.stal.dummy.DummySTAL; public class SLCommandFactoryTest { @@ -54,7 +55,7 @@ public class SLCommandFactoryTest { } @Test - public void createNullOperationCommand() throws SLCommandException, SLRuntimeException, SLRequestException { + public void createNullOperationCommand() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { Reader requestReader = new StringReader( ""); Source source = new StreamSource(requestReader); @@ -65,7 +66,7 @@ public class SLCommandFactoryTest { } @Test(expected=SLCommandException.class) - public void createUnsupportedCommand() throws SLCommandException, SLRuntimeException, SLRequestException { + public void createUnsupportedCommand() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { Reader requestReader = new StringReader( ""); Source source = new StreamSource(requestReader); @@ -75,7 +76,7 @@ public class SLCommandFactoryTest { } @Test(expected=SLRequestException.class) - public void createMalformedCommand() throws SLCommandException, SLRuntimeException, SLRequestException { + public void createMalformedCommand() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { Reader requestReader = new StringReader( "" + "missplacedContent" + diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureComandImplTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureComandImplTest.java index 8fdec375..4e9b4cd7 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureComandImplTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureComandImplTest.java @@ -41,6 +41,7 @@ import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.slexceptions.SLVersionException; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.dummy.DummySTAL; //@Ignore @@ -66,7 +67,7 @@ public class CreateXMLSignatureComandImplTest { } @Test - public void testCreateXMLSignatureRequest() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testCreateXMLSignatureRequest() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/createxmlsignaturerequest/CreateXMLSignatureRequest.xml"); assertNotNull(inputStream); @@ -76,11 +77,11 @@ public class CreateXMLSignatureComandImplTest { assertTrue(command instanceof CreateXMLSignatureCommand); SLResult result = command.execute(); - result.writeTo(new StreamResult(System.out)); + result.writeTo(new StreamResult(System.out), false); } // @Test(expected=SLCommandException.class) - public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-1.xml"); assertNotNull(inputStream); @@ -90,7 +91,7 @@ public class CreateXMLSignatureComandImplTest { } // @Test(expected=SLCommandException.class) - public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-2.xml"); assertNotNull(inputStream); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImplTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImplTest.java index f10ca520..aa2bcd62 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImplTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/ErrorResultImplTest.java @@ -36,7 +36,7 @@ public class ErrorResultImplTest { ByteArrayOutputStream stream = new ByteArrayOutputStream(); StreamResult result = new StreamResult(stream); - errorResult.writeTo(result); + errorResult.writeTo(result, false); System.out.println(stream.toString()); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadComandImplTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadComandImplTest.java index b0d11d47..bfc784f7 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadComandImplTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadComandImplTest.java @@ -39,6 +39,7 @@ import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.slexceptions.SLVersionException; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.dummy.DummySTAL; @@ -63,7 +64,7 @@ public class InfoboxReadComandImplTest { } @Test - public void testInfboxReadRequest() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequest() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.xml"); assertNotNull(inputStream); @@ -73,11 +74,11 @@ public class InfoboxReadComandImplTest { assertTrue(command instanceof InfoboxReadCommand); SLResult result = command.execute(); - result.writeTo(new StreamResult(System.out)); + result.writeTo(new StreamResult(System.out), false); } @Test(expected=SLCommandException.class) - public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-1.xml"); assertNotNull(inputStream); @@ -87,7 +88,7 @@ public class InfoboxReadComandImplTest { assertTrue(command instanceof InfoboxReadCommand); } - public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-2.xml"); assertNotNull(inputStream); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImplTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImplTest.java index 8632b67c..e9b0775f 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImplTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/NullOperationResultImplTest.java @@ -33,7 +33,7 @@ public class NullOperationResultImplTest { ByteArrayOutputStream stream = new ByteArrayOutputStream(); StreamResult result = new StreamResult(stream); - nullOperationResult.writeTo(result); + nullOperationResult.writeTo(result, false); System.out.println(stream.toString()); diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java index f9c60b86..a17f0797 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImplTest.java @@ -23,7 +23,6 @@ import iaik.asn1.CodingException; import java.io.IOException; import java.io.InputStream; -import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; @@ -42,10 +41,12 @@ import at.gv.egiz.bku.slcommands.InfoboxReadCommand; import at.gv.egiz.bku.slcommands.SLCommand; import at.gv.egiz.bku.slcommands.SLCommandContext; import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slcommands.SLMarshallerFactory; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.slexceptions.SLVersionException; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.dummy.DummySTAL; @@ -93,9 +94,7 @@ public class SVPersonendatenInfoboxImplTest { JAXBElement ehic = new ObjectFactory().createEHIC(attributeList); - JAXBContext jaxbContext = SLCommandFactory.getInstance().getJaxbContext(); - - Marshaller marshaller = jaxbContext.createMarshaller(); + Marshaller marshaller = SLMarshallerFactory.getInstance().createMarshaller(false); marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); @@ -105,7 +104,7 @@ public class SVPersonendatenInfoboxImplTest { @Ignore @Test - public void testInfboxReadRequest() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequest() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.xml"); assertNotNull(inputStream); @@ -115,12 +114,12 @@ public class SVPersonendatenInfoboxImplTest { assertTrue(command instanceof InfoboxReadCommand); SLResult result = command.execute(); - result.writeTo(new StreamResult(System.out)); + result.writeTo(new StreamResult(System.out), false); } @Ignore @Test(expected=SLCommandException.class) - public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequestInvalid1() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-1.xml"); assertNotNull(inputStream); @@ -131,7 +130,7 @@ public class SVPersonendatenInfoboxImplTest { } @Ignore - public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException { + public void testInfboxReadRequestInvalid2() throws SLCommandException, SLRuntimeException, SLRequestException, SLVersionException { InputStream inputStream = getClass().getClassLoader().getResourceAsStream("at/gv/egiz/bku/slcommands/infoboxreadcommand/IdentityLink.Binary.Invalid-2.xml"); assertNotNull(inputStream); diff --git a/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_1/TransformsInfoType.java b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_1/TransformsInfoType.java index 5ee40b95..e4a8f48e 100644 --- a/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_1/TransformsInfoType.java +++ b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_1/TransformsInfoType.java @@ -24,11 +24,15 @@ package at.buergerkarte.namespaces.securitylayer._1; +import javax.xml.bind.JAXBElement; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAnyElement; import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlElementRef; import javax.xml.bind.annotation.XmlType; import org.w3._2000._09.xmldsig_.TransformsType; +import org.w3c.dom.Element; /** @@ -58,8 +62,9 @@ import org.w3._2000._09.xmldsig_.TransformsType; }) public class TransformsInfoType { - @XmlElement(name = "Transforms", namespace = "http://www.w3.org/2000/09/xmldsig#") - protected TransformsType transforms; + @XmlElementRef(name = "Transforms", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class) + @XmlAnyElement(lax = true) + protected Object transforms; @XmlElement(name = "FinalDataMetaInfo", required = true) protected MetaInfoType finalDataMetaInfo; @@ -68,10 +73,12 @@ public class TransformsInfoType { * * @return * possible object is - * {@link TransformsType } + * {@link JAXBElement }{@code <}{@link String }{@code >} + * {@link Object } + * {@link Element } * */ - public TransformsType getTransforms() { + public Object getTransforms() { return transforms; } @@ -80,10 +87,12 @@ public class TransformsInfoType { * * @param value * allowed object is - * {@link TransformsType } + * {@link JAXBElement }{@code <}{@link String }{@code >} + * {@link Object } + * {@link Element } * */ - public void setTransforms(TransformsType value) { + public void setTransforms(Object value) { this.transforms = value; } diff --git a/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ErrorResponseType.java b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ErrorResponseType.java new file mode 100644 index 00000000..69b5cd9d --- /dev/null +++ b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ErrorResponseType.java @@ -0,0 +1,98 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.0.2-b01-fcs +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.09.07 at 09:47:31 AM CEST +// + + +package at.buergerkarte.namespaces.securitylayer._20020225_; + +import java.math.BigInteger; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for ErrorResponseType complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType name="ErrorResponseType">
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element name="ErrorCode" type="{http://www.w3.org/2001/XMLSchema}integer"/>
+ *         <element name="Info" type="{http://www.w3.org/2001/XMLSchema}string"/>
+ *       </sequence>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "ErrorResponseType", propOrder = { + "errorCode", + "info" +}) +public class ErrorResponseType { + + @XmlElement(name = "ErrorCode", required = true) + protected BigInteger errorCode; + @XmlElement(name = "Info", required = true) + protected String info; + + /** + * Gets the value of the errorCode property. + * + * @return + * possible object is + * {@link BigInteger } + * + */ + public BigInteger getErrorCode() { + return errorCode; + } + + /** + * Sets the value of the errorCode property. + * + * @param value + * allowed object is + * {@link BigInteger } + * + */ + public void setErrorCode(BigInteger value) { + this.errorCode = value; + } + + /** + * Gets the value of the info property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getInfo() { + return info; + } + + /** + * Sets the value of the info property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setInfo(String value) { + this.info = value; + } + +} diff --git a/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ObjectFactory.java b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ObjectFactory.java new file mode 100644 index 00000000..a02f9ca1 --- /dev/null +++ b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/ObjectFactory.java @@ -0,0 +1,280 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.0.2-b01-fcs +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.09.07 at 09:47:31 AM CEST +// + + +package at.buergerkarte.namespaces.securitylayer._20020225_; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.annotation.XmlElementDecl; +import javax.xml.bind.annotation.XmlRegistry; +import javax.xml.namespace.QName; + + +/** + * This object contains factory methods for each + * Java content interface and Java element interface + * generated in the at.buergerkarte.namespaces.securitylayer._20020225_ package. + *

An ObjectFactory allows you to programatically + * construct new instances of the Java representation + * for XML content. The Java representation of XML + * content can consist of schema derived interfaces + * and classes representing the binding of schema + * type definitions, element declarations and model + * groups. Factory methods for each of these are + * provided in this class. + * + */ +@XmlRegistry +public class ObjectFactory { + + private final static QName _CreateXMLSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateXMLSignatureRequest"); + private final static QName _InfoboxUpdateRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "InfoboxUpdateRequest"); + private final static QName _ErrorResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "ErrorResponse"); + private final static QName _VerifyXMLSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "VerifyXMLSignatureResponse"); + private final static QName _CreateSessionKeyResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateSessionKeyResponse"); + private final static QName _GetPropertiesRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "GetPropertiesRequest"); + private final static QName _GetPropertiesResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "GetPropertiesResponse"); + private final static QName _InfoboxAvailableResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "InfoboxAvailableResponse"); + private final static QName _InfoboxAvailableRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "InfoboxAvailableRequest"); + private final static QName _CreateSessionKeyRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateSessionKeyRequest"); + private final static QName _InfoboxUpdateResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "InfoboxUpdateResponse"); + private final static QName _CreateXMLSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateXMLSignatureResponse"); + private final static QName _GetStatusResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "GetStatusResponse"); + private final static QName _CreateCMSSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateCMSSignatureRequest"); + private final static QName _CreateSymmetricSecretRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateSymmetricSecretRequest"); + private final static QName _VerifyXMLSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "VerifyXMLSignatureRequest"); + private final static QName _CreateSymmetricSecretResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateSymmetricSecretResponse"); + private final static QName _CreateCMSSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "CreateCMSSignatureResponse"); + private final static QName _VerifyCMSSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "VerifyCMSSignatureResponse"); + private final static QName _InfoboxReadResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "InfoboxReadResponse"); + private final static QName _VerifyCMSSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "VerifyCMSSignatureRequest"); + private final static QName _InfoboxReadRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "InfoboxReadRequest"); + private final static QName _GetStatusRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "GetStatusRequest"); + + /** + * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: at.buergerkarte.namespaces.securitylayer._20020225_ + * + */ + public ObjectFactory() { + } + + /** + * Create an instance of {@link ErrorResponseType } + * + */ + public ErrorResponseType createErrorResponseType() { + return new ErrorResponseType(); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateXMLSignatureRequest") + public JAXBElement createCreateXMLSignatureRequest(Object value) { + return new JAXBElement(_CreateXMLSignatureRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "InfoboxUpdateRequest") + public JAXBElement createInfoboxUpdateRequest(Object value) { + return new JAXBElement(_InfoboxUpdateRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link ErrorResponseType }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "ErrorResponse") + public JAXBElement createErrorResponse(ErrorResponseType value) { + return new JAXBElement(_ErrorResponse_QNAME, ErrorResponseType.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "VerifyXMLSignatureResponse") + public JAXBElement createVerifyXMLSignatureResponse(Object value) { + return new JAXBElement(_VerifyXMLSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateSessionKeyResponse") + public JAXBElement createCreateSessionKeyResponse(Object value) { + return new JAXBElement(_CreateSessionKeyResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "GetPropertiesRequest") + public JAXBElement createGetPropertiesRequest(Object value) { + return new JAXBElement(_GetPropertiesRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "GetPropertiesResponse") + public JAXBElement createGetPropertiesResponse(Object value) { + return new JAXBElement(_GetPropertiesResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "InfoboxAvailableResponse") + public JAXBElement createInfoboxAvailableResponse(Object value) { + return new JAXBElement(_InfoboxAvailableResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "InfoboxAvailableRequest") + public JAXBElement createInfoboxAvailableRequest(Object value) { + return new JAXBElement(_InfoboxAvailableRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateSessionKeyRequest") + public JAXBElement createCreateSessionKeyRequest(Object value) { + return new JAXBElement(_CreateSessionKeyRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "InfoboxUpdateResponse") + public JAXBElement createInfoboxUpdateResponse(Object value) { + return new JAXBElement(_InfoboxUpdateResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateXMLSignatureResponse") + public JAXBElement createCreateXMLSignatureResponse(Object value) { + return new JAXBElement(_CreateXMLSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "GetStatusResponse") + public JAXBElement createGetStatusResponse(Object value) { + return new JAXBElement(_GetStatusResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateCMSSignatureRequest") + public JAXBElement createCreateCMSSignatureRequest(Object value) { + return new JAXBElement(_CreateCMSSignatureRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateSymmetricSecretRequest") + public JAXBElement createCreateSymmetricSecretRequest(Object value) { + return new JAXBElement(_CreateSymmetricSecretRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "VerifyXMLSignatureRequest") + public JAXBElement createVerifyXMLSignatureRequest(Object value) { + return new JAXBElement(_VerifyXMLSignatureRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateSymmetricSecretResponse") + public JAXBElement createCreateSymmetricSecretResponse(Object value) { + return new JAXBElement(_CreateSymmetricSecretResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "CreateCMSSignatureResponse") + public JAXBElement createCreateCMSSignatureResponse(Object value) { + return new JAXBElement(_CreateCMSSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "VerifyCMSSignatureResponse") + public JAXBElement createVerifyCMSSignatureResponse(Object value) { + return new JAXBElement(_VerifyCMSSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "InfoboxReadResponse") + public JAXBElement createInfoboxReadResponse(Object value) { + return new JAXBElement(_InfoboxReadResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "VerifyCMSSignatureRequest") + public JAXBElement createVerifyCMSSignatureRequest(Object value) { + return new JAXBElement(_VerifyCMSSignatureRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "InfoboxReadRequest") + public JAXBElement createInfoboxReadRequest(Object value) { + return new JAXBElement(_InfoboxReadRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", name = "GetStatusRequest") + public JAXBElement createGetStatusRequest(Object value) { + return new JAXBElement(_GetStatusRequest_QNAME, Object.class, null, value); + } + +} diff --git a/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/package-info.java b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/package-info.java new file mode 100644 index 00000000..084f6b11 --- /dev/null +++ b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020225_/package-info.java @@ -0,0 +1,9 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.0.2-b01-fcs +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.09.07 at 09:47:31 AM CEST +// + +@javax.xml.bind.annotation.XmlSchema(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020225#", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED) +package at.buergerkarte.namespaces.securitylayer._20020225_; diff --git a/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020831_/ObjectFactory.java b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020831_/ObjectFactory.java new file mode 100644 index 00000000..17f6d4b4 --- /dev/null +++ b/utils/src/main/java/at/buergerkarte/namespaces/securitylayer/_20020831_/ObjectFactory.java @@ -0,0 +1,112 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.0.2-b01-fcs +// See http://java.sun.com/xml/jaxb +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2009.09.07 at 09:47:31 AM CEST +// + + +package at.buergerkarte.namespaces.securitylayer._20020831_; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.annotation.XmlElementDecl; +import javax.xml.bind.annotation.XmlRegistry; +import javax.xml.namespace.QName; + + +/** + * This object contains factory methods for each + * Java content interface and Java element interface + * generated in the at.buergerkarte.namespaces.securitylayer._20020831_ package. + *

An ObjectFactory allows you to programatically + * construct new instances of the Java representation + * for XML content. The Java representation of XML + * content can consist of schema derived interfaces + * and classes representing the binding of schema + * type definitions, element declarations and model + * groups. Factory methods for each of these are + * provided in this class. + * + */ +@XmlRegistry +public class ObjectFactory { + + private final static QName _CreateXMLSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "CreateXMLSignatureRequest"); + private final static QName _GetPropertiesResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "GetPropertiesResponse"); + private final static QName _VerifyXMLSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "VerifyXMLSignatureResponse"); + private final static QName _VerifyXMLSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "VerifyXMLSignatureRequest"); + private final static QName _VerifyCMSSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "VerifyCMSSignatureResponse"); + private final static QName _CreateXMLSignatureResponse_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "CreateXMLSignatureResponse"); + private final static QName _VerifyCMSSignatureRequest_QNAME = new QName("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "VerifyCMSSignatureRequest"); + + /** + * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: at.buergerkarte.namespaces.securitylayer._20020831_ + * + */ + public ObjectFactory() { + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "CreateXMLSignatureRequest") + public JAXBElement createCreateXMLSignatureRequest(Object value) { + return new JAXBElement(_CreateXMLSignatureRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "GetPropertiesResponse") + public JAXBElement createGetPropertiesResponse(Object value) { + return new JAXBElement(_GetPropertiesResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "VerifyXMLSignatureResponse") + public JAXBElement createVerifyXMLSignatureResponse(Object value) { + return new JAXBElement(_VerifyXMLSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "VerifyXMLSignatureRequest") + public JAXBElement createVerifyXMLSignatureRequest(Object value) { + return new JAXBElement(_VerifyXMLSignatureRequest_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "VerifyCMSSignatureResponse") + public JAXBElement createVerifyCMSSignatureResponse(Object value) { + return new JAXBElement(_VerifyCMSSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "CreateXMLSignatureResponse") + public JAXBElement createCreateXMLSignatureResponse(Object value) { + return new JAXBElement(_CreateXMLSignatureResponse_QNAME, Object.class, null, value); + } + + /** + * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >}} + * + */ + @XmlElementDecl(namespace = "http://www.buergerkarte.at/namespaces/securitylayer/20020831#", name = "VerifyCMSSignatureRequest") + public JAXBElement createVerifyCMSSignatureRequest(Object value) { + return new JAXBElement(_VerifyCMSSignatureRequest_QNAME, Object.class, null, value); + } + +} diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingInputStream.java b/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingInputStream.java new file mode 100644 index 00000000..28ef6b88 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingInputStream.java @@ -0,0 +1,62 @@ +/** + * + */ +package at.gv.egiz.bku.utils; + +import java.io.IOException; +import java.io.InputStream; +import java.nio.CharBuffer; + +/** + * @author mcentner + * + */ +public class URLEncodingInputStream extends InputStream { + + private char[] buffer = new char[1]; + + private CharBuffer charBuffer = CharBuffer.wrap(buffer); + + protected Readable in; + + /** + * @param in + */ + public URLEncodingInputStream(Readable in) { + this.in = in; + } + + /* (non-Javadoc) + * @see java.io.InputStream#read() + */ + @Override + public int read() throws IOException { + charBuffer.rewind(); + if (in.read(charBuffer) == -1) { + return -1; + } + if (buffer[0] == '+') { + return ' '; + } else if (buffer[0] == '%') { + charBuffer.rewind(); + if (in.read(charBuffer) == -1) { + throw new IOException("Invalid URL encoding."); + } + int c1 = Character.digit(buffer[0], 16); + charBuffer.rewind(); + if (in.read(charBuffer) == -1) { + throw new IOException("Invalid URL encoding."); + } + int c2 = Character.digit(buffer[0], 16); + if (c1 == -1 || c2 == -1) { + throw new IOException("Invalid URL encoding."); + } + return ((c1 << 4) | c2); + } else { + return buffer[0]; + } + } + + + +} diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingOutputStream.java b/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingOutputStream.java new file mode 100644 index 00000000..df42df6d --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingOutputStream.java @@ -0,0 +1,134 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.utils; + +import java.io.IOException; +import java.io.OutputStream; +import java.nio.CharBuffer; +import java.util.BitSet; + +/** + * An URLEncoding RFC3986, Section 2.1 + * OutputStream. + * + * @author mcentner + */ +public class URLEncodingOutputStream extends OutputStream { + + private static final int MAX_BUFFER_SIZE = 512; + + private static final BitSet UNRESERVED = new BitSet(256); + + static { + for (int i = '0'; i <= '9'; i++) { + UNRESERVED.set(i); + } + for (int i = 'a'; i <= 'z'; i++) { + UNRESERVED.set(i); + } + for (int i = 'A'; i <= 'Z'; i++) { + UNRESERVED.set(i); + } + UNRESERVED.set('-'); + UNRESERVED.set('_'); + UNRESERVED.set('.'); + UNRESERVED.set('*'); + UNRESERVED.set(' '); + } + + private static final char[] HEX = new char[] { + '0', '1', '2', '3', '4', '5', '6', '7', + '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' + }; + + private char[] buf; + + protected Appendable out; + + /** + * Creates a new instance of this URLEncodingOutputStream that writes to the + * given Appendable. + *

+ * Note: According to + * http://www.w3.org/TR/html40/appendix/notes.html#non-ascii-chars the input + * for the {@link #write()} methods should be the UTF-8. + *

+ * + * @param out + */ + public URLEncodingOutputStream(Appendable out) { + this.out = out; + } + + /* (non-Javadoc) + * @see java.io.OutputStream#write(int) + */ + @Override + public void write(int b) throws IOException { + b &= 0xFF; + if (UNRESERVED.get(b)) { + if (b == ' ') { + out.append('+'); + } else { + out.append((char) b); + } + } else { + out.append('%').append(HEX[b >>> 4]).append(HEX[b & 0xF]); + } + + } + + /* (non-Javadoc) + * @see java.io.OutputStream#write(byte[], int, int) + */ + @Override + public void write(byte[] b, int off, int len) throws IOException { + + // ensure a buffer at least double the size of end - start + 1 + // but max + int sz = Math.min(len + 1, MAX_BUFFER_SIZE); + if (buf == null || buf.length < sz) { + buf = new char[sz]; + } + + int bPos = 0; + for (int i = 0; i < len; i++) { + if (bPos + 3 > buf.length) { + // flush buffer + out.append(CharBuffer.wrap(buf, 0, bPos)); + bPos = 0; + } + int c = 0xFF & b[off + i]; + if (UNRESERVED.get(c)) { + if (c == ' ') { + buf[bPos++] = '+'; + } else { + buf[bPos++] = (char) c; + } + } else { + buf[bPos++] = '%'; + buf[bPos++] = HEX[c >>> 4]; + buf[bPos++] = HEX[c & 0xF]; + } + } + out.append(CharBuffer.wrap(buf, 0, bPos)); + + } + + +} diff --git a/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingWriter.java b/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingWriter.java new file mode 100644 index 00000000..3ba90265 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/bku/utils/URLEncodingWriter.java @@ -0,0 +1,57 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */package at.gv.egiz.bku.utils; + +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.io.Writer; +import java.nio.charset.Charset; + +/** + * An URLEncoding RFC3986, Section + * 2.1 Writer, that uses an UTF-8 encoding according to http://www.w3.org/TR/html40/appendix/notes.html#non-ascii-chars for + * writing non-ASCII characters. + * + * @author mcentner + */ +public class URLEncodingWriter extends Writer { + + protected OutputStreamWriter osw; + + public URLEncodingWriter(Appendable out) { + URLEncodingOutputStream urlEnc = new URLEncodingOutputStream(out); + osw = new OutputStreamWriter(urlEnc, Charset.forName("UTF-8")); + } + + @Override + public void close() throws IOException { + osw.close(); + } + + @Override + public void flush() throws IOException { + osw.flush(); + } + + @Override + public void write(char[] cbuf, int off, int len) throws IOException { + osw.write(cbuf, off, len); + } + +} diff --git a/utils/src/main/java/at/gv/egiz/marshal/MarshallerFactory.java b/utils/src/main/java/at/gv/egiz/marshal/MarshallerFactory.java index ccebcc81..3ac0a86e 100644 --- a/utils/src/main/java/at/gv/egiz/marshal/MarshallerFactory.java +++ b/utils/src/main/java/at/gv/egiz/marshal/MarshallerFactory.java @@ -31,13 +31,17 @@ public class MarshallerFactory { private static final Log log = LogFactory.getLog(MarshallerFactory.class); - public static Marshaller createMarshaller(JAXBContext ctx, boolean formattedOutput) throws JAXBException { + public static Marshaller createMarshaller(JAXBContext ctx, boolean formattedOutput, boolean fragment) throws JAXBException { Marshaller m = ctx.createMarshaller(); try { if (formattedOutput) { log.trace("setting marshaller property FORMATTED_OUTPUT"); m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); } + if (fragment) { + log.trace("setting marshaller property FRAGMENT"); + m.setProperty(Marshaller.JAXB_FRAGMENT, Boolean.TRUE); + } log.trace("setting marshaller property NamespacePrefixMapper"); m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapperImpl()); } catch (PropertyException ex) { @@ -45,8 +49,12 @@ public class MarshallerFactory { } return m; } + + public static Marshaller createMarshaller(JAXBContext ctx, boolean formattedOutput) throws JAXBException { + return createMarshaller(ctx, formattedOutput, false); + } public static Marshaller createMarshaller(JAXBContext ctx) throws JAXBException { - return createMarshaller(ctx, false); + return createMarshaller(ctx, false, false); } } diff --git a/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefix.java b/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefix.java deleted file mode 100644 index 3ae1d0ff..00000000 --- a/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefix.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.marshal; - -/** - * - * @author Clemens Orthacker - */ -public interface NamespacePrefix { - String CARDCHANNEL_PREFIX = "cc"; - String ECDSA_PREFIX = "ecdsa"; - String PERSONDATA_PREFIX = "pr"; - String SAML10_PREFIX = "saml"; - String SL_PREFIX = "sl"; - String XADES_PREFIX = "xades"; - String XMLDSIG_PREFIX = "dsig"; - String XSI_PREFIX = "xsi"; - -} diff --git a/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefixMapperImpl.java b/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefixMapperImpl.java index 519f6b1f..e0698977 100644 --- a/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefixMapperImpl.java +++ b/utils/src/main/java/at/gv/egiz/marshal/NamespacePrefixMapperImpl.java @@ -17,6 +17,9 @@ package at.gv.egiz.marshal; //import com.sun.xml.internal.bind.marshaller.NamespacePrefixMapper; +import java.util.HashMap; +import java.util.Map; + import com.sun.xml.bind.marshaller.NamespacePrefixMapper; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -29,45 +32,32 @@ public class NamespacePrefixMapperImpl extends NamespacePrefixMapper { private static final Log log = LogFactory.getLog(NamespacePrefixMapperImpl.class); + protected static final Map prefixMap = new HashMap(); + + static { + prefixMap.put("http://www.w3.org/2001/XMLSchema-instance", "xsi"); + prefixMap.put("http://www.w3.org/2000/09/xmldsig#", "dsig"); + prefixMap.put("http://www.buergerkarte.at/namespaces/securitylayer/1.2#", "sl"); + prefixMap.put("http://www.buergerkarte.at/cardchannel", "cc"); + prefixMap.put("http://www.w3.org/2001/04/xmldsig-more#", "ecdsa"); + prefixMap.put("http://reference.e-government.gv.at/namespace/persondata/20020228#", "pr"); + prefixMap.put("urn:oasis:names:tc:SAML:1.0:assertion", "saml"); + prefixMap.put("http://uri.etsi.org/01903/v1.1.1#", "xades"); + prefixMap.put("http://www.buergerkarte.at/namespaces/securitylayer/20020225#", "sl10"); + prefixMap.put("http://www.buergerkarte.at/namespaces/securitylayer/20020831#", "sl11"); + } + + @Override public String getPreferredPrefix(String namespaceUri, String suggestion, boolean requirePrefix) { if (log.isTraceEnabled()) { log.trace("prefix for namespace " + namespaceUri + " requested"); } - if ("http://www.w3.org/2001/XMLSchema-instance".equals(namespaceUri)) { - return NamespacePrefix.XSI_PREFIX; - } - - if ("http://www.w3.org/2000/09/xmldsig#".equals(namespaceUri)) { - return NamespacePrefix.XMLDSIG_PREFIX; - } - - if ("http://www.buergerkarte.at/namespaces/securitylayer/1.2#".equals(namespaceUri)) { - return NamespacePrefix.SL_PREFIX; - } - - if ("http://www.buergerkarte.at/cardchannel".equals(namespaceUri)) { - return NamespacePrefix.CARDCHANNEL_PREFIX; - } - - if ("http://www.w3.org/2001/04/xmldsig-more#".equals(namespaceUri)) { - return NamespacePrefix.ECDSA_PREFIX; - } - - if ("http://reference.e-government.gv.at/namespace/persondata/20020228#".equals(namespaceUri)) { - return NamespacePrefix.PERSONDATA_PREFIX; - } - - if ("urn:oasis:names:tc:SAML:1.0:assertion".equals(namespaceUri)) { - return NamespacePrefix.SAML10_PREFIX; - } - - if ("http://uri.etsi.org/01903/v1.1.1#".equals(namespaceUri)) { - return NamespacePrefix.XADES_PREFIX; - } - return suggestion; + String prefix = prefixMap.get(namespaceUri); + + return (prefix != null) ? prefix : suggestion; } /** diff --git a/utils/src/main/java/at/gv/egiz/validation/ReportingValidationEventHandler.java b/utils/src/main/java/at/gv/egiz/validation/ReportingValidationEventHandler.java new file mode 100644 index 00000000..6543c333 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/validation/ReportingValidationEventHandler.java @@ -0,0 +1,64 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.validation; + +import javax.xml.bind.ValidationEvent; +import javax.xml.bind.ValidationEventHandler; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class ReportingValidationEventHandler implements ValidationEventHandler { + + protected static final Log log = LogFactory.getLog(ReportingValidationEventHandler.class); + + protected ValidationEvent errorEvent; + + /** + * + * @param event + * @return false, terminate the current unmarshal, validate, or marshal operation after handling this warning/error + * (except for WARNING validation events) + */ + @Override + public boolean handleEvent(ValidationEvent event) { + switch (event.getSeverity()) { + case ValidationEvent.WARNING: + log.info(event.getMessage()); + return true; + case ValidationEvent.ERROR: + log.warn(event.getMessage()); + errorEvent = event; + return false; + case ValidationEvent.FATAL_ERROR: + log.error(event.getMessage()); + errorEvent = event; + return false; + default: + log.debug(event.getMessage()); + return false; + } + } + + public ValidationEvent getErrorEvent() { + return errorEvent; + } + +} diff --git a/utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java b/utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java deleted file mode 100644 index 0fafdd7f..00000000 --- a/utils/src/main/java/at/gv/egiz/validation/ValidationEventLogger.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.validation; - -import javax.xml.bind.ValidationEvent; -import javax.xml.bind.ValidationEventHandler; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * - * @author Clemens Orthacker - */ -public class ValidationEventLogger implements ValidationEventHandler { - - protected static final Log log = LogFactory.getLog(ValidationEventLogger.class); - - /** - * - * @param event - * @return false, terminate the current unmarshal, validate, or marshal operation after handling this warning/error - * (except for WARNING validation events) - */ - @Override - public boolean handleEvent(ValidationEvent event) { - switch (event.getSeverity()) { - case ValidationEvent.WARNING: - log.info(event.getMessage()); - return true; - case ValidationEvent.ERROR: - log.warn(event.getMessage()); - return false; - case ValidationEvent.FATAL_ERROR: - log.error(event.getMessage()); - return false; - default: - log.debug(event.getMessage()); - return false; - } - } -} diff --git a/utils/src/main/java/at/gv/egiz/xades/QualifyingPropertiesFactory.java b/utils/src/main/java/at/gv/egiz/xades/QualifyingPropertiesFactory.java index 71ca1db9..82cba624 100644 --- a/utils/src/main/java/at/gv/egiz/xades/QualifyingPropertiesFactory.java +++ b/utils/src/main/java/at/gv/egiz/xades/QualifyingPropertiesFactory.java @@ -16,8 +16,6 @@ */ package at.gv.egiz.xades; -import at.gv.egiz.marshal.MarshallerFactory; -import at.gv.egiz.marshal.NamespacePrefixMapperImpl; import java.math.BigInteger; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -51,6 +49,8 @@ import org.w3._2000._09.xmldsig_.DigestMethodType; import org.w3._2000._09.xmldsig_.X509IssuerSerialType; import org.w3c.dom.Node; +import at.gv.egiz.marshal.MarshallerFactory; + public class QualifyingPropertiesFactory { public static String NS_URI_V1_1_1 = "http://uri.etsi.org/01903/v1.1.1#"; @@ -155,7 +155,7 @@ public class QualifyingPropertiesFactory { return dataObjectFormatType; } - public JAXBElement createQualifyingProperties111(Date signingTime, List certificates, String idValue, List dataObjectFormats) throws QualifyingPropertiesException { + public JAXBElement createQualifyingProperties111(String target, Date signingTime, List certificates, String idValue, List dataObjectFormats) throws QualifyingPropertiesException { GregorianCalendar gregorianCalendar = new GregorianCalendar(); gregorianCalendar.setTimeZone(TimeZone.getTimeZone("UTC")); @@ -206,6 +206,8 @@ public class QualifyingPropertiesFactory { QualifyingPropertiesType qualifyingPropertiesType = qpFactory.createQualifyingPropertiesType(); qualifyingPropertiesType.setSignedProperties(signedPropertiesType); + qualifyingPropertiesType.setTarget(target); + return qpFactory.createQualifyingProperties(qualifyingPropertiesType); } diff --git a/utils/src/test/java/at/gv/egiz/bku/utils/URLEncodingOutputStreamTest.java b/utils/src/test/java/at/gv/egiz/bku/utils/URLEncodingOutputStreamTest.java new file mode 100644 index 00000000..e92b9584 --- /dev/null +++ b/utils/src/test/java/at/gv/egiz/bku/utils/URLEncodingOutputStreamTest.java @@ -0,0 +1,147 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.utils; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.io.StringWriter; +import java.io.Writer; +import java.net.URLEncoder; +import java.nio.charset.Charset; + +import org.junit.BeforeClass; +import org.junit.Ignore; +import org.junit.Test; + +public class URLEncodingOutputStreamTest { + + private static String buf; + + private static Charset UTF_8 = Charset.forName("UTF-8"); + + @BeforeClass + public static void setUpClass() throws IOException { + + ClassLoader cl = URLEncodingOutputStreamTest.class.getClassLoader(); + InputStream is = cl.getResourceAsStream("BigRequest.xml"); + + assertNotNull(is); + + InputStreamReader reader = new InputStreamReader(is, UTF_8); + + StringBuilder sb = new StringBuilder(); + + char[] b = new char[512]; + for (int l; (l = reader.read(b)) != -1;) { + sb.append(b, 0, l); + } + + buf = sb.toString(); + + } + + @Test + public void testCompareResults() throws IOException { + + String out1; + String out2; + + // new + StringWriter writer = new StringWriter(); + URLEncodingOutputStream urlEnc = new URLEncodingOutputStream(writer); + OutputStreamWriter streamWriter = new OutputStreamWriter(urlEnc, UTF_8); + streamWriter.append(buf); + streamWriter.flush(); + out1 = writer.toString(); + + // URLEncoder + out2 = URLEncoder.encode(buf, UTF_8.name()); + + for (int i = 0; i < out1.length(); i++) { + if (out1.charAt(i) != out2.charAt(i)) { + System.out.println(i + ": " + out1.substring(i)); + System.out.println(i + ": " + out2.substring(i)); + } + } + + assertEquals(out1, out2); + + } + + @Ignore + @Test + public void testURLEncodingOutputStream() throws IOException { + + NullWriter writer = new NullWriter(); + + URLEncodingOutputStream urlEnc = new URLEncodingOutputStream(writer); + OutputStreamWriter streamWriter = new OutputStreamWriter(urlEnc, UTF_8); + + long t0, t1, dt = 0; + for (int run = 0; run < 1000; run++) { + t0 = System.currentTimeMillis(); + streamWriter.append(buf); + t1 = System.currentTimeMillis(); + if (run > 1) { + dt += t1 - t0; + } + } + System.out.println("Time " + dt + "ms"); + + } + + @Ignore + @Test + public void testURLEncodingNaive() throws IOException { + + String in = new String(buf); + + long t0, t1, dt = 0; + for (int run = 0; run < 1000; run++) { + t0 = System.currentTimeMillis(); + URLEncoder.encode(in, "UTF-8"); + t1 = System.currentTimeMillis(); + if (run > 1) { + dt += t1 - t0; + } + } + System.out.println("Time (naive) " + dt + "ms"); + + } + + public class NullWriter extends Writer { + + @Override + public void close() throws IOException { + } + + @Override + public void flush() throws IOException { + } + + @Override + public void write(char[] cbuf, int off, int len) throws IOException { + } + + } + +} diff --git a/utils/src/test/resources/BigRequest.xml b/utils/src/test/resources/BigRequest.xml new file mode 100644 index 00000000..90eb1eb8 --- /dev/null +++ b/utils/src/test/resources/BigRequest.xml @@ -0,0 +1,1060 @@ + + +SecureSignatureKeypair + + + TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQsIGNvbnNlY3RldHVyIGFkaXBpc2Np +bmcgZWxpdC4gTnVsbGFtIHZ1bHB1dGF0ZSwgcmlzdXMgaW1wZXJkaWV0IGNvbnNl +cXVhdCB2YXJpdXMsIHJpc3VzIGR1aSB0ZW1wdXMgbGVvLCBub24gbGFjaW5pYSBl +bmltIG51bmMgYSBzZW0uIERvbmVjIHBvcnRhLCBpcHN1bSB0aW5jaWR1bnQgdWx0 +cmljZXMgaW50ZXJkdW0sIGZlbGlzIGF1Z3VlIHNvZGFsZXMgYW50ZSwgdmVsIG9y +bmFyZSBsaWJlcm8gbnVsbGEgZXQgcHVydXMuIENyYXMgdGVtcHVzIHZhcml1cyBw +b3J0YS4gRG9uZWMgaWQgcHVydXMgdXQgdmVsaXQgYmliZW5kdW0gbHVjdHVzIGJs +YW5kaXQgc2l0IGFtZXQgbmVxdWUuIENsYXNzIGFwdGVudCB0YWNpdGkgc29jaW9z +cXUgYWQgbGl0b3JhIHRvcnF1ZW50IHBlciBjb251YmlhIG5vc3RyYSwgcGVyIGlu +Y2VwdG9zIGhpbWVuYWVvcy4gQ3JhcyBmYWNpbGlzaXMgdGVtcHVzIGZlcm1lbnR1 +bS4gRG9uZWMgZmVybWVudHVtIG1hc3NhIGV0IHNhcGllbiBwb3N1ZXJlIHZlbmVu +YXRpcy4gSW4gcXVpcyB1cm5hIG9yY2kuIER1aXMgYSBsaWJlcm8gb3JjaS4gTnVs +bGEgcG9ydHRpdG9yIGF1Z3VlIHZpdGFlIGxpZ3VsYSB0ZW1wb3Igc2VkIHJ1dHJ1 +bSBtaSBjdXJzdXMuIEFlbmVhbiBpYWN1bGlzIG5pc2kgYXQgaXBzdW0gY29uc2Vj +dGV0dXIgZWdldCB2YXJpdXMgbWFnbmEgc29sbGljaXR1ZGluLiBVdCBmYWNpbGlz +aXMgdGVsbHVzIGEgbmVxdWUgZWdlc3RhcyBwbGFjZXJhdC4gRG9uZWMgdG9ydG9y +IHZlbGl0LCB0aW5jaWR1bnQgYSBtb2xsaXMgY3Vyc3VzLCBsdWN0dXMgYWxpcXVh +bSBsaWJlcm8uIER1aXMgbm9uIHRlbGx1cyBwcmV0aXVtIHRlbGx1cyB2YXJpdXMg +ZWxlaWZlbmQgaW4gc2VkIHNlbS4gU3VzcGVuZGlzc2UgZmVybWVudHVtIHRlbGx1 +cyBpZCBmZWxpcyB0ZW1wdXMgdml2ZXJyYS4gRG9uZWMgcG9ydHRpdG9yIHRpbmNp +ZHVudCBtYXVyaXMgbmVjIGV1aXNtb2QuCgpQcmFlc2VudCB1bGxhbWNvcnBlciB0 +cmlzdGlxdWUgbG9yZW0sIGV0IHBsYWNlcmF0IG51bmMgZWxlbWVudHVtIHV0LiBN +b3JiaSBldCBhZGlwaXNjaW5nIHNlbS4gTmFtIHZlbCBuaWJoIGV1IGxlbyBjb25k +aW1lbnR1bSByaG9uY3VzIHF1aXMgc2VkIHVybmEuIFBoYXNlbGx1cyBpZCBqdXN0 +byB1dCBvcmNpIHZlc3RpYnVsdW0gc2NlbGVyaXNxdWUuIE5hbSBtb2xsaXMgdG9y +dG9yIHB1cnVzLiBQZWxsZW50ZXNxdWUgaWFjdWxpcyBzZW1wZXIgbWFsZXN1YWRh +LiBJbnRlZ2VyIGJsYW5kaXQgZmVsaXMgYXQgbG9yZW0gZXVpc21vZCB2ZW5lbmF0 +aXMuIE1hZWNlbmFzIG5lYyBlbGVpZmVuZCBsZW8uIERvbmVjIGxvYm9ydGlzLCBy +aXN1cyBuZWMgdGVtcHVzIHZvbHV0cGF0LCBudWxsYSBlbGl0IGx1Y3R1cyBhcmN1 +LCBhYyBwb3N1ZXJlIGxhY3VzIG1hc3NhIGluIG1pLiBNYWVjZW5hcyBzaXQgYW1l +dCBudW5jIG5lYyB0ZWxsdXMgZWdlc3RhcyB2ZXN0aWJ1bHVtIHZpdGFlIGV0IGVs +aXQuIE51bGxhbSBjb25zZWN0ZXR1ciBydXRydW0gdGVsbHVzIGFjIGFjY3Vtc2Fu +LiBDdXJhYml0dXIgZ3JhdmlkYSBhdWd1ZSBldCBtZXR1cyBjdXJzdXMgZWxlaWZl +bmQuIENyYXMgb2RpbyBhcmN1LCB0aW5jaWR1bnQgdXQgZWdlc3RhcyB2ZWwsIGdy +YXZpZGEgaW4gZXJvcy4gTnVuYyBldCBtYWxlc3VhZGEgcXVhbS4gTWF1cmlzIGFj +IHRlbGx1cyBhcmN1LgoKQ3JhcyBuaXNsIHNhcGllbiwgdGluY2lkdW50IGVnZXQg +ZWxlaWZlbmQgdmVsLCBwcmV0aXVtIGlkIGxlY3R1cy4gQWxpcXVhbSB0b3J0b3Ig +dXJuYSwgcG9zdWVyZSBpZCBydXRydW0gbHVjdHVzLCBhdWN0b3Igc2VkIGFudGUu +IFByb2luIGZlcm1lbnR1bSwgbmliaCBhIHZvbHV0cGF0IHZvbHV0cGF0LCBlcm9z +IGRvbG9yIHNjZWxlcmlzcXVlIG1hZ25hLCB0ZW1wdXMgc29sbGljaXR1ZGluIGxp +YmVybyBkb2xvciBydXRydW0gZXN0LiBNYXVyaXMgcXVpcyBqdXN0byBhcmN1LiBQ +cm9pbiB2ZWhpY3VsYSBhZGlwaXNjaW5nIGVyb3Mgbm9uIGNvbmRpbWVudHVtLiBO +dW5jIHN1c2NpcGl0LCBsZWN0dXMgZXUgaWFjdWxpcyBtb2xlc3RpZSwgbWkgZG9s +b3IgcG9ydGEgZG9sb3IsIGV1IHNhZ2l0dGlzIG1hc3NhIGlwc3VtIGluIG1pLiBO +dW5jIHNlbXBlciBzY2VsZXJpc3F1ZSBsb3JlbSwgYSBzb2RhbGVzIHRvcnRvciBw +b3J0dGl0b3IgaWQuIE51bGxhIG1hdHRpcywgdG9ydG9yIG5lYyBpYWN1bGlzIHBy +ZXRpdW0sIGVyYXQgbGFjdXMgdnVscHV0YXRlIGR1aSwgdnVscHV0YXRlIGZhY2ls +aXNpcyBkb2xvciB0dXJwaXMgdXQgZmVsaXMuIE1hZWNlbmFzIHZpdGFlIHNlbSBl +dCBuaWJoIHNhZ2l0dGlzIHRpbmNpZHVudCBxdWlzIGluIHRvcnRvci4gQWxpcXVh +bSBpZCBzb2RhbGVzIHJpc3VzLiBJbnRlZ2VyIGZhY2lsaXNpcywgc2FwaWVuIHV0 +IHNhZ2l0dGlzIGNvbnNlY3RldHVyLCBkaWFtIGxvcmVtIHZpdmVycmEgZG9sb3Is +IHF1aXMgY29tbW9kbyBuaWJoIGVyYXQgcXVpcyBtZXR1cy4gUHJvaW4gZGljdHVt +IHJpc3VzIG1hdXJpcy4gTnVuYyBldSB1cm5hIHNpdCBhbWV0IHZlbGl0IHBsYWNl +cmF0IGVsZWlmZW5kLiBBZW5lYW4gc2l0IGFtZXQgcHVydXMgbnVuYy4gUHJvaW4g +bm9uIG5lcXVlIGEgdGVsbHVzIG1hdHRpcyBlZ2VzdGFzIGF0IHV0IG51bmMuIERv +bmVjIG5vbiBhbnRlIHZpdGFlIG9yY2kgcGVsbGVudGVzcXVlIHNjZWxlcmlzcXVl +LiBNYWVjZW5hcyBhYyBpYWN1bGlzIGZlbGlzLiBVdCBhZGlwaXNjaW5nIHN1c2Np +cGl0IGRpYW0gdXQgcG9ydGEuIERvbmVjIHZlc3RpYnVsdW0gbGFjaW5pYSBtYWdu +YSwgaWQgcnV0cnVtIG5pc2kgdmVuZW5hdGlzIHNlZC4KCk51bGxhIHNhZ2l0dGlz +IHBoYXJldHJhIGFudGUgZXUgb3JuYXJlLiBBbGlxdWFtIGV1IGRvbG9yIHV0IHVy +bmEgY29uZGltZW50dW0gcnV0cnVtLiBJbnRlZ2VyIHN1c2NpcGl0LCB2ZWxpdCBu +ZWMgc29sbGljaXR1ZGluIGN1cnN1cywgbGVjdHVzIHF1YW0gc2NlbGVyaXNxdWUg +bWksIGlkIGF1Y3RvciBzYXBpZW4gdG9ydG9yIHNlZCB0ZWxsdXMuIERvbmVjIHRp +bmNpZHVudCB0aW5jaWR1bnQgbGVjdHVzLCBxdWlzIHNvZGFsZXMgcHVydXMgaW1w +ZXJkaWV0IGV0LiBOdWxsYSBmYWNpbGlzaS4gTnVsbGFtIGlhY3VsaXMgZWxlbWVu +dHVtIGZlbGlzLCBlZ2V0IG1hdHRpcyBkb2xvciB0cmlzdGlxdWUgYWMuIFNlZCBl +Z2V0IHNlbSBuZXF1ZS4gVXQgZmVybWVudHVtLCBtaSBxdWlzIHZvbHV0cGF0IHZl +bmVuYXRpcywgbGFjdXMgbmVxdWUgY29udmFsbGlzIGVzdCwgdml0YWUgc3VzY2lw +aXQgdHVycGlzIGFudGUgYXQgcmlzdXMuIE51bmMgZmVybWVudHVtLCBtYWduYSBx +dWlzIHZlbmVuYXRpcyBldWlzbW9kLCBlbGl0IHZlbGl0IGZlcm1lbnR1bSBqdXN0 +bywgYSBkaWN0dW0gbGlndWxhIGp1c3RvIGFjIGxvcmVtLiBTZWQgZWdldCB0b3J0 +b3IgbWFnbmEsIHZpdmVycmEgaW50ZXJkdW0gbGVvLiBRdWlzcXVlIGluIGxhY3Vz +IGV0IGxlY3R1cyBhZGlwaXNjaW5nIGNvbnNlY3RldHVyIGluIHF1aXMgZXN0LiBN +YXVyaXMgZXQgZG9sb3IgZXQgbmVxdWUgbW9sZXN0aWUgY29uc2VjdGV0dXIgZXVp +c21vZCBldSBlbGl0LiBOdWxsYSBmYWNpbGlzaS4gUHJvaW4gYWMgdmVsaXQgaXBz +dW0sIHV0IHRyaXN0aXF1ZSBtYWduYS4gVmVzdGlidWx1bSBwb3N1ZXJlIG1hbGVz +dWFkYSBuaXNsIHNpdCBhbWV0IGFsaXF1YW0uIFN1c3BlbmRpc3NlIHNlZCBpcHN1 +bSBpZCB0ZWxsdXMgcG9ydGEgcG9zdWVyZSBlZ2V0IHNpdCBhbWV0IHR1cnBpcy4g +TnVuYyBhYyBkb2xvciB2ZWwgdXJuYSBkYXBpYnVzIGZlcm1lbnR1bSBuZWMgdmVo +aWN1bGEgdXJuYS4gRnVzY2UgdGluY2lkdW50IG1ldHVzIGV1IGlwc3VtIG1hdHRp +cyB0cmlzdGlxdWUuIFNlZCBmYXVjaWJ1cyBmcmluZ2lsbGEgYWRpcGlzY2luZy4g +Q3JhcyBwaGFyZXRyYSwgYW50ZSBzZWQgYWNjdW1zYW4gcmhvbmN1cywgZWxpdCBk +b2xvciBsYWNpbmlhIG1hdXJpcywgYXQgbGFvcmVldCBsaWJlcm8gYXVndWUgYXQg +bmlzbC4KClByb2luIGEgbGVvIHV0IHRvcnRvciBwb3J0YSBsdWN0dXMuIFZlc3Rp +YnVsdW0gYW50ZSBpcHN1bSBwcmltaXMgaW4gZmF1Y2lidXMgb3JjaSBsdWN0dXMg +ZXQgdWx0cmljZXMgcG9zdWVyZSBjdWJpbGlhIEN1cmFlOyBVdCBzZWQgbnVuYyB2 +ZWwgbWV0dXMgc3VzY2lwaXQgY29uZ3VlIGF0IGEgZG9sb3IuIE51bmMgZXUgdG9y +dG9yIGxvcmVtLCBuZWMgY29uZ3VlIGxpYmVyby4gTW9yYmkgbGFvcmVldCBsZWN0 +dXMgbmlzbCwgdml0YWUgcmhvbmN1cyBlbGl0LiBTdXNwZW5kaXNzZSBldCBxdWFt +IHF1aXMgZHVpIGxhY2luaWEgc29kYWxlcyBuZWMgZXUgbGlndWxhLiBQZWxsZW50 +ZXNxdWUgbm9uIGlwc3VtIGxlbywgc2l0IGFtZXQgbW9sZXN0aWUgZHVpLiBTZWQg +YSBhdWd1ZSBlZ2V0IG1hdXJpcyBncmF2aWRhIG1hbGVzdWFkYSBldCBxdWlzIGlw +c3VtLiBBbGlxdWFtIGFjIG5pYmggbGlndWxhLCBpbiBwb3J0dGl0b3IgZWxpdC4g +TWF1cmlzIHR1cnBpcyBvcmNpLCBhY2N1bXNhbiBpbiBpbnRlcmR1bSBhdCwgZmFj +aWxpc2lzIHZpdGFlIHR1cnBpcy4gUXVpc3F1ZSBtYXR0aXMgcGVsbGVudGVzcXVl +IGVyb3MgdmVsIHZpdmVycmEuIFZlc3RpYnVsdW0gbGFvcmVldCBjb25ndWUgYWxp +cXVhbS4gRG9uZWMgcG9zdWVyZSBtYXVyaXMgbmVjIGxpYmVybyBvcm5hcmUgZXQg +ZWdlc3RhcyBhbnRlIHB1bHZpbmFyLiBDdXJhYml0dXIgYW50ZSBhbnRlLCBtb2xl +c3RpZSB1dCBiaWJlbmR1bSB2aXRhZSwgcnV0cnVtIHZlbCByaXN1cy4gRG9uZWMg +ZXQgbmVxdWUgcHVydXMsIHNpdCBhbWV0IGFkaXBpc2NpbmcgZmVsaXMuIFBlbGxl +bnRlc3F1ZSBkaWduaXNzaW0gdmVzdGlidWx1bSBzYXBpZW4gbmVjIGZyaW5naWxs +YS4gUHJvaW4gbmVjIHB1cnVzIGV0IGVzdCBldWlzbW9kIHBoYXJldHJhLiBQZWxs +ZW50ZXNxdWUgZGFwaWJ1cyBkYXBpYnVzIG1ldHVzIHZlbCBmYWNpbGlzaXMuIFZp +dmFtdXMgdmVsIGVsaXQgbnVuYy4KCkV0aWFtIGFjIGVuaW0gZWdldCBtYXVyaXMg +ZmF1Y2lidXMgZGFwaWJ1cy4gTW9yYmkgdml0YWUgbGVjdHVzIG5lcXVlLiBNYXVy +aXMgc2FwaWVuIG1ldHVzLCBzdXNjaXBpdCBzaXQgYW1ldCBlZ2VzdGFzIHZpdGFl +LCBwaGFyZXRyYSBhIG1hc3NhLiBVdCB2YXJpdXMsIHRvcnRvciBzZWQgZnJpbmdp +bGxhIHBsYWNlcmF0LCBuZXF1ZSBkaWFtIGNvbmd1ZSBudW5jLCBpZCBhbGlxdWV0 +IG5pc2kgcmlzdXMgdXQgdXJuYS4gVml2YW11cyBwbGFjZXJhdCBwb3J0YSBhcmN1 +IHZpdGFlIGFjY3Vtc2FuLiBNYXVyaXMgaGVuZHJlcml0LCBlbmltIHZpdGFlIGFs +aXF1YW0gcG9ydHRpdG9yLCBwdXJ1cyBuZXF1ZSBncmF2aWRhIG1hZ25hLCBub24g +cHJldGl1bSBuZXF1ZSBsZWN0dXMgc2l0IGFtZXQgdG9ydG9yLiBEdWlzIHN1c2Np +cGl0IG9ybmFyZSBvZGlvIHZpdGFlIHBoYXJldHJhLiBEb25lYyBlbGVpZmVuZCwg +ZHVpIG5vbiBncmF2aWRhIGNvbnZhbGxpcywgb2RpbyBhcmN1IGJsYW5kaXQgbWFn +bmEsIG5vbiBwb3J0YSBsZW8gbGliZXJvIHBvcnRhIG1hZ25hLiBEdWlzIGVzdCB1 +cm5hLCBsdWN0dXMgZXUgaW50ZXJkdW0gbmVjLCBpYWN1bGlzIG5lYyBlbGl0LiBD +dXJhYml0dXIgZmFjaWxpc2lzIHRlbXB1cyB0ZW1wdXMuIFNlZCBzZW0gdXJuYSwg +dml2ZXJyYSBldSBpbXBlcmRpZXQgc2l0IGFtZXQsIGludGVyZHVtIGV0IGp1c3Rv +LiBJbiBoYWMgaGFiaXRhc3NlIHBsYXRlYSBkaWN0dW1zdC4gRG9uZWMgdGluY2lk +dW50IG1hc3NhIHV0IGR1aSBmZXJtZW50dW0gcG9zdWVyZSBldCBuZWMgdHVycGlz +LiBFdGlhbSBmZXJtZW50dW0gcG9ydGEgbWF1cmlzLiBTdXNwZW5kaXNzZSBsYWN1 +cyBsaWJlcm8sIHByZXRpdW0gaW4gZWdlc3RhcyB2ZWwsIHNhZ2l0dGlzIGV0IG1h +c3NhLiBOdWxsYSBhbGlxdWFtIGxhb3JlZXQgc2FwaWVuLCBhdCBwZWxsZW50ZXNx +dWUgZXJvcyB2ZW5lbmF0aXMgcXVpcy4gSW50ZWdlciBhY2N1bXNhbiwgbGFjdXMg +dXQgZGFwaWJ1cyBlZ2VzdGFzLCByaXN1cyBuaXNsIHNlbXBlciB0dXJwaXMsIHNp +dCBhbWV0IHZpdmVycmEgZmVsaXMgdHVycGlzIHNlZCB2ZWxpdC4KCkRvbmVjIHZl +aGljdWxhLCB0ZWxsdXMgcXVpcyBtb2xlc3RpZSBiaWJlbmR1bSwgYXVndWUgbmlz +bCB0ZW1wdXMgbG9yZW0sIHNpdCBhbWV0IGNvbmRpbWVudHVtIGp1c3RvIGF1Z3Vl +IHNpdCBhbWV0IGFudGUuIE51bGxhbSB0b3J0b3Igc2VtLCBtYXR0aXMgYWMgcG9y +dHRpdG9yIHZpdGFlLCBpYWN1bGlzIHNlZCBkdWkuIEN1bSBzb2NpaXMgbmF0b3F1 +ZSBwZW5hdGlidXMgZXQgbWFnbmlzIGRpcyBwYXJ0dXJpZW50IG1vbnRlcywgbmFz +Y2V0dXIgcmlkaWN1bHVzIG11cy4gRXRpYW0gaW4gc2VtIGlwc3VtLiBJbiBldSBt +b2xlc3RpZSBtZXR1cy4gVml2YW11cyBsYW9yZWV0IGZhdWNpYnVzIG5pYmgsIGEg +c2VtcGVyIG5pYmggZnJpbmdpbGxhIHV0LiBNYWVjZW5hcyBsYW9yZWV0LCBwdXJ1 +cyBldSBzb2xsaWNpdHVkaW4gcGhhcmV0cmEsIGp1c3RvIHRlbGx1cyBjb21tb2Rv +IGF1Z3VlLCBpbiBmYXVjaWJ1cyBsZW8ganVzdG8gbmVjIG5pc2wuIE5hbSBldSBw +cmV0aXVtIGVzdC4gRnVzY2Ugc2l0IGFtZXQgcXVhbSBsb3JlbSwgdXQgc29kYWxl +cyB0ZWxsdXMuIE51bmMgZWxlbWVudHVtLCBzZW0gc2NlbGVyaXNxdWUgaWFjdWxp +cyBpbnRlcmR1bSwgZXJvcyBkdWkgb3JuYXJlIG9yY2ksIHNlZCBwbGFjZXJhdCBy +aXN1cyBlcmF0IGVnZXQgYXJjdS4gTW9yYmkgYWMgbWV0dXMgaWQgbGlndWxhIHBv +cnRhIGdyYXZpZGEuIE51bmMgY29udmFsbGlzIGRpYW0gaW4gbmlzaSBncmF2aWRh +IGFjIGNvbW1vZG8gbGFjdXMgZGlnbmlzc2ltLiBDdW0gc29jaWlzIG5hdG9xdWUg +cGVuYXRpYnVzIGV0IG1hZ25pcyBkaXMgcGFydHVyaWVudCBtb250ZXMsIG5hc2Nl +dHVyIHJpZGljdWx1cyBtdXMuIEV0aWFtIHF1aXMgdmVsaXQgZXUgZmVsaXMgbHVj +dHVzIHBlbGxlbnRlc3F1ZSBub24gZWdlc3RhcyBuZXF1ZS4gTnVuYyBuaWJoIHRl +bGx1cywgcGxhY2VyYXQgbm9uIGZlcm1lbnR1bSBhdCwgb3JuYXJlIHF1aXMgZGlh +bS4gU3VzcGVuZGlzc2Ugc2l0IGFtZXQgcHVydXMgcXVpcyBkdWkgY29uc2VxdWF0 +IHByZXRpdW0uIEZ1c2NlIGV0IG1hZ25hIG5pc2ksIHZlbCB2ZXN0aWJ1bHVtIGVy +b3MuIEluIGZhdWNpYnVzLCBsYWN1cyBlZ2V0IGZhdWNpYnVzIGZldWdpYXQsIGxp +Z3VsYSBlbmltIHZlc3RpYnVsdW0gbG9yZW0sIGEgdml2ZXJyYSBsb3JlbSBlc3Qg +dml0YWUgcXVhbS4gTnVuYyBwdXJ1cyBuaXNsLCB2YXJpdXMgZXQgdGVtcG9yIHVs +dHJpY2llcywgaWFjdWxpcyBhIGxpYmVyby4gQ2xhc3MgYXB0ZW50IHRhY2l0aSBz +b2Npb3NxdSBhZCBsaXRvcmEgdG9ycXVlbnQgcGVyIGNvbnViaWEgbm9zdHJhLCBw +ZXIgaW5jZXB0b3MgaGltZW5hZW9zLgoKRnVzY2UgdmVsIGp1c3RvIHNpdCBhbWV0 +IHF1YW0gbWFsZXN1YWRhIG9ybmFyZSBzaXQgYW1ldCBldCBhbnRlLiBOdWxsYW0g +cmhvbmN1cyBwb3J0YSBzZW0gcXVpcyBtYWxlc3VhZGEuIENsYXNzIGFwdGVudCB0 +YWNpdGkgc29jaW9zcXUgYWQgbGl0b3JhIHRvcnF1ZW50IHBlciBjb251YmlhIG5v +c3RyYSwgcGVyIGluY2VwdG9zIGhpbWVuYWVvcy4gRG9uZWMgYW50ZSBvZGlvLCB0 +aW5jaWR1bnQgYWMgbW9sbGlzIGluLCB1bHRyaWNlcyBuZWMgZHVpLiBOdW5jIGN1 +cnN1cyBtYWduYSBuZWMgcHVydXMgZnJpbmdpbGxhIGEgbW9sZXN0aWUgcHVydXMg +bG9ib3J0aXMuIEZ1c2NlIHJ1dHJ1bSwgbG9yZW0gZWdldCB1bGxhbWNvcnBlciBm +cmluZ2lsbGEsIGR1aSBsaWd1bGEgc29sbGljaXR1ZGluIHJpc3VzLCB2aXRhZSBw +b3N1ZXJlIG5lcXVlIGZlbGlzIHZpdGFlIHF1YW0uIEN1cmFiaXR1ciBjb25kaW1l +bnR1bSBsaWJlcm8gYXQgb3JjaSBhdWN0b3IgZXUgY29tbW9kbyBsaWJlcm8gc29s +bGljaXR1ZGluLiBDcmFzIHNlZCBwdXJ1cyBtaSwgc2VkIGNvbnZhbGxpcyBuaWJo +LiBOdWxsYW0gYWMgbG9yZW0gYSBpcHN1bSBsYWNpbmlhIHVsbGFtY29ycGVyIGlk +IHF1aXMgdG9ydG9yLiBNb3JiaSBlbGVpZmVuZCwgbnVsbGEgdmVsIHZlbmVuYXRp +cyBjb25kaW1lbnR1bSwgbGVjdHVzIHRvcnRvciB2ZW5lbmF0aXMgcmlzdXMsIGEg +bHVjdHVzIGxhY3VzIGlwc3VtIHV0IHNhcGllbi4KCk1hdXJpcyBsYW9yZWV0IG51 +bmMgc2l0IGFtZXQgZW5pbSBkaWN0dW0gbG9ib3J0aXMuIE1hdXJpcyBydXRydW0s +IGVsaXQgdXQgbW9sZXN0aWUgb3JuYXJlLCB0b3J0b3IgZXJvcyB2YXJpdXMgbnVu +YywgdHJpc3RpcXVlIHBlbGxlbnRlc3F1ZSB0dXJwaXMgYXVndWUgaW4gYW50ZS4g +QWVuZWFuIGZlbGlzIGR1aSwgZnJpbmdpbGxhIGluIGFsaXF1YW0gYXQsIG9ybmFy +ZSB1dCBudWxsYS4gSW4gbWkgbnVuYywgc2VtcGVyIGluIGNvbmRpbWVudHVtIG5v +biwgY29uZ3VlIGFjIG1hdXJpcy4gQ3VyYWJpdHVyIGltcGVyZGlldCByaG9uY3Vz +IHNlbSwgbW9sZXN0aWUgYWRpcGlzY2luZyBpcHN1bSBzb2xsaWNpdHVkaW4gYS4g +Vml2YW11cyB1dCBpcHN1bSBxdWlzIHR1cnBpcyBhbGlxdWV0IHRpbmNpZHVudCBh +Y2N1bXNhbiBhYyBxdWFtLiBDdXJhYml0dXIgcG9ydHRpdG9yLCBtYXVyaXMgYWMg +bHVjdHVzIHZpdmVycmEsIHB1cnVzIGVzdCBhZGlwaXNjaW5nIHNhcGllbiwgc2l0 +IGFtZXQgYWxpcXVhbSBxdWFtIG51bGxhIGF0IGVyYXQuIFZpdmFtdXMgdGVtcHVz +LCBqdXN0byBhIHByZXRpdW0gZGljdHVtLCBpcHN1bSBudW5jIGxhb3JlZXQgdGVs +bHVzLCBuZWMgdGVtcHVzIHNlbSBuaXNpIGFjIHF1YW0uIFZpdmFtdXMgaW4gbWFz +c2EgZW5pbS4gUXVpc3F1ZSBuZWMgdG9ydG9yIHZpdGFlIG51bGxhIHVsdHJpY2Vz +IGNvbnZhbGxpcy4gTnVsbGFtIHRvcnRvciBtYXVyaXMsIGF1Y3RvciB2aXRhZSB0 +ZW1wb3IgZXQsIGF1Y3RvciBuZWMgc2FwaWVuLiBRdWlzcXVlIHVsbGFtY29ycGVy +IHZpdmVycmEgdmVuZW5hdGlzLiBNYWVjZW5hcyBxdWlzIGdyYXZpZGEgbWFzc2Eu +IEludGVnZXIgdml0YWUganVzdG8gbGVjdHVzLCBhYyBtYWxlc3VhZGEgcXVhbS4g +TWFlY2VuYXMgc2l0IGFtZXQgbmVxdWUgbnVsbGEsIG5lYyBpbXBlcmRpZXQgaXBz +dW0uIFNlZCB0ZW1wdXMgYmliZW5kdW0gc2FwaWVuLCBub24gZnJpbmdpbGxhIG51 +bmMgZWxlbWVudHVtIGV1LiBOdW5jIGF1Y3RvciBhbGlxdWV0IGxlbywgYmliZW5k +dW0gcHJldGl1bSBkaWFtIHBsYWNlcmF0IGFjLiBOYW0gaW4gZW5pbSBkdWkuIFNl +ZCBldCBuaWJoIG5vbiBudW5jIHBsYWNlcmF0IHBoYXJldHJhLiBTZWQgb2RpbyBs +ZW8sIGNvbmRpbWVudHVtIGV1IHN1c2NpcGl0IGV1LCBtb2xsaXMgZWdldCBuaXNp +LgoKUHJvaW4gb3JuYXJlLCBpcHN1bSB2aXRhZSBsYW9yZWV0IHZhcml1cywgbGFj +dXMgbGVvIHBoYXJldHJhIG1hdXJpcywgc2VkIGNvbnZhbGxpcyBsaWJlcm8gbWV0 +dXMgcmhvbmN1cyBvcmNpLiBNYXVyaXMgcnV0cnVtIGxlbyB2ZWwgYW50ZSBlZ2Vz +dGFzIGEgYWRpcGlzY2luZyBlc3QgdmVuZW5hdGlzLiBJbiBldSBtaSB1dCBlbGl0 +IHRyaXN0aXF1ZSB2ZWhpY3VsYS4gTnVuYyBwb3N1ZXJlLCBlbmltIHF1aXMgc3Vz +Y2lwaXQgYWNjdW1zYW4sIGVsaXQgbGVvIHNlbXBlciBudW5jLCBub24gbGFvcmVl +dCBhbnRlIG5pYmggc2l0IGFtZXQgbWF1cmlzLiBBbGlxdWFtIGFjIHF1YW0gcXVp +cyBuaXNsIHNvbGxpY2l0dWRpbiBtb2xlc3RpZSBpZCBhYyBudWxsYS4gSW50ZWdl +ciBldSBkb2xvciBpcHN1bS4gUGhhc2VsbHVzIGludGVyZHVtIHZlaGljdWxhIHNl +bXBlci4gU3VzcGVuZGlzc2UgbmVjIGFyY3UgYWMgZXN0IGlhY3VsaXMgdmVoaWN1 +bGEuIE1hZWNlbmFzIHNlbXBlciBsaWJlcm8gaWFjdWxpcyBsb3JlbSBmZXVnaWF0 +IGF1Y3Rvci4gQWxpcXVhbSBibGFuZGl0IHNlbXBlciBibGFuZGl0LiBVdCBlZ2Vz +dGFzIGVyb3Mgc2VkIG5pc2kgZGFwaWJ1cyBhIHNlbXBlciBtZXR1cyBkYXBpYnVz +LiBNb3JiaSB2dWxwdXRhdGUgbGFvcmVldCB2ZWxpdCwgZXUgYmliZW5kdW0gYXJj +dSBjb21tb2RvIG5vbi4gTWFlY2VuYXMgZmVsaXMgbnVuYywgdm9sdXRwYXQgaWQg +dmVzdGlidWx1bSB2aXRhZSwgdmVzdGlidWx1bSB2aXRhZSBhbnRlLgoKU2VkIG51 +bmMgaXBzdW0sIGF1Y3RvciB2ZWwgZmV1Z2lhdCBzaXQgYW1ldCwgaW50ZXJkdW0g +YXQgbGlndWxhLiBNYXVyaXMgcXVpcyBuaXNpIGVnZXQgbGVjdHVzIGdyYXZpZGEg +c2VtcGVyIGluIHF1aXMgZW5pbS4gTnVsbGEgYXVjdG9yIGVsZW1lbnR1bSBqdXN0 +bywgbm9uIGJpYmVuZHVtIGR1aSBmZXJtZW50dW0gYWMuIEZ1c2NlIGxvcmVtIGF1 +Z3VlLCBjb21tb2RvIG5vbiB0aW5jaWR1bnQgc2l0IGFtZXQsIGFjY3Vtc2FuIHNl +ZCBtZXR1cy4gTmFtIHNhcGllbiBlbmltLCBkaWduaXNzaW0gZXQgdmFyaXVzIGV1 +LCBsdWN0dXMgYXQgb3JjaS4gTnVsbGFtIGxpYmVybyBvcmNpLCBiaWJlbmR1bSBh +IGxhY2luaWEgYWMsIHZ1bHB1dGF0ZSBmYXVjaWJ1cyBtaS4gTW9yYmkgY29uZGlt +ZW50dW0gZmVybWVudHVtIGRpZ25pc3NpbS4gTG9yZW0gaXBzdW0gZG9sb3Igc2l0 +IGFtZXQsIGNvbnNlY3RldHVyIGFkaXBpc2NpbmcgZWxpdC4gUXVpc3F1ZSBldCBu +ZXF1ZSBlcmF0LCB1dCB2b2x1dHBhdCBsZW8uIFZlc3RpYnVsdW0gdmVsIGxpZ3Vs +YSBuZXF1ZS4gTnVuYyBwaGFyZXRyYSBsaWJlcm8gaW4gbWF1cmlzIGRhcGlidXMg +aW4gbGFvcmVldCBkdWkgbHVjdHVzLiBQaGFzZWxsdXMgdmVsaXQgbmlzaSwgZGlj +dHVtIGF0IHZvbHV0cGF0IG5lYywgaGVuZHJlcml0IGZhY2lsaXNpcyBlc3QuIFN1 +c3BlbmRpc3NlIG1hdXJpcyBwdXJ1cywgZGlnbmlzc2ltIHNpdCBhbWV0IHRpbmNp +ZHVudCBhYywgaWFjdWxpcyBpZCBzZW0uIER1aXMgcmlzdXMganVzdG8sIGZyaW5n +aWxsYSBhdCB2dWxwdXRhdGUgYXQsIGxvYm9ydGlzIG5vbiBhcmN1LiBBbGlxdWFt +IGVyYXQgdm9sdXRwYXQuCgpWaXZhbXVzIGxlY3R1cyBtaSwgdWxsYW1jb3JwZXIg +ZXQgZmV1Z2lhdCBzaXQgYW1ldCwgZ3JhdmlkYSBxdWlzIHZlbGl0LiBDcmFzIHRp +bmNpZHVudCBtZXR1cyByaXN1cywgZWdldCB0cmlzdGlxdWUgYXJjdS4gTnVuYyBl +Z2V0IGxlbyBhIGVsaXQgdGVtcG9yIHBvcnR0aXRvci4gQ3VtIHNvY2lpcyBuYXRv +cXVlIHBlbmF0aWJ1cyBldCBtYWduaXMgZGlzIHBhcnR1cmllbnQgbW9udGVzLCBu +YXNjZXR1ciByaWRpY3VsdXMgbXVzLiBQcmFlc2VudCB0ZW1wdXMgbnVuYyBlZ2V0 +IG5pYmggY29uc2VjdGV0dXIgYWMgY29udmFsbGlzIGVuaW0gc2FnaXR0aXMuIEFs +aXF1YW0gaXBzdW0gdXJuYSwgZmF1Y2lidXMgYWMgdHJpc3RpcXVlIHZlbCwgbGFv +cmVldCBhIGxlby4gUGhhc2VsbHVzIGNvbmRpbWVudHVtIGVuaW0gZWdldCBpcHN1 +bSB2b2x1dHBhdCB1dCBhY2N1bXNhbiBuaWJoIHBlbGxlbnRlc3F1ZS4gTnVsbGFt +IGxhb3JlZXQsIHRvcnRvciBpbiB1bGxhbWNvcnBlciBmcmluZ2lsbGEsIGR1aSBv +ZGlvIHNjZWxlcmlzcXVlIHB1cnVzLCB1dCBpYWN1bGlzIGVyYXQgcmlzdXMgYWMg +bnVsbGEuIEFsaXF1YW0gZWdlc3RhcyBsYWNpbmlhIGFsaXF1YW0uIE1hdXJpcyBi +bGFuZGl0LCB0b3J0b3IgcXVpcyBtb2xsaXMgcGVsbGVudGVzcXVlLCBudWxsYSBt +YWduYSB2ZXN0aWJ1bHVtIGVyYXQsIGV0IHRyaXN0aXF1ZSBsaWd1bGEgc2VtIGVn +ZXQgdGVsbHVzLiBWZXN0aWJ1bHVtIGZlbGlzIHRvcnRvciwgc2VtcGVyIGluIHN1 +c2NpcGl0IGVnZXQsIHRpbmNpZHVudCB2ZWwgdmVsaXQuCgpNYWVjZW5hcyBzZW0g +dGVsbHVzLCBiaWJlbmR1bSBhYyBjdXJzdXMgdXQsIGZldWdpYXQgdmVsIHRvcnRv +ci4gU2VkIHZlbmVuYXRpcyBmZWxpcyBhIGF1Z3VlIHByZXRpdW0gZXUgbGFvcmVl +dCBkdWkgbWF0dGlzLiBNYWVjZW5hcyByaG9uY3VzIHZlc3RpYnVsdW0gbWFnbmEg +ZWdldCBjb252YWxsaXMuIE51bGxhIGZhY2lsaXNpLiBGdXNjZSBpbnRlcmR1bSBk +aWN0dW0gbGVvIG5lYyBhZGlwaXNjaW5nLiBOdW5jIHZpdGFlIGxvcmVtIHF1YW0u +IEluIHVsdHJpY2llcyBzZW0gZXUgbGlndWxhIGVsZWlmZW5kIGluIHNhZ2l0dGlz +IGFyY3UgcnV0cnVtLiBOdWxsYW0gZGlhbSBqdXN0bywgZmVybWVudHVtIG5lYyBs +dWN0dXMgZXUsIGltcGVyZGlldCBuZWMgbGliZXJvLiBJbnRlZ2VyIGhlbmRyZXJp +dCB0ZW1wb3IgZGFwaWJ1cy4gU3VzcGVuZGlzc2UgcG90ZW50aS4gRG9uZWMgdXQg +YXJjdSBuZWMgbG9yZW0gbHVjdHVzIHZhcml1cyB2aXRhZSBhIG51bmMuIEZ1c2Nl +IGEgc2FwaWVuIGxhb3JlZXQgdGVsbHVzIGFkaXBpc2NpbmcgdmVzdGlidWx1bS4g +QWxpcXVhbSB2YXJpdXMgZGljdHVtIG1pIGVnZXQgZmV1Z2lhdC4gRXRpYW0gc2Vk +IGxlbyBldCBtYXVyaXMgZmV1Z2lhdCBldWlzbW9kLiBTdXNwZW5kaXNzZSBxdWlz +IG1hZ25hIG1hZ25hLCBhIHRpbmNpZHVudCBvcmNpLiBMb3JlbSBpcHN1bSBkb2xv +ciBzaXQgYW1ldCwgY29uc2VjdGV0dXIgYWRpcGlzY2luZyBlbGl0LiBEb25lYyBu +aXNpIHR1cnBpcywgYWxpcXVldCBldSBzb2xsaWNpdHVkaW4gdml0YWUsIGxhb3Jl +ZXQgbmVjIG5pc2kuIFZlc3RpYnVsdW0gdHJpc3RpcXVlLCB2ZWxpdCB2aXRhZSB1 +bGxhbWNvcnBlciBjb25kaW1lbnR1bSwgbGVjdHVzIG9yY2kgcG9ydHRpdG9yIGFy +Y3UsIGV1IHBsYWNlcmF0IGZlbGlzIHB1cnVzIG5lYyBvcmNpLiBOYW0gaXBzdW0g +YXVndWUsIHNjZWxlcmlzcXVlIGF0IGxhY2luaWEgc2l0IGFtZXQsIG1hdHRpcyBh +IGVyYXQuIFBoYXNlbGx1cyBhIG1hZ25hIHF1aXMgbGFjdXMgdmFyaXVzIHBsYWNl +cmF0LgoKUHJvaW4gb3JuYXJlIHZpdmVycmEgcGxhY2VyYXQuIFNlZCBpYWN1bGlz +IHVsdHJpY2VzIG1hZ25hLCBjb252YWxsaXMgYXVjdG9yIG1pIHRyaXN0aXF1ZSB2 +ZWwuIFBlbGxlbnRlc3F1ZSBhYyBuaXNpIHNpdCBhbWV0IG5pc2kgYWxpcXVhbSB0 +aW5jaWR1bnQgYWMgdXQgaXBzdW0uIFByYWVzZW50IGEgdGVsbHVzIG5vbiBudW5j +IGlhY3VsaXMgYWRpcGlzY2luZy4gUXVpc3F1ZSBmYWNpbGlzaXMganVzdG8gZWdl +dCBtZXR1cyBncmF2aWRhIHVsbGFtY29ycGVyLiBEb25lYyBzYWdpdHRpcywgdG9y +dG9yIGV1aXNtb2QgYWxpcXVhbSBpbnRlcmR1bSwgYXVndWUgYXVndWUgbGFvcmVl +dCBlbGl0LCBpbiBjb21tb2RvIHVybmEgbGFjdXMgdmVsIGVzdC4gVmVzdGlidWx1 +bSBkdWkgbmliaCwgdmFyaXVzIGEgaW50ZXJkdW0gYSwgcG9ydGEgdXQgbWV0dXMu +IFV0IGxlY3R1cyB1cm5hLCBwb3N1ZXJlIGluIGx1Y3R1cyBldCwgcnV0cnVtIGEg +ZXJhdC4gU3VzcGVuZGlzc2UgY3Vyc3VzLCB0b3J0b3Igdml0YWUgc2NlbGVyaXNx +dWUgdHJpc3RpcXVlLCBkb2xvciBlcmF0IGRpZ25pc3NpbSBsZWN0dXMsIG5lYyBz +b2RhbGVzIG1hdXJpcyB0ZWxsdXMgdmVsIHB1cnVzLiBEdWlzIGVsaXQgbWF1cmlz +LCBhY2N1bXNhbiB1dCBwb3N1ZXJlIHZ1bHB1dGF0ZSwgbWFsZXN1YWRhIGV0IGFu +dGUuIE1vcmJpIGJsYW5kaXQgbGFjdXMgYXQgbWF1cmlzIHNhZ2l0dGlzIHJ1dHJ1 +bS4gUGhhc2VsbHVzIGRvbG9yIG1hdXJpcywgY29uc2VxdWF0IHZlbCBmYXVjaWJ1 +cyB2ZWwsIHB1bHZpbmFyIG5lYyBhcmN1LiBOYW0gY29tbW9kbywgcHVydXMgdml0 +YWUgbW9sbGlzIHNjZWxlcmlzcXVlLCBzYXBpZW4gdHVycGlzIGJpYmVuZHVtIGFu +dGUsIGV1IGZhY2lsaXNpcyBpcHN1bSBpcHN1bSBuZWMgbmVxdWUuIENsYXNzIGFw +dGVudCB0YWNpdGkgc29jaW9zcXUgYWQgbGl0b3JhIHRvcnF1ZW50IHBlciBjb251 +YmlhIG5vc3RyYSwgcGVyIGluY2VwdG9zIGhpbWVuYWVvcy4gUGVsbGVudGVzcXVl +IGNvbnZhbGxpcyBkaWduaXNzaW0gbWFnbmEgc2l0IGFtZXQgdnVscHV0YXRlLiBT +ZWQgY29uZGltZW50dW0gdmVoaWN1bGEgbWF0dGlzLiBWaXZhbXVzIHRpbmNpZHVu +dCBmYWNpbGlzaXMgaXBzdW0sIGV0IHBvcnRhIHJpc3VzIHVsdHJpY2VzIHZpdGFl +LiBRdWlzcXVlIG5vbiBjb25zZXF1YXQgbmlzbC4gQ3VyYWJpdHVyIGp1c3RvIG51 +bGxhLCBiaWJlbmR1bSBpbiB2ZW5lbmF0aXMgZWdldCwgcG9zdWVyZSBlZ2V0IHNl +bS4KClBlbGxlbnRlc3F1ZSBzaXQgYW1ldCByaXN1cyB2ZWwgbGliZXJvIGV1aXNt +b2Qgc3VzY2lwaXQgdmVsIHNpdCBhbWV0IG1ldHVzLiBEb25lYyBncmF2aWRhLCBs +ZW8gcXVpcyBpbnRlcmR1bSBjb25ndWUsIHF1YW0gbGVjdHVzIHRyaXN0aXF1ZSBu +aXNpLCBldSB1bHRyaWNlcyBzZW0gdHVycGlzIHRpbmNpZHVudCBlc3QuIFByYWVz +ZW50IHB1bHZpbmFyIGNvbnZhbGxpcyB1cm5hIHZpdGFlIGlhY3VsaXMuIFV0IGNv +bnZhbGxpcyBwdWx2aW5hciBmYWNpbGlzaXMuIEN1bSBzb2NpaXMgbmF0b3F1ZSBw +ZW5hdGlidXMgZXQgbWFnbmlzIGRpcyBwYXJ0dXJpZW50IG1vbnRlcywgbmFzY2V0 +dXIgcmlkaWN1bHVzIG11cy4gQWVuZWFuIGV0IGVyYXQgZG9sb3IsIGFjIHBvc3Vl +cmUgbWV0dXMuIFNlZCBjb25kaW1lbnR1bSBhZGlwaXNjaW5nIGlwc3VtLCBlZ2V0 +IHVsdHJpY2llcyBqdXN0byBmZXJtZW50dW0gc2l0IGFtZXQuIE5hbSBmZXJtZW50 +dW0gbGVvIHZpdGFlIGxlY3R1cyBtYXR0aXMgaW1wZXJkaWV0LiBFdGlhbSBkb2xv +ciBsYWN1cywgbWF0dGlzIGF0IHRlbXB1cyBldSwgY29uZ3VlIHZlbCB2ZWxpdC4g +UHJhZXNlbnQgYmxhbmRpdCB2aXZlcnJhIHJob25jdXMuIFBlbGxlbnRlc3F1ZSB2 +aXRhZSBsYWN1cyBsZW8uCgpRdWlzcXVlIGlkIGxvcmVtIHF1aXMgdHVycGlzIGx1 +Y3R1cyBjb25zZXF1YXQgaW4gc2l0IGFtZXQgZXN0LiBDdXJhYml0dXIgdHJpc3Rp +cXVlLCBhcmN1IGEgY3Vyc3VzIHZvbHV0cGF0LCBudWxsYSBlc3QgYXVjdG9yIHRl +bGx1cywgbmVjIGZhY2lsaXNpcyBuaWJoIGF1Z3VlIG5lYyBvcmNpLiBNYXVyaXMg +ZmV1Z2lhdCwgZXN0IGFjIGF1Y3RvciBldWlzbW9kLCBvZGlvIG5pYmggYWNjdW1z +YW4gbmVxdWUsIGluIGZlcm1lbnR1bSBvcmNpIG1hc3NhIHZpdGFlIGF1Z3VlLiBQ +ZWxsZW50ZXNxdWUgcXVpcyBtaSBhcmN1LCBub24gaW1wZXJkaWV0IGlwc3VtLiBO +dWxsYW0gZGFwaWJ1cyBoZW5kcmVyaXQgZmVsaXMsIGFjIHVsbGFtY29ycGVyIHRv +cnRvciBwaGFyZXRyYSBldC4gTnVsbGEgYWNjdW1zYW4sIGxhY3VzIHNlZCBlbGVt +ZW50dW0gaW50ZXJkdW0sIG1pIGFyY3UgdmVzdGlidWx1bSBuZXF1ZSwgZWdldCBm +YWNpbGlzaXMgZXJvcyBudW5jIGF0IGVsaXQuIFN1c3BlbmRpc3NlIGV1IG1hdXJp +cyBzdXNjaXBpdCBwdXJ1cyBkaWN0dW0gaWFjdWxpcy4gUHJhZXNlbnQgc2l0IGFt +ZXQgbnVuYyBuZWMgbGFjdXMgZmFjaWxpc2lzIHBvcnRhLiBNYXVyaXMgbnVuYyBp +cHN1bSwgc29sbGljaXR1ZGluIHNlZCBwb3N1ZXJlIGluLCBmZXJtZW50dW0gYWMg +dGVsbHVzLiBOdWxsYSBmcmluZ2lsbGEgc2NlbGVyaXNxdWUgZXJhdCBpZCBwbGFj +ZXJhdC4KCkludGVnZXIgZnJpbmdpbGxhIGZlcm1lbnR1bSB0dXJwaXMgZWdldCBs +YW9yZWV0LiBTdXNwZW5kaXNzZSBwb3N1ZXJlIGVzdCBhYyBlcm9zIGNvbnNlcXVh +dCBub24gZGlnbmlzc2ltIHB1cnVzIGFsaXF1ZXQuIE1hdXJpcyBwcmV0aXVtIHZl +bmVuYXRpcyBwdWx2aW5hci4gVXQgbmVxdWUgbWV0dXMsIGN1cnN1cyBpZCBkaWdu +aXNzaW0gc2l0IGFtZXQsIGNvbmRpbWVudHVtIGVnZXQgZXJvcy4gQWxpcXVhbSBl +cmF0IHZvbHV0cGF0LiBFdGlhbSBwb3J0YSBhbGlxdWFtIG5pc2ksIHNpdCBhbWV0 +IGNvbnNlY3RldHVyIHB1cnVzIGxvYm9ydGlzIG5lYy4gVmVzdGlidWx1bSB0aW5j +aWR1bnQgcGxhY2VyYXQgcXVhbSBhYyBjdXJzdXMuIFByYWVzZW50IGxhb3JlZXQg +ZXJvcyBub24gbmVxdWUgcmhvbmN1cyBhYyBoZW5kcmVyaXQgZHVpIHRlbXBvci4g +Q3JhcyBzb2RhbGVzIGVsaXQgdml0YWUgdXJuYSBpbnRlcmR1bSBhY2N1bXNhbi4g +TnVsbGFtIG5lYyBsYW9yZWV0IGFyY3UuIERvbmVjIGZyaW5naWxsYSBzY2VsZXJp +c3F1ZSByaXN1cywgbmVjIHNhZ2l0dGlzIG9kaW8gYWNjdW1zYW4gbm9uLiBRdWlz +cXVlIHJ1dHJ1bSBzb2RhbGVzIG9kaW8uIE1hdXJpcyBmYWNpbGlzaXMsIG5pYmgg +cXVpcyBlbGVpZmVuZCBzb2xsaWNpdHVkaW4sIGR1aSBvZGlvIGF1Y3RvciBvcmNp +LCBldSBwb3J0dGl0b3IgYXJjdSBudW5jIGFjIGxpZ3VsYS4gSW4gc2VkIG1pIG5l +cXVlLiBNYXVyaXMgZWdlc3RhcywgdGVsbHVzIHNlZCBldWlzbW9kIGVnZXN0YXMs +IGVyb3MgbGlndWxhIGdyYXZpZGEgcmlzdXMsIGF0IGFsaXF1YW0gbGVvIGxpZ3Vs +YSB1dCBvZGlvLiBBbGlxdWFtIHZlbCB2YXJpdXMgc2FwaWVuLiBFdGlhbSBldSBs +ZW8gZXJvcywgcXVpcyBjb25zZXF1YXQgbWkuIE51bGxhbSBzb2RhbGVzIHBlbGxl +bnRlc3F1ZSBvZGlvIG5vbiB0cmlzdGlxdWUuCgpBbGlxdWFtIGVyYXQgdm9sdXRw +YXQuIEFlbmVhbiBsYW9yZWV0LCBudW5jIGVnZXQgbW9sbGlzIGF1Y3RvciwgbWkg +bGlndWxhIGxvYm9ydGlzIGR1aSwgYSB1bHRyaWNpZXMgcXVhbSB2ZWxpdCB1dCBz +YXBpZW4uIFV0IHZlbCBpYWN1bGlzIG5pYmguIEV0aWFtIHV0IHJpc3VzIGR1aS4g +TWF1cmlzIGF0IGp1c3RvIGZlbGlzLiBNYXVyaXMgaWFjdWxpcyBiaWJlbmR1bSB2 +ZWxpdCBlZ2V0IGRhcGlidXMuIEFsaXF1YW0gZXJhdCB2b2x1dHBhdC4gTnVsbGEg +c2l0IGFtZXQgb3JjaSBhbnRlLCBhIGVnZXN0YXMgc2FwaWVuLiBNb3JiaSB1bGxh +bWNvcnBlciBsZWN0dXMgdmVsIG1hdXJpcyB2ZXN0aWJ1bHVtIG1hbGVzdWFkYS4g +Q3JhcyB2ZWwgbGVjdHVzIGlwc3VtLiBEdWlzIGVnZXN0YXMgdmVuZW5hdGlzIHBy +ZXRpdW0uIE1vcmJpIHNlZCB0b3J0b3IgZXUgb2RpbyBzdXNjaXBpdCBydXRydW0u +IFNlZCB1bHRyaWNlcyBtYXNzYSBmZXJtZW50dW0gbGFjdXMgdGVtcHVzIHBoYXJl +dHJhLiBJbiBldCBtYXVyaXMgcXVhbSwgaWQgZnJpbmdpbGxhIG1ldHVzLgoKQWVu +ZWFuIG5lYyB2ZWxpdCBkdWkuIE51bGxhbSBlZ2VzdGFzIG1pIGV1IGlwc3VtIHVs +dHJpY2VzIGVnZXQgdmVuZW5hdGlzIHZlbGl0IGxhY2luaWEuIFZpdmFtdXMgbmVj +IGxpZ3VsYSBzaXQgYW1ldCBqdXN0byBhZGlwaXNjaW5nIHZhcml1cyB1dCB1dCBw +dXJ1cy4gQWVuZWFuIGx1Y3R1cyBuaXNsIGVnZXQgbmlzbCB1bHRyaWNlcyBpbXBl +cmRpZXQuIFZpdmFtdXMgYSBuaWJoIGF0IGVsaXQgc29kYWxlcyBldWlzbW9kLiBB +ZW5lYW4gaGVuZHJlcml0IG5pc2kgdmVsIG1ldHVzIGNvbnZhbGxpcyB2dWxwdXRh +dGUuIE1vcmJpIHVybmEgdHVycGlzLCB0ZW1wb3IgYXQgcHVsdmluYXIgdmVsLCBj +b25zZWN0ZXR1ciBldSBtZXR1cy4gTmFtIGZyaW5naWxsYSBtYXVyaXMgc2VkIG9y +Y2kgcG9ydGEgYWMgbW9sbGlzIG51bGxhIGJsYW5kaXQuIEluIHVsdHJpY2llcyB2 +ZWxpdCBhdWN0b3IgYXJjdSBncmF2aWRhIGZlcm1lbnR1bS4gVXQgdmVsIG5lcXVl +IGV0IHZlbGl0IHByZXRpdW0gYmxhbmRpdCBldSBpbiBhbnRlLiBWZXN0aWJ1bHVt +IHV0IGR1aSBtYWduYS4gTmFtIGV0IGxhY3VzIGlwc3VtLCBzZWQgdGluY2lkdW50 +IHRlbGx1cy4gRG9uZWMgZWxlbWVudHVtIGVsZWlmZW5kIHRvcnRvciB1dCB2ZXN0 +aWJ1bHVtLgoKRXRpYW0gdm9sdXRwYXQgbWV0dXMgc2VkIGxvcmVtIGRhcGlidXMg +bGFjaW5pYS4gQ2xhc3MgYXB0ZW50IHRhY2l0aSBzb2Npb3NxdSBhZCBsaXRvcmEg +dG9ycXVlbnQgcGVyIGNvbnViaWEgbm9zdHJhLCBwZXIgaW5jZXB0b3MgaGltZW5h +ZW9zLiBWZXN0aWJ1bHVtIGEgYmxhbmRpdCBuaWJoLiBQaGFzZWxsdXMgZXQgbG9y +ZW0gdmVsIGVyb3MgaWFjdWxpcyB1bHRyaWNpZXMuIFNlZCBzaXQgYW1ldCBtYWdu +YSBzaXQgYW1ldCBlc3QgbW9sZXN0aWUgcHJldGl1bSBzZWQgbmVjIG9yY2kuIFN1 +c3BlbmRpc3NlIHBvdGVudGkuIE51bGxhIGNvbnZhbGxpcyBhbnRlIHZpdGFlIGRv +bG9yIGNvbnZhbGxpcyBub24gdmFyaXVzIG5lcXVlIHBlbGxlbnRlc3F1ZS4gQ3Jh +cyBldWlzbW9kIG1hc3NhIGEgZXJvcyBhbGlxdWFtIHVsdHJpY2VzLiBTZWQgdml0 +YWUgcHVydXMgdXQgbmlzaSBmYXVjaWJ1cyBmZXVnaWF0LiBQcmFlc2VudCBhIGxl +Y3R1cyBldCB2ZWxpdCBlZ2VzdGFzIHBoYXJldHJhIGV0IHNpdCBhbWV0IGRvbG9y +LiBEdWlzIHF1aXMgbGFjaW5pYSBvZGlvLiBTZWQgc2VkIGVuaW0gbGVvLiBEb25l +YyBwdWx2aW5hciBzb2xsaWNpdHVkaW4gbmVxdWUgdXQgZnJpbmdpbGxhLiBFdGlh +bSBtYWxlc3VhZGEgbmlzbCBkaWN0dW0gZXJhdCBkaWN0dW0gZGFwaWJ1cy4gRnVz +Y2UgZmFjaWxpc2lzLCBtaSB2ZWwgdmFyaXVzIG9ybmFyZSwgdG9ydG9yIG51bGxh +IG9ybmFyZSBlcm9zLCBhdCBldWlzbW9kIG5pYmggbmlzaSBldCBhdWd1ZS4gTWFl +Y2VuYXMgZWdldCBzYXBpZW4gbWkuIFNlZCBzZWQgbnVsbGEgbGVjdHVzLiBOdW5j +IGRpZ25pc3NpbSBsdWN0dXMgbGVjdHVzLCBhdCBhbGlxdWV0IGRvbG9yIHZlbmVu +YXRpcyBxdWlzLiBVdCBwdWx2aW5hciwgdG9ydG9yIHNpdCBhbWV0IHNjZWxlcmlz +cXVlIHBoYXJldHJhLCBmZWxpcyBsZW8gcHJldGl1bSBmZWxpcywgZXQgbWF0dGlz +IHNhcGllbiBtYXVyaXMgbWF0dGlzIG51bGxhLgoKU3VzcGVuZGlzc2UgcG90ZW50 +aS4gTnVuYyBxdWlzIHB1bHZpbmFyIHF1YW0uIER1aXMgZGFwaWJ1cyBiaWJlbmR1 +bSBmYWNpbGlzaXMuIE51bGxhbSBsb2JvcnRpcyBlcmF0IHNpdCBhbWV0IHF1YW0g +YWRpcGlzY2luZyBldSBtb2xlc3RpZSB0b3J0b3IgYWNjdW1zYW4uIFByYWVzZW50 +IHB1bHZpbmFyIGVuaW0gZXUganVzdG8gZGFwaWJ1cyBpbiB2aXZlcnJhIG1hdXJp +cyBjb21tb2RvLiBFdGlhbSBtb2xsaXMgY29uc2VxdWF0IHZlbGl0LCBub24gbW9s +ZXN0aWUgZXJvcyBjb25kaW1lbnR1bSBhYy4gRXRpYW0gdml0YWUgZXJhdCBuZWMg +ZWxpdCBjb25ndWUgY29uZGltZW50dW0gYSB1bGxhbWNvcnBlciB0dXJwaXMuIFZl +c3RpYnVsdW0gYW50ZSBpcHN1bSBwcmltaXMgaW4gZmF1Y2lidXMgb3JjaSBsdWN0 +dXMgZXQgdWx0cmljZXMgcG9zdWVyZSBjdWJpbGlhIEN1cmFlOyBWZXN0aWJ1bHVt +IHZpdGFlIGxvcmVtIGV0IGxlY3R1cyBjb252YWxsaXMgY29uc2VjdGV0dXIuIFN1 +c3BlbmRpc3NlIHNpdCBhbWV0IGZlbGlzIG5vbiBtZXR1cyBtYXR0aXMgbG9ib3J0 +aXMuIE1vcmJpIGV1IG51bGxhIHRvcnRvci4gTWFlY2VuYXMgaGVuZHJlcml0IG9y +Y2kgc2l0IGFtZXQgbGlndWxhIGludGVyZHVtIGV0IGlhY3VsaXMgbnVsbGEgcGxh +Y2VyYXQuIE5hbSBkaWN0dW0gbGFjdXMgYXQgYXJjdSByaG9uY3VzIGVsZWlmZW5k +LiBJbiBoYWMgaGFiaXRhc3NlIHBsYXRlYSBkaWN0dW1zdC4KCkN1cmFiaXR1ciBh +YyB2ZW5lbmF0aXMgZHVpLiBDbGFzcyBhcHRlbnQgdGFjaXRpIHNvY2lvc3F1IGFk +IGxpdG9yYSB0b3JxdWVudCBwZXIgY29udWJpYSBub3N0cmEsIHBlciBpbmNlcHRv +cyBoaW1lbmFlb3MuIEludGVnZXIgYXVjdG9yIHBvcnRhIG5lcXVlIHZlbCBwZWxs +ZW50ZXNxdWUuIEFlbmVhbiBhYyBwdXJ1cyBxdWlzIHZlbGl0IGlhY3VsaXMgcG9y +dHRpdG9yIGluIGluIHNlbS4gRHVpcyB0aW5jaWR1bnQgcmlzdXMgaW4gcmlzdXMg +ZmF1Y2lidXMgYSBhbGlxdWFtIGRpYW0gYXVjdG9yLiBOdWxsYW0gc2VtIGF1Z3Vl +LCBhZGlwaXNjaW5nIHNlZCB0aW5jaWR1bnQgcXVpcywgbW9sZXN0aWUgc2VkIGxp +YmVyby4gVmVzdGlidWx1bSBjb21tb2RvIG9kaW8gdGVtcG9yIG51bGxhIG9ybmFy +ZSBwbGFjZXJhdC4gTW9yYmkgZG9sb3IgbWFzc2EsIGJpYmVuZHVtIGluIGVsZWlm +ZW5kIGlkLCBtb2xlc3RpZSB1dCBqdXN0by4gUXVpc3F1ZSB2YXJpdXMgbnVuYyBz +aXQgYW1ldCBuaXNsIGRhcGlidXMgZmFjaWxpc2lzLiBEb25lYyB1dCBlcmF0IG1p +LiBEdWlzIGVnZXQgY29uc2VjdGV0dXIgbWFnbmEuIE1hdXJpcyBlZ2VzdGFzIHNl +bXBlciBlZ2VzdGFzLiBTZWQgZXQganVzdG8gc2VkIG51bGxhIGJsYW5kaXQgYWNj +dW1zYW4gYXQgbm9uIGxlby4gSW4gZWdldCBlc3QgaXBzdW0uIE51bGxhIHRlbGx1 +cyBsaWd1bGEsIGFsaXF1ZXQgc2l0IGFtZXQgdnVscHV0YXRlIHZpdGFlLCBtb2xs +aXMgZXUgZXJhdC4KCkFlbmVhbiBhYyBhdWd1ZSBvZGlvLiBQcm9pbiBtb2xsaXMs +IGRvbG9yIHV0IGZldWdpYXQgc3VzY2lwaXQsIGR1aSBhbnRlIGNvbnNlY3RldHVy +IG9kaW8sIHZpdGFlIGNvbmRpbWVudHVtIHRlbGx1cyBudWxsYSBhYyBmZWxpcy4g +UGVsbGVudGVzcXVlIGVnZXN0YXMgdWx0cmljZXMgbnVuYywgZXUgc2FnaXR0aXMg +c2FwaWVuIGV1aXNtb2Qgdml0YWUuIEludGVnZXIgc29sbGljaXR1ZGluIGZldWdp +YXQgbGVvIG5lYyBjb25zZWN0ZXR1ci4gUHJhZXNlbnQgc2l0IGFtZXQgc2VtIGVy +YXQsIG5lYyB2b2x1dHBhdCBsYWN1cy4gRXRpYW0gYSBsYWN1cyBudWxsYSwgbm9u +IGludGVyZHVtIGVyYXQuIE1hZWNlbmFzIHF1aXMgZGljdHVtIGxlY3R1cy4gUGVs +bGVudGVzcXVlIGFjIGxpYmVybyB2ZWwgZWxpdCB0cmlzdGlxdWUgc2VtcGVyLiBR +dWlzcXVlIGV1IHN1c2NpcGl0IGR1aS4gSW4gaGFjIGhhYml0YXNzZSBwbGF0ZWEg +ZGljdHVtc3QuIENyYXMgZXUgcG9ydGEgcXVhbS4gQ3VyYWJpdHVyIHBoYXJldHJh +LCBmZWxpcyB1dCByaG9uY3VzIHRpbmNpZHVudCwgbnVsbGEgYXVndWUgcGxhY2Vy +YXQgc2FwaWVuLCBpZCB2ZXN0aWJ1bHVtIG5pc2wgbmVxdWUgYXQgZGlhbS4KClF1 +aXNxdWUgbGFvcmVldCBkYXBpYnVzIGx1Y3R1cy4gTW9yYmkgZXJhdCBvZGlvLCBt +YXR0aXMgc2l0IGFtZXQgdWx0cmljaWVzIGV1LCBpbnRlcmR1bSBldCBudWxsYS4g +TmFtIHZ1bHB1dGF0ZSwgbWV0dXMgbm9uIGVsZW1lbnR1bSBoZW5kcmVyaXQsIHVy +bmEgcHVydXMgcGhhcmV0cmEgZWxpdCwgdml0YWUgc29kYWxlcyBwdXJ1cyBsaWd1 +bGEgbm9uIHF1YW0uIEV0aWFtIGlkIGxpZ3VsYSB0aW5jaWR1bnQgbGVvIHBlbGxl +bnRlc3F1ZSBibGFuZGl0LiBVdCBhbnRlIHVybmEsIHZlc3RpYnVsdW0gc2VkIGVs +ZW1lbnR1bSBhYywgcGVsbGVudGVzcXVlIHNpdCBhbWV0IHRvcnRvci4gRnVzY2Ug +dmVuZW5hdGlzIGNvbW1vZG8gYW50ZSBhdCB0ZW1wb3IuIE51bGxhIGluIG9kaW8g +bGVjdHVzLiBEb25lYyBsYWNpbmlhIGRhcGlidXMgdmVoaWN1bGEuIFN1c3BlbmRp +c3NlIHNjZWxlcmlzcXVlIG9kaW8gdXQgbG9yZW0gZGlnbmlzc2ltIGlkIHByZXRp +dW0gdG9ydG9yIHN1c2NpcGl0LiBOdWxsYW0gZmVsaXMgYW50ZSwgZmVybWVudHVt +IGVnZXQgc29sbGljaXR1ZGluIHNpdCBhbWV0LCBjb21tb2RvIGF0IGVuaW0uIERv +bmVjIGFsaXF1ZXQgbWF1cmlzIGluIGVsaXQgYXVjdG9yIGF0IGNvbnZhbGxpcyBx +dWFtIHVsbGFtY29ycGVyLiBEdWlzIGVuaW0gbmliaCwgdnVscHV0YXRlIGluIGZh +Y2lsaXNpcyBpZCwgYWRpcGlzY2luZyBpbnRlcmR1bSBsYWN1cy4gQWVuZWFuIHNv +bGxpY2l0dWRpbiBjb25ndWUgY29uc2VjdGV0dXIuIFByYWVzZW50IGxvYm9ydGlz +IG5pc2wgZXQgbWV0dXMgZXVpc21vZCBjb25ndWUuIFN1c3BlbmRpc3NlIGlkIHRl +bXB1cyBpcHN1bS4KCkRvbmVjIGV1IGF1Y3RvciBzYXBpZW4uIEluIHBsYWNlcmF0 +IGF1Y3RvciBtYXNzYSB1dCBwbGFjZXJhdC4gVml2YW11cyBhdCB0dXJwaXMgZWxp +dC4gRG9uZWMgY29uZ3VlIHJob25jdXMgZXN0IGEgdml2ZXJyYS4gTnVuYyBub24g +b2RpbyBlbmltLiBDdW0gc29jaWlzIG5hdG9xdWUgcGVuYXRpYnVzIGV0IG1hZ25p +cyBkaXMgcGFydHVyaWVudCBtb250ZXMsIG5hc2NldHVyIHJpZGljdWx1cyBtdXMu +IE1hZWNlbmFzIHF1aXMgbWFzc2EgbGliZXJvLCBxdWlzIGVsZW1lbnR1bSBtYXVy +aXMuIFZlc3RpYnVsdW0gYW50ZSBpcHN1bSBwcmltaXMgaW4gZmF1Y2lidXMgb3Jj +aSBsdWN0dXMgZXQgdWx0cmljZXMgcG9zdWVyZSBjdWJpbGlhIEN1cmFlOyBWZXN0 +aWJ1bHVtIHZhcml1cyB2ZWxpdCBhIG9yY2kgZ3JhdmlkYSB1bHRyaWNpZXMgc2Vk +IHZlbCBsaWd1bGEuIFZlc3RpYnVsdW0gcHJldGl1bSB2ZWhpY3VsYSBhbGlxdWV0 +LiBTdXNwZW5kaXNzZSBhdWN0b3IgY29uZ3VlIG1hZ25hLCBhYyBjb252YWxsaXMg +ZGlhbSB1bGxhbWNvcnBlciB2ZWwuCgpBZW5lYW4gcGxhY2VyYXQgbW9sbGlzIGlw +c3VtLCBuZWMgdWxsYW1jb3JwZXIgcXVhbSBoZW5kcmVyaXQgZWdldC4gQWVuZWFu +IHNlZCBpcHN1bSBhIGFyY3UgbG9ib3J0aXMgdGluY2lkdW50LiBDbGFzcyBhcHRl +bnQgdGFjaXRpIHNvY2lvc3F1IGFkIGxpdG9yYSB0b3JxdWVudCBwZXIgY29udWJp +YSBub3N0cmEsIHBlciBpbmNlcHRvcyBoaW1lbmFlb3MuIEV0aWFtIGNvbnZhbGxp +cyB0b3J0b3Igc2FnaXR0aXMgbmlzbCBwb3J0YSBmZXJtZW50dW0uIFZpdmFtdXMg +YWNjdW1zYW4gbHVjdHVzIGNvbmd1ZS4gTWF1cmlzIGV0IGxlY3R1cyBsb3JlbS4g +TnVuYyBldCBudW5jIGV0IGF1Z3VlIGdyYXZpZGEgYmliZW5kdW0uIE51bGxhbSBz +dXNjaXBpdCBhcmN1IGV0IG1hdXJpcyBpYWN1bGlzIHZpdGFlIGNvbmd1ZSBuaXNs +IHRlbXB1cy4gQ2xhc3MgYXB0ZW50IHRhY2l0aSBzb2Npb3NxdSBhZCBsaXRvcmEg +dG9ycXVlbnQgcGVyIGNvbnViaWEgbm9zdHJhLCBwZXIgaW5jZXB0b3MgaGltZW5h +ZW9zLiBDcmFzIGRvbG9yIHRlbGx1cywgbHVjdHVzIHNlZCBpbXBlcmRpZXQgZXUs +IGFjY3Vtc2FuIG5lYyBsb3JlbS4gQ3JhcyBxdWlzIGlwc3VtIGFudGUuIFZlc3Rp +YnVsdW0gYW50ZSBpcHN1bSBwcmltaXMgaW4gZmF1Y2lidXMgb3JjaSBsdWN0dXMg +ZXQgdWx0cmljZXMgcG9zdWVyZSBjdWJpbGlhIEN1cmFlOyBRdWlzcXVlIHZpdGFl +IGRpYW0gYXVndWUsIGV1IHVsdHJpY2VzIGFyY3UuIFByYWVzZW50IGFudGUgdmVs +aXQsIHZlaGljdWxhIGVnZXQgY3Vyc3VzIGV0LCBjb25zZXF1YXQgc2l0IGFtZXQg +dG9ydG9yLiBNYWVjZW5hcyB1bHRyaWNlcyBsaWd1bGEgaW4gb2RpbyB2ZWhpY3Vs +YSB0aW5jaWR1bnQuIEFlbmVhbiB1bHRyaWNpZXMgaXBzdW0gdXQgc2VtIHZ1bHB1 +dGF0ZSB2aXRhZSBwdWx2aW5hciBkaWFtIGNvbnNlY3RldHVyLiBOYW0gdmVsIGVn +ZXN0YXMgZXJvcy4KClByb2luIHVybmEgbmliaCwgYWxpcXVldCBuZWMgc2FnaXR0 +aXMgYSwgY29uZ3VlIHNlZCBqdXN0by4gTWF1cmlzIHJpc3VzIG5lcXVlLCBibGFu +ZGl0IGN1cnN1cyBzZW1wZXIgZXUsIGZlcm1lbnR1bSBlZ2V0IHB1cnVzLiBDdXJh +Yml0dXIgaW4gbGFjdXMgYXVndWUsIHNpdCBhbWV0IGNvbmRpbWVudHVtIG1pLiBN +YXVyaXMgZXUgc2VtIGlwc3VtLCBpbiB1bHRyaWNlcyBtZXR1cy4gUXVpc3F1ZSBm +cmluZ2lsbGEgc2VtIGEgbmlzaSBjb21tb2RvIHZhcml1cy4gTnVuYyB1bHRyaWNl +cyBwbGFjZXJhdCBwbGFjZXJhdC4gVml2YW11cyBub24gbGVjdHVzIGRvbG9yLCBl +Z2V0IGhlbmRyZXJpdCBhdWd1ZS4gTmFtIHV0IG1hdHRpcyBwdXJ1cy4gSW50ZWdl +ciB2ZWwgdXJuYSBldCB0ZWxsdXMgbGFjaW5pYSBmYWNpbGlzaXMgcGVsbGVudGVz +cXVlIHV0IHRlbGx1cy4gRXRpYW0gbGFvcmVldCByaXN1cyBxdWlzIGVsaXQgZGlj +dHVtIGlkIHRyaXN0aXF1ZSBsZW8gc2VtcGVyLiBVdCBvcm5hcmUgbmlzbCBldSBu +aXNsIHVsbGFtY29ycGVyIGluIHNvbGxpY2l0dWRpbiBtYXVyaXMgZ3JhdmlkYS4g +RXRpYW0gaW4gdGluY2lkdW50IHZlbGl0LiBVdCB0ZW1wdXMgdHVycGlzIHZpdGFl +IHVybmEgc2FnaXR0aXMgdmVsIHBvcnRhIHNlbSB2b2x1dHBhdC4gRHVpcyBub24g +anVzdG8gbWV0dXMsIHRlbXBvciBmYXVjaWJ1cyBxdWFtLiBBbGlxdWFtIGluIGxh +Y3VzIG5lYyBtaSB2ZXN0aWJ1bHVtIGZyaW5naWxsYS4gUHJhZXNlbnQgdGVtcG9y +IGxlY3R1cyBhdCBtZXR1cyBwb3J0YSB1dCBjb25ndWUgZHVpIGZyaW5naWxsYS4K +Ck5hbSBhYyBsZWN0dXMgc2VtLCBhdCB2aXZlcnJhIHJpc3VzLiBDcmFzIHNpdCBh +bWV0IHNvZGFsZXMgbWFzc2EuIFF1aXNxdWUgY29uc2VjdGV0dXIgbGlndWxhIHBv +c3VlcmUgdHVycGlzIGV1aXNtb2QgaW50ZXJkdW0uIFV0IGV1IHRlbGx1cyBldSBt +YXNzYSB1bHRyaWNpZXMgYmliZW5kdW0gdml0YWUgaWQgbWV0dXMuIEN1cmFiaXR1 +ciBpbXBlcmRpZXQgY29uc2VxdWF0IHRpbmNpZHVudC4gVXQgZW5pbSBxdWFtLCBj +b25zZWN0ZXR1ciBhdCBwb3J0dGl0b3IgaW4sIHZhcml1cyBldSBtYWduYS4gTnVu +YyBhcmN1IGVsaXQsIHNvZGFsZXMgbm9uIGRhcGlidXMgdnVscHV0YXRlLCBsYWNp +bmlhIGlkIGZlbGlzLiBDdXJhYml0dXIgbHVjdHVzLCByaXN1cyBxdWlzIHZpdmVy +cmEgY29udmFsbGlzLCBtYXNzYSBqdXN0byB0ZW1wdXMgbGliZXJvLCB2aXRhZSBw +b3J0dGl0b3IgbGlndWxhIHZlbGl0IGEgdHVycGlzLiBOdW5jIHZpdmVycmEsIG1l +dHVzIGEgbWFsZXN1YWRhIGNvbnZhbGxpcywgbmVxdWUgYW50ZSBiaWJlbmR1bSBu +aXNsLCBlZ2V0IGltcGVyZGlldCBlbmltIGxlY3R1cyBldSBlbmltLiBQZWxsZW50 +ZXNxdWUgZW5pbSBuaXNsLCBhZGlwaXNjaW5nIGVnZXQgbW9sZXN0aWUgYXQsIGNv +bnNlY3RldHVyIGV1IG9yY2kuIFNlZCBwb3J0YSB1bGxhbWNvcnBlciBlc3QsIG5l +YyBkaWN0dW0gdHVycGlzIHNlbXBlciBzaXQgYW1ldC4KClF1aXNxdWUgcG9ydGEg +bWkgYWMgdmVsaXQgcmhvbmN1cyBhIHZlaGljdWxhIGxlbyBjb25zZXF1YXQuIE1v +cmJpIGxhb3JlZXQgbWF1cmlzIGVsaXQuIEZ1c2NlIHNlbXBlciByaXN1cyB2ZWwg +bGFjdXMgZWdlc3RhcyByaG9uY3VzLiBQZWxsZW50ZXNxdWUgdGluY2lkdW50IG51 +bGxhIGp1c3RvLCB2aXRhZSB2ZWhpY3VsYSBsaWJlcm8uIE1hdXJpcyBkYXBpYnVz +IGR1aSBpbiBtYWduYSB0cmlzdGlxdWUgc2l0IGFtZXQgZmFjaWxpc2lzIHJpc3Vz +IGxvYm9ydGlzLiBBZW5lYW4gc2l0IGFtZXQgZG9sb3Igdml0YWUgbG9yZW0gZXVp +c21vZCBjb252YWxsaXMuIE51bGxhbSBzaXQgYW1ldCBhZGlwaXNjaW5nIGp1c3Rv +LiBWaXZhbXVzIHZlc3RpYnVsdW0gb3JuYXJlIHN1c2NpcGl0LiBWZXN0aWJ1bHVt +IG1hbGVzdWFkYSB1bHRyaWNlcyB2ZWxpdCBub24gZmV1Z2lhdC4gVmVzdGlidWx1 +bSBhbnRlIGlwc3VtIHByaW1pcyBpbiBmYXVjaWJ1cyBvcmNpIGx1Y3R1cyBldCB1 +bHRyaWNlcyBwb3N1ZXJlIGN1YmlsaWEgQ3VyYWU7IE1hdXJpcyBhcmN1IGlwc3Vt +LCBjb21tb2RvIGluIGlhY3VsaXMgc2VkLCBjb25zZXF1YXQgdXQgYXVndWUuIEFs +aXF1YW0gbGliZXJvIG1hdXJpcywgYWxpcXVldCBhdCBjb25kaW1lbnR1bSBub24s +IGhlbmRyZXJpdCBuZWMgZXJhdC4gSW4gdXQgbWF1cmlzIGxvcmVtLiBWaXZhbXVz +IGVnZXQgbGlndWxhIGlkIG5pc2kgc29sbGljaXR1ZGluIHBsYWNlcmF0IGlkIG5l +YyB0ZWxsdXMuIE51bGxhIG5vbiBmYXVjaWJ1cyBsb3JlbS4gTnVsbGEgbm9uIG5p +YmggZXUgZW5pbSB2aXZlcnJhIGNvbnNlY3RldHVyLiBNb3JiaSBsaWJlcm8gbmlz +bCwgY29udmFsbGlzIGlkIGFsaXF1YW0gaWQsIHN1c2NpcGl0IGFjIGRpYW0uIENs +YXNzIGFwdGVudCB0YWNpdGkgc29jaW9zcXUgYWQgbGl0b3JhIHRvcnF1ZW50IHBl +ciBjb251YmlhIG5vc3RyYSwgcGVyIGluY2VwdG9zIGhpbWVuYWVvcy4gSW50ZWdl +ciBlZ2V0IGFudGUgc2FwaWVuLiBTZWQgbm9uIGF1Y3RvciBtYXNzYS4KCk1hZWNl +bmFzIHRpbmNpZHVudCBncmF2aWRhIGNvbnZhbGxpcy4gVmVzdGlidWx1bSBldCBp +YWN1bGlzIGxpYmVyby4gU2VkIHVybmEgb3JjaSwgY29udmFsbGlzIGluIGNvbnNl +cXVhdCBpZCwgdWx0cmljaWVzIHF1aXMgc2VtLiBFdGlhbSBhbGlxdWV0IHNhZ2l0 +dGlzIGltcGVyZGlldC4gTWF1cmlzIG5lYyBuZXF1ZSBxdWFtLiBNb3JiaSB0aW5j +aWR1bnQgbW9sbGlzIHZlbGl0IGVnZXQgdWx0cmljZXMuIERvbmVjIGF0IHR1cnBp +cyBtYWduYSwgZXUgcGxhY2VyYXQgZXJvcy4gUXVpc3F1ZSB0b3J0b3IgbmlzbCwg +dGluY2lkdW50IGV1IGltcGVyZGlldCBxdWlzLCBwb3N1ZXJlIG5lYyBlbGl0LiBD +dW0gc29jaWlzIG5hdG9xdWUgcGVuYXRpYnVzIGV0IG1hZ25pcyBkaXMgcGFydHVy +aWVudCBtb250ZXMsIG5hc2NldHVyIHJpZGljdWx1cyBtdXMuIFF1aXNxdWUgYWxp +cXVldCBsYW9yZWV0IGRpY3R1bS4KClF1aXNxdWUgdmVsIGJpYmVuZHVtIGxlby4g +RXRpYW0gZXQgbWF1cmlzIGxhY3VzLCBzZWQgc29sbGljaXR1ZGluIG5pc2kuIFF1 +aXNxdWUgaWQgcmlzdXMgaW4gbG9yZW0gbWF0dGlzIGRpY3R1bS4gU3VzcGVuZGlz +c2UgcG90ZW50aS4gRG9uZWMgbmVjIGp1c3RvIGFyY3UsIHV0IHBlbGxlbnRlc3F1 +ZSBzZW0uIFN1c3BlbmRpc3NlIHBvdGVudGkuIFBlbGxlbnRlc3F1ZSBlZ2V0IG5p +c2kgaWQgbmlzbCBsYWNpbmlhIGltcGVyZGlldC4gTmFtIGNvbnNlY3RldHVyIGZh +Y2lsaXNpcyBsZW8gbmVjIHRlbXBvci4gRHVpcyBmZXJtZW50dW0gbGFvcmVldCB0 +dXJwaXMgZXQgcHJldGl1bS4gQ2xhc3MgYXB0ZW50IHRhY2l0aSBzb2Npb3NxdSBh +ZCBsaXRvcmEgdG9ycXVlbnQgcGVyIGNvbnViaWEgbm9zdHJhLCBwZXIgaW5jZXB0 +b3MgaGltZW5hZW9zLiBBZW5lYW4gbGFvcmVldCBlc3Qgc2l0IGFtZXQgZWxpdCBm +ZXVnaWF0IGRhcGlidXMuIEV0aWFtIHRlbXB1cyBzdXNjaXBpdCB2ZWxpdCwgb3Ju +YXJlIGRhcGlidXMgaXBzdW0gcG9ydGEgbm9uLiBOdW5jIHV0IGRvbG9yIHV0IGR1 +aSBwb3J0YSBhY2N1bXNhbi4gSW50ZWdlciBkaWN0dW0sIHNlbSBub24gc3VzY2lw +aXQgc29sbGljaXR1ZGluLCB0b3J0b3IgZXJhdCBsYW9yZWV0IHRlbGx1cywgc2l0 +IGFtZXQgcHJldGl1bSBkb2xvciBtaSB1dCBpcHN1bS4gVml2YW11cyBhdWN0b3Ig +ZGlhbSBkaWN0dW0gc2FwaWVuIGZlcm1lbnR1bSBhZGlwaXNjaW5nLiBQaGFzZWxs +dXMgc2NlbGVyaXNxdWUgb2RpbyBxdWlzIG9yY2kgY3Vyc3VzIGV0IHRlbXBvciBz +ZW0gdGluY2lkdW50LiBJbiBoYWMgaGFiaXRhc3NlIHBsYXRlYSBkaWN0dW1zdC4g +QWVuZWFuIHNvZGFsZXMsIGVzdCBldCBtYXR0aXMgc29kYWxlcywgbG9yZW0gZGlh +bSBkYXBpYnVzIHF1YW0sIGFjIHByZXRpdW0gbGFjdXMgbGVjdHVzIGV1IHNhcGll +bi4gRG9uZWMgYWRpcGlzY2luZyBsb2JvcnRpcyBtaSBlZ2V0IHZlc3RpYnVsdW0u +CgpNYWVjZW5hcyBhdCBhbnRlIGVsaXQuIEluIHRlbXB1cyBydXRydW0gZXN0LCB2 +aXRhZSBlbGVtZW50dW0gbnVuYyBtb2xlc3RpZSBhYy4gQWxpcXVhbSB1dCBlbmlt +IGFyY3UsIG5lYyBzb2RhbGVzIG51bGxhLiBVdCBkaWduaXNzaW0gYWRpcGlzY2lu +ZyBvcm5hcmUuIER1aXMgZGljdHVtIGNvbW1vZG8gaXBzdW0sIGEgb3JuYXJlIHJp +c3VzIG1hbGVzdWFkYSBzZWQuIEV0aWFtIGlkIGFyY3UgbWF1cmlzLCBuZWMgcGhh +cmV0cmEgc2FwaWVuLiBMb3JlbSBpcHN1bSBkb2xvciBzaXQgYW1ldCwgY29uc2Vj +dGV0dXIgYWRpcGlzY2luZyBlbGl0LiBBZW5lYW4gcnV0cnVtIGxlY3R1cyBzZWQg +dHVycGlzIHBvcnR0aXRvciBoZW5kcmVyaXQuIEludGVnZXIgbWV0dXMgbGVvLCBs +dWN0dXMgYWMgbGFjaW5pYSBpbiwgZWxlaWZlbmQgZXQgbmVxdWUuIFBlbGxlbnRl +c3F1ZSBiaWJlbmR1bSBudWxsYSBzaXQgYW1ldCB0ZWxsdXMgZXVpc21vZCB2ZWwg +c2NlbGVyaXNxdWUgbWFnbmEgcnV0cnVtLiBBZW5lYW4gdWx0cmljZXMgY29udmFs +bGlzIG5pc2wsIGlkIG9ybmFyZSB0ZWxsdXMgYXVjdG9yIGV1LiBRdWlzcXVlIGxv +Ym9ydGlzIGF1Y3RvciBqdXN0bywgc2l0IGFtZXQgdGluY2lkdW50IGR1aSBsYWNp +bmlhIG5lYy4gTnVsbGFtIGNvbmd1ZSBudW5jIGF0IGZlbGlzIHBvcnR0aXRvciBy +dXRydW0gbm9uIGF0IGVuaW0uCgpVdCBjb252YWxsaXMgY29uZGltZW50dW0gbGFj +dXMgc2VkIGZhY2lsaXNpcy4gQWxpcXVhbSBwcmV0aXVtIGxpZ3VsYSBlZ2V0IG1h +Z25hIHBsYWNlcmF0IHZvbHV0cGF0LiBEb25lYyBub24gbG9yZW0gcGVsbGVudGVz +cXVlIGlwc3VtIGxvYm9ydGlzIHVsbGFtY29ycGVyLiBTdXNwZW5kaXNzZSB2b2x1 +dHBhdCBmZXJtZW50dW0gbWFsZXN1YWRhLiBQcmFlc2VudCBtb2xlc3RpZSBtYWxl +c3VhZGEgbG9yZW0sIHNpdCBhbWV0IGVsZWlmZW5kIG1hc3NhIGVsZWlmZW5kIG5l +Yy4gTnVsbGEgZmFjaWxpc2lzIHRpbmNpZHVudCBlcmF0LCBpbiBwb3J0dGl0b3Ig +ZXJvcyBzYWdpdHRpcyBpZC4gU2VkIGxvYm9ydGlzLCBsaWJlcm8gYXVjdG9yIGlu +dGVyZHVtIGhlbmRyZXJpdCwgZmVsaXMgcXVhbSB2ZXN0aWJ1bHVtIG5pYmgsIGVn +ZXQgaW1wZXJkaWV0IG1hZ25hIGxpZ3VsYSBhdCBudWxsYS4gQWxpcXVhbSBlcmF0 +IHZvbHV0cGF0LiBBbGlxdWFtIG5lYyBuaXNsIHZlbGl0LiBOdW5jIGRhcGlidXMg +ZGlnbmlzc2ltIG1hc3NhIGFjIGx1Y3R1cy4gTWF1cmlzIG5vbiBvZGlvIHB1cnVz +LiBEdWlzIGVyYXQgYW50ZSwgY29uc2VjdGV0dXIgcXVpcyBjb21tb2RvIGEsIGlh +Y3VsaXMgc2VkIGVzdC4gQ3VyYWJpdHVyIGp1c3RvIGp1c3RvLCBiaWJlbmR1bSBp +biBzZW1wZXIgdmVsLCBmYXVjaWJ1cyBpbiBuaWJoLiBFdGlhbSBtYWduYSBhcmN1 +LCBldWlzbW9kIGF0IHRpbmNpZHVudCBxdWlzLCBzb2xsaWNpdHVkaW4gZXQgbGVj +dHVzLiBOdWxsYW0gcHVydXMgbWV0dXMsIGZlcm1lbnR1bSBlZ2V0IHVsdHJpY2ll +cyBuZWMsIGNvbmd1ZSBhIG5pYmguIFBoYXNlbGx1cyBhIGxhY3VzIGlwc3VtLCBp +ZCBzb2xsaWNpdHVkaW4gdmVsaXQuCgpQaGFzZWxsdXMgbm9uIHZlbGl0IG9yY2ks +IGFjIGZldWdpYXQgbGFjdXMuIEN1cmFiaXR1ciBzZWQgc2FwaWVuIG1hZ25hLiBJ +biB2ZWwgcHVsdmluYXIgZmVsaXMuIE1hdXJpcyBxdWlzIGRpYW0gcXVpcyBtYXNz +YSB2YXJpdXMgdmFyaXVzLiBQcmFlc2VudCB1dCBhdWd1ZSBsZW8sIGV0IGZhY2ls +aXNpcyBtYXNzYS4gSW50ZWdlciBhdCB2ZWxpdCBvcmNpLCBuZWMgbW9sZXN0aWUg +ZXN0LiBNb3JiaSBwb3J0YSBibGFuZGl0IHR1cnBpcyBhdCBmcmluZ2lsbGEuIFNl +ZCBsYW9yZWV0IG9kaW8gdXQgZWxpdCBmZXJtZW50dW0gc2VkIGFjY3Vtc2FuIHRv +cnRvciB2b2x1dHBhdC4gVmVzdGlidWx1bSBhbnRlIGlwc3VtIHByaW1pcyBpbiBm +YXVjaWJ1cyBvcmNpIGx1Y3R1cyBldCB1bHRyaWNlcyBwb3N1ZXJlIGN1YmlsaWEg +Q3VyYWU7IEV0aWFtIGlkIG1hc3NhIHZpdGFlIGVyb3MgaWFjdWxpcyBmYWNpbGlz +aXMgc2VkIGFjIHNlbS4gRXRpYW0gdG9ydG9yIHF1YW0sIG1hbGVzdWFkYSBpbiBz +b2RhbGVzIGEsIHZ1bHB1dGF0ZSB0aW5jaWR1bnQgcXVhbS4gTnVsbGEgZmFjaWxp +c2kuIERvbmVjIGNvbmRpbWVudHVtIHZhcml1cyB1bHRyaWNlcy4gRnVzY2UgYmxh +bmRpdCwgdmVsaXQgdml0YWUgc2NlbGVyaXNxdWUgZXVpc21vZCwgbmliaCBudWxs +YSBpbnRlcmR1bSBhcmN1LCB2ZWwgdnVscHV0YXRlIGZlbGlzIGVzdCBpbiB0b3J0 +b3IuIFNlZCB1dCB1cm5hIGZlcm1lbnR1bSBkaWFtIGVsZWlmZW5kIGxvYm9ydGlz +LgoKQWxpcXVhbSBub24gbnVuYyBvZGlvLiBBbGlxdWFtIGlkIGRpYW0gdmVsIG1p +IHBvc3VlcmUgYXVjdG9yLiBQcmFlc2VudCB0ZW1wb3IgdGVsbHVzIHF1aXMgb2Rp +byB0aW5jaWR1bnQgcG9zdWVyZS4gSW50ZWdlciBhIG1hc3NhIHB1cnVzLCBhYyBn +cmF2aWRhIG1pLiBEb25lYyB2YXJpdXMgbmVxdWUgZXUgZXJvcyBzY2VsZXJpc3F1 +ZSBibGFuZGl0LiBNYWVjZW5hcyBjb25kaW1lbnR1bSB2b2x1dHBhdCBvZGlvIHBy +ZXRpdW0gY29udmFsbGlzLiBEdWlzIHBvc3VlcmUgdmVoaWN1bGEgdm9sdXRwYXQu +IFNlZCB0aW5jaWR1bnQgc2FwaWVuIGV1IGRpYW0gY3Vyc3VzIHZpdGFlIG9ybmFy +ZSBxdWFtIGFkaXBpc2NpbmcuIE5hbSBmYXVjaWJ1cyB0aW5jaWR1bnQgZWxlaWZl +bmQuIEFlbmVhbiBmYWNpbGlzaXMgY29uc2VxdWF0IHR1cnBpcywgYWMgbG9ib3J0 +aXMgdmVsaXQgZGljdHVtIHF1aXMuIE1hdXJpcyBpbXBlcmRpZXQgY29udmFsbGlz +IGxpZ3VsYSBtYXR0aXMgY29uZ3VlLiBOdWxsYW0gdWx0cmljaWVzIGNvbmd1ZSBs +YWN1cyBldCBwcmV0aXVtLiBQcmFlc2VudCBlcm9zIGFyY3UsIGxvYm9ydGlzIHV0 +IHBvcnR0aXRvciB1dCwgaW50ZXJkdW0gZXUgbGliZXJvLiBOYW0gbmVjIG9yY2kg +ZXJhdC4gQ3JhcyBoZW5kcmVyaXQgY29uc2VjdGV0dXIgbWFzc2EsIGlkIGxvYm9y +dGlzIGFyY3UgZXVpc21vZCBpZC4gU3VzcGVuZGlzc2UgcG90ZW50aS4gTnVsbGFt +IGVnZXN0YXMsIGVyb3MgYWMgc3VzY2lwaXQgbW9sZXN0aWUsIG5lcXVlIHRlbGx1 +cyBhZGlwaXNjaW5nIG1hdXJpcywgbm9uIGNvbW1vZG8gZmVsaXMgb2RpbyB1dCBz +ZW0uIE51bGxhbSBzYWdpdHRpcyBncmF2aWRhIHByZXRpdW0uIEZ1c2NlIHJ1dHJ1 +bSBjdXJzdXMgc2NlbGVyaXNxdWUuIFF1aXNxdWUgY29udmFsbGlzLCBkb2xvciBp +biBwdWx2aW5hciBhbGlxdWV0LCBzYXBpZW4gaXBzdW0gdGVtcG9yIGR1aSwgaWQg +dHJpc3RpcXVlIGVzdCBtYXVyaXMgYXVjdG9yIGp1c3RvLgoKQWVuZWFuIGFsaXF1 +ZXQgbWV0dXMgZXUgbWFnbmEgdHJpc3RpcXVlIGV1IGZlcm1lbnR1bSBtYWduYSB1 +bGxhbWNvcnBlci4gQWVuZWFuIHNjZWxlcmlzcXVlIGJsYW5kaXQgZWxlaWZlbmQu +IEludGVnZXIgYSBvcm5hcmUgb2Rpby4gTWFlY2VuYXMgZWxlaWZlbmQgaGVuZHJl +cml0IGFudGUgaWQgbW9sZXN0aWUuIE1hdXJpcyByaG9uY3VzIHBsYWNlcmF0IGFs +aXF1YW0uIFN1c3BlbmRpc3NlIGEgZWxpdCBkaWFtLCBldCBwaGFyZXRyYSBlc3Qu +IER1aXMgZWxlbWVudHVtIG9yY2kgZXUgYW50ZSBtYXR0aXMgYWMgY29uZ3VlIG5p +c2wgYWxpcXVldC4gSW50ZWdlciBzaXQgYW1ldCBkb2xvciBldCBtYXVyaXMgZWxl +aWZlbmQgbGFvcmVldC4gU2VkIGFsaXF1ZXQgcHJldGl1bSBudWxsYSwgaW4gZWxl +aWZlbmQgYXVndWUgcnV0cnVtIHF1aXMuIFF1aXNxdWUgZGFwaWJ1cyBuaXNsIHZp +dGFlIHRlbGx1cyBpbnRlcmR1bSBldSBibGFuZGl0IGFyY3UgY29uc2VxdWF0LiBF +dGlhbSBzZWQgcHVydXMgcmlzdXMuIEZ1c2NlIHR1cnBpcyBsaWJlcm8sIGFsaXF1 +YW0gbmVjIGxhY2luaWEgYXQsIGJsYW5kaXQgbmVjIG51bmMuIFByYWVzZW50IHZp +dmVycmEsIGxvcmVtIGFjIHBvcnR0aXRvciBtYWxlc3VhZGEsIGxvcmVtIHZlbGl0 +IHNvbGxpY2l0dWRpbiB2ZWxpdCwgc2l0IGFtZXQgdGluY2lkdW50IHVybmEgZHVp +IHZpdGFlIGxlby4KCkRvbmVjIHZpdGFlIGZlbGlzIHF1aXMgZW5pbSB2dWxwdXRh +dGUgcmhvbmN1cy4gUHJhZXNlbnQgZWxlbWVudHVtIHRyaXN0aXF1ZSBjb25ndWUu +IERvbmVjIHF1aXMgbWV0dXMgbmliaC4gTWFlY2VuYXMgYXJjdSBhbnRlLCBsYWNp +bmlhIGluIGRhcGlidXMgaWQsIGZlcm1lbnR1bSBzZWQgZXJhdC4gTW9yYmkgYWRp +cGlzY2luZyBncmF2aWRhIG1hZ25hLCB1dCBwb3N1ZXJlIG9kaW8gZmV1Z2lhdCB2 +aXRhZS4gU3VzcGVuZGlzc2UgcG9ydGEgbHVjdHVzIGxhb3JlZXQuIEFsaXF1YW0g +aW4gZXJhdCBzaXQgYW1ldCBvZGlvIHZlaGljdWxhIG9ybmFyZSBxdWlzIGF0IGR1 +aS4gU3VzcGVuZGlzc2Ugbm9uIGxvcmVtIHZpdGFlIGxpZ3VsYSBsdWN0dXMgY29u +c2VjdGV0dXIgYWMgaWQgcHVydXMuIE51bmMgdXQgbmlzaSBqdXN0by4gTnVsbGFt +IGVnZXQgc2FwaWVuIGNvbW1vZG8gZHVpIHN1c2NpcGl0IHBlbGxlbnRlc3F1ZS4g +Vml2YW11cyBzZW1wZXIgbWkgc2VkIGFyY3Ugc2VtcGVyIHZhcml1cy4gQ3JhcyBh +bGlxdWV0IHZlc3RpYnVsdW0gc2FwaWVuLCBhIGludGVyZHVtIG1pIHVsbGFtY29y +cGVyIHZlbC4gTW9yYmkgcHVydXMgZGlhbSwgb3JuYXJlIG5vbiB0ZW1wb3Igbm9u +LCBjb252YWxsaXMgbmVjIGVuaW0uIE51bGxhbSB0cmlzdGlxdWUgdnVscHV0YXRl +IGxlbyBuZWMgZmFjaWxpc2lzLiBQZWxsZW50ZXNxdWUgaGFiaXRhbnQgbW9yYmkg +dHJpc3RpcXVlIHNlbmVjdHVzIGV0IG5ldHVzIGV0IG1hbGVzdWFkYSBmYW1lcyBh +YyB0dXJwaXMgZWdlc3Rhcy4KCk1vcmJpIGltcGVyZGlldCB2ZWhpY3VsYSBjb25n +dWUuIE1hdXJpcyBxdWlzIG51bGxhIG9kaW8sIGEgZmF1Y2lidXMgdXJuYS4gTnVs +bGEgZXQgZXJvcyBkb2xvci4gRnVzY2UgYSBmYXVjaWJ1cyBpcHN1bS4gTWF1cmlz +IGZlcm1lbnR1bSBmZXVnaWF0IGRpZ25pc3NpbS4gVXQgYSBqdXN0byBlbGl0LCBu +b24gYXVjdG9yIHF1YW0uIFNlZCBsYWN1cyBhdWd1ZSwgcGxhY2VyYXQgYXQgYWxp +cXVhbSBub24sIG1hdHRpcyBpZCBtaS4gQWVuZWFuIGEgbGFvcmVldCBlcm9zLiBD +cmFzIHVsdHJpY2llcyBlbGl0IGluIG51bmMgc3VzY2lwaXQgaWQgc29sbGljaXR1 +ZGluIGVuaW0gY29uZGltZW50dW0uIFBoYXNlbGx1cyBkaWduaXNzaW0gbmlzaSBx +dWlzIGxlbyBpbnRlcmR1bSBwaGFyZXRyYS4gRG9uZWMgc2l0IGFtZXQgbGVvIGEg +ZHVpIHZpdmVycmEgbW9sZXN0aWUuIEN1cmFiaXR1ciBsb2JvcnRpcyBzYXBpZW4g +cXVpcyBuZXF1ZSBwdWx2aW5hciBhdCBmcmluZ2lsbGEgbmlzaSB2ZWhpY3VsYS4K +ClByYWVzZW50IG5vbiBwdXJ1cyB0ZWxsdXMuIEludGVnZXIgaWFjdWxpcyBkYXBp +YnVzIG5pc2wsIHRyaXN0aXF1ZSB2ZXN0aWJ1bHVtIG1pIG1hbGVzdWFkYSBzaXQg +YW1ldC4gU2VkIGxvYm9ydGlzIGhlbmRyZXJpdCBsb2JvcnRpcy4gUXVpc3F1ZSB0 +ZW1wb3IsIGFyY3UgYWMgdGVtcHVzIGF1Y3RvciwgbmVxdWUgcXVhbSBkaWN0dW0g +cXVhbSwgdml0YWUgZ3JhdmlkYSBsaWd1bGEgbmliaCBldSBhdWd1ZS4gQWVuZWFu +IGV1aXNtb2QgdGVtcG9yIGlwc3VtIGEgaGVuZHJlcml0LiBDcmFzIGRvbG9yIGxp +Z3VsYSwgZmF1Y2lidXMgYWMgaGVuZHJlcml0IGVnZXQsIGFsaXF1YW0gYSBuaXNs +LiBJbnRlZ2VyIG5lYyBjb25zZXF1YXQganVzdG8uIEludGVnZXIgcGhhcmV0cmEg +c2NlbGVyaXNxdWUgbGVvLiBBZW5lYW4gZXVpc21vZCB2ZWhpY3VsYSBhbnRlIG5v +biBwaGFyZXRyYS4gVmVzdGlidWx1bSBzb2xsaWNpdHVkaW4ganVzdG8gZXUgc2Vt +IGxhb3JlZXQgaW4gdGVtcHVzIG5lcXVlIGNvbW1vZG8uCgpVdCBpbiBhcmN1IGFu +dGUuIEN1cmFiaXR1ciB1bHRyaWNpZXMgdmVsaXQgZGlhbS4gQWxpcXVhbSB2ZWxp +dCBlcm9zLCB2b2x1dHBhdCBxdWlzIGN1cnN1cyBpZCwgdmVoaWN1bGEgYWMgdG9y +dG9yLiBOdWxsYSBwcmV0aXVtLCBlcmF0IGlkIGZhY2lsaXNpcyBibGFuZGl0LCBy +aXN1cyB0ZWxsdXMgYWxpcXVldCBvcmNpLCB2ZWwgY29uZGltZW50dW0gbmliaCBl +bGl0IHZpdGFlIGVsaXQuIFBoYXNlbGx1cyB1bGxhbWNvcnBlciBjb25zZWN0ZXR1 +ciBhbnRlIHNpdCBhbWV0IGx1Y3R1cy4gTnVsbGEgdXQgbnVsbGEgZWdldCBlcm9z +IGRpY3R1bSBwZWxsZW50ZXNxdWUgdmVsIHV0IG51bGxhLiBEb25lYyBsYW9yZWV0 +IHZpdmVycmEgbWFnbmEgdXQgaW50ZXJkdW0uIFZpdmFtdXMgcHVsdmluYXIgc2Fw +aWVuIGNvbnZhbGxpcyBtYWduYSBzb2RhbGVzIGVnZXQgZWdlc3RhcyBlc3QgaW1w +ZXJkaWV0LiBRdWlzcXVlIGZhY2lsaXNpcyBhbGlxdWFtIHNvZGFsZXMuIEV0aWFt +IGZlcm1lbnR1bSwgb2RpbyBhYyBzZW1wZXIgc2NlbGVyaXNxdWUsIHB1cnVzIGVu +aW0gaW1wZXJkaWV0IGF1Z3VlLCBzaXQgYW1ldCBkaWduaXNzaW0gc2FwaWVuIHRv +cnRvciBuZWMgbWF1cmlzLiBTdXNwZW5kaXNzZSBlbGVpZmVuZCBjb21tb2RvIG51 +bmMgcXVpcyBjb25zZWN0ZXR1ci4gRG9uZWMgZWdldCB0cmlzdGlxdWUgbGVvLgoK +U3VzcGVuZGlzc2Ugc29sbGljaXR1ZGluIHBoYXJldHJhIHNlbXBlci4gU2VkIGp1 +c3RvIGVzdCwgZmF1Y2lidXMgaWQgY3Vyc3VzIGEsIHBlbGxlbnRlc3F1ZSBpbiBt +aS4gTWF1cmlzIHNhZ2l0dGlzLCBpcHN1bSBjdXJzdXMgYmxhbmRpdCBpbXBlcmRp +ZXQsIGVzdCBlc3QgbHVjdHVzIHJpc3VzLCBxdWlzIGZlcm1lbnR1bSBsZW8gb3Jj +aSBhIG9kaW8uIE51bmMgc2l0IGFtZXQgdmVsaXQgaXBzdW0uIE5hbSBldWlzbW9k +IHB1bHZpbmFyIG1ldHVzLCBhYyBhZGlwaXNjaW5nIGR1aSB1bGxhbWNvcnBlciBh +LiBWZXN0aWJ1bHVtIGFudGUgaXBzdW0gcHJpbWlzIGluIGZhdWNpYnVzIG9yY2kg +bHVjdHVzIGV0IHVsdHJpY2VzIHBvc3VlcmUgY3ViaWxpYSBDdXJhZTsgU2VkIG1v +bGVzdGllIHRpbmNpZHVudCBkb2xvciwgc2VkIHByZXRpdW0gbWFnbmEgY29uc2Vj +dGV0dXIgdXQuIExvcmVtIGlwc3VtIGRvbG9yIHNpdCBhbWV0LCBjb25zZWN0ZXR1 +ciBhZGlwaXNjaW5nIGVsaXQuIEFsaXF1YW0gbGVjdHVzIGxpZ3VsYSwgaW50ZXJk +dW0gYXQgbG9ib3J0aXMgaWQsIGNvbnZhbGxpcyBzaXQgYW1ldCBzZW0uIFNlZCBl +Z2V0IG5lcXVlIGluIGFyY3UgdWx0cmljZXMgZmV1Z2lhdC4gUHJvaW4gdnVscHV0 +YXRlIGxlbyBlZ2V0IGVyb3MgZGFwaWJ1cyBhbGlxdWV0LiBGdXNjZSBmYWNpbGlz +aXMgY29uc2VxdWF0IGRpYW0sIHNlZCB2ZXN0aWJ1bHVtIG1pIHVsdHJpY2llcyBl +Z2V0LiBVdCBwb3N1ZXJlIGNvbmd1ZSBsaWJlcm8gc2l0IGFtZXQgZGlnbmlzc2lt +LiBQcm9pbiBxdWlzIGFyY3UgbGliZXJvLgoKVmVzdGlidWx1bSBhdCBhdWd1ZSBt +YXVyaXMuIEFsaXF1YW0gc2FnaXR0aXMgcG9ydGEgYW50ZSBpbiB2YXJpdXMuIFZl +c3RpYnVsdW0gbHVjdHVzIGlhY3VsaXMgYXJjdSBhIGludGVyZHVtLiBVdCB2YXJp +dXMgaGVuZHJlcml0IGxhY3VzIG5lYyBzYWdpdHRpcy4gU2VkIHV0IHJpc3VzIGFj +IGxlY3R1cyB1bHRyaWNpZXMgbW9sbGlzLiBOdW5jIGZldWdpYXQgc3VzY2lwaXQg +bnVuYyBxdWlzIGVsZW1lbnR1bS4gU3VzcGVuZGlzc2UgcG90ZW50aS4gRnVzY2Ug +bGFvcmVldCBlbGl0IGV1IG9kaW8gZnJpbmdpbGxhIHBlbGxlbnRlc3F1ZS4gRXRp +YW0gdml0YWUgYXJjdSBxdWlzIHF1YW0gc29kYWxlcyBmYWNpbGlzaXMgY29uc2Vx +dWF0IHV0IG9yY2kuIFBoYXNlbGx1cyB2aXRhZSBxdWFtIHF1aXMgbGVvIGNvbmd1 +ZSBpbnRlcmR1bSBzZWQgc3VzY2lwaXQgZXN0LiBNYWVjZW5hcyBjb25kaW1lbnR1 +bSwgbWFzc2EgZWdldCB0ZW1wb3IgcGhhcmV0cmEsIGVyYXQgbGVvIGxhY2luaWEg +b2Rpbywgc2l0IGFtZXQgZmV1Z2lhdCBtYXVyaXMgcmlzdXMgc2VkIHNhcGllbi4g +TW9yYmkgYXJjdSBsb3JlbSwgZGFwaWJ1cyBlZ2V0IHZlbmVuYXRpcyBzZWQsIHNl +bXBlciBlZ2V0IGVyb3MuIENyYXMgc2VtcGVyIHVsdHJpY2llcyBlcm9zIHZvbHV0 +cGF0IHZ1bHB1dGF0ZS4gTW9yYmkgYXQgbnVuYyBlZ2V0IG5pYmggZmV1Z2lhdCB0 +ZW1wdXMuCgpJbiBlZ2V0IGVsaXQgYSBkaWFtIHBsYWNlcmF0IHZvbHV0cGF0IHNl +ZCB0ZW1wdXMgZGlhbS4gTWFlY2VuYXMgdGVtcG9yIHNlbSBpZCBzZW0gdml2ZXJy +YSB2ZWwgZmVybWVudHVtIHJpc3VzIHBvcnR0aXRvci4gUHJvaW4gYSBtZXR1cyBt +ZXR1cy4gQWVuZWFuIHF1aXMgdGluY2lkdW50IG1hZ25hLiBEb25lYyBzaXQgYW1l +dCBwb3N1ZXJlIHJpc3VzLiBEb25lYyBlc3QganVzdG8sIGRhcGlidXMgaW4gc29s +bGljaXR1ZGluIGV1LCB2ZW5lbmF0aXMgc2l0IGFtZXQgZWxpdC4gQ2xhc3MgYXB0 +ZW50IHRhY2l0aSBzb2Npb3NxdSBhZCBsaXRvcmEgdG9ycXVlbnQgcGVyIGNvbnVi +aWEgbm9zdHJhLCBwZXIgaW5jZXB0b3MgaGltZW5hZW9zLiBDcmFzIGluIHR1cnBp +cyBuZWMgbnVuYyBmcmluZ2lsbGEgaWFjdWxpcy4gRXRpYW0gc3VzY2lwaXQgbmli +aCB2aXRhZSBsaWJlcm8gcGVsbGVudGVzcXVlIHZpdmVycmEuIENyYXMgaWQgbGVj +dHVzIHF1aXMgZW5pbSBvcm5hcmUgbW9sZXN0aWUgdml0YWUgdmVsIHRlbGx1cy4g +SW4gdmVzdGlidWx1bSB2dWxwdXRhdGUgdHVycGlzIGlkIHBvc3VlcmUuCgpOYW0g +ZXN0IGVyYXQsIHJob25jdXMgbm9uIGltcGVyZGlldCBpbiwgc2FnaXR0aXMgdml0 +YWUgaXBzdW0uIE51bGxhIHJ1dHJ1bSB0aW5jaWR1bnQgbGVjdHVzIGV0IGJsYW5k +aXQuIFV0IHNlZCBsaWd1bGEgbmlzbCwgbm9uIGRpY3R1bSBlcmF0LiBBZW5lYW4g +bG9yZW0gZW5pbSwgbW9sbGlzIHV0IHRpbmNpZHVudCBpZCwgY29tbW9kbyBzaXQg +YW1ldCBuaXNsLiBNYWVjZW5hcyBibGFuZGl0IHJob25jdXMgc2VtcGVyLiBGdXNj +ZSBhIG1hc3NhIG9yY2ksIGV0IHZlbmVuYXRpcyBhcmN1LiBNYXVyaXMgbW9sbGlz +IGR1aSBxdWlzIGZlbGlzIGJpYmVuZHVtIHBoYXJldHJhLiBDcmFzIHNlZCBpcHN1 +bSBtYXNzYSwgcG9ydHRpdG9yIHB1bHZpbmFyIG5pc2kuIExvcmVtIGlwc3VtIGRv +bG9yIHNpdCBhbWV0LCBjb25zZWN0ZXR1ciBhZGlwaXNjaW5nIGVsaXQuIFZpdmFt +dXMgY3Vyc3VzIGVsaXQgc2FnaXR0aXMgbGliZXJvIGhlbmRyZXJpdCB2ZXN0aWJ1 +bHVtLiBTZWQgcG9ydHRpdG9yLCB0b3J0b3IgdGluY2lkdW50IHBvcnR0aXRvciBz +ZW1wZXIsIGRpYW0gbWFnbmEgZWxlaWZlbmQgbnVuYywgc2VkIGNvbmRpbWVudHVt +IG5pYmggZXJhdCBxdWlzIG9kaW8uIERvbmVjIHBvc3VlcmUgdmVoaWN1bGEgcHVy +dXMsIGluIHB1bHZpbmFyIG9kaW8gaW50ZXJkdW0gZXUuIFZlc3RpYnVsdW0gZmFj +aWxpc2lzIHRpbmNpZHVudCBkYXBpYnVzLiBGdXNjZSBsdWN0dXMgbG9yZW0gZWdl +dCBxdWFtIGFjY3Vtc2FuIGluIG1hdHRpcyBuaWJoIHZvbHV0cGF0LiBOdWxsYW0g +ZXQgbGVvIGEgdXJuYSBwb3J0YSB2YXJpdXMgbm9uIHZpdGFlIGR1aS4gU2VkIGlu +dGVyZHVtLCBtZXR1cyBldSBydXRydW0gcGhhcmV0cmEsIG5pc2wgc2VtIHRlbXB1 +cyBqdXN0bywgdmFyaXVzIGNvbnZhbGxpcyBpcHN1bSBkaWFtIHV0IGxlY3R1cy4K +CkluIGhhYyBoYWJpdGFzc2UgcGxhdGVhIGRpY3R1bXN0LiBWZXN0aWJ1bHVtIGNv +bmd1ZSBzb2RhbGVzIG5pc2kgcXVpcyBvcm5hcmUuIEZ1c2NlIGN1cnN1cyBuaXNp +IGF0IHR1cnBpcyBjb25ndWUgaGVuZHJlcml0LiBWZXN0aWJ1bHVtIG5vbiBsYWN1 +cyB2ZWwgc2FwaWVuIHB1bHZpbmFyIHZlaGljdWxhIGF0IGluIGFudGUuIE51bGxh +IGZhY2lsaXNpLiBVdCB0cmlzdGlxdWUgdGluY2lkdW50IGVyYXQgaWQgbHVjdHVz +LiBDdXJhYml0dXIgcG9zdWVyZSBzb2RhbGVzIG5lcXVlIHF1aXMgdmFyaXVzLiBD +dXJhYml0dXIgY3Vyc3VzIGFjY3Vtc2FuIGlwc3VtLCB2ZWwgbHVjdHVzIGxpZ3Vs +YSBkYXBpYnVzIG5vbi4gQ3JhcyB2ZWhpY3VsYSBtYWduYSBpbiBsYWN1cyBvcm5h +cmUgZGFwaWJ1cy4gRG9uZWMgYWxpcXVldCBzb2xsaWNpdHVkaW4gbGFjdXMsIGV1 +IGlhY3VsaXMgZXJhdCBiaWJlbmR1bSBjb21tb2RvLiBEb25lYyBibGFuZGl0IGJp +YmVuZHVtIGZldWdpYXQuIFByYWVzZW50IGV1IGVzdCBqdXN0by4gUGVsbGVudGVz +cXVlIGF0IGVuaW0gc2VkIHNlbSB2aXZlcnJhIGNvbnZhbGxpcy4gTWFlY2VuYXMg +dmVuZW5hdGlzIG1ldHVzIHNhcGllbi4gU2VkIHBsYWNlcmF0IGZhY2lsaXNpcyBl +bGl0IG5lYyBtYWxlc3VhZGEuIEZ1c2NlIHNhcGllbiBlc3QsIGNvbnNlcXVhdCBh +IGNvbmd1ZSBlZ2V0LCBhY2N1bXNhbiBlZ2V0IGxvcmVtLiBTdXNwZW5kaXNzZSB0 +aW5jaWR1bnQgcHJldGl1bSBtYWduYSBlZ2V0IGRhcGlidXMuIEZ1c2NlIHZlbCBl +cm9zIGV0IGxvcmVtIGNvbnNlcXVhdCB0cmlzdGlxdWUgbmVjIGEgaXBzdW0uCgpQ +cm9pbiBxdWlzIGN1cnN1cyBhcmN1LiBNYWVjZW5hcyBlbGVpZmVuZCBsb3JlbSBp +ZCBuaXNsIHNjZWxlcmlzcXVlIHBsYWNlcmF0LiBGdXNjZSBpbXBlcmRpZXQgbG9y +ZW0gZXUgdXJuYSBkaWduaXNzaW0gZmVybWVudHVtLiBQZWxsZW50ZXNxdWUgbnVu +YyBuaXNsLCBpbXBlcmRpZXQgdXQgYWNjdW1zYW4gaWQsIGZlcm1lbnR1bSBub24g +bWF1cmlzLiBBZW5lYW4gZnJpbmdpbGxhIGxlY3R1cyB2aXRhZSB0dXJwaXMgZmVy +bWVudHVtIHZpdGFlIGZhY2lsaXNpcyBvZGlvIG1vbGxpcy4gQWVuZWFuIG5vbiBz +ZW0gZXQgZXJvcyBjb25ndWUgcG9ydGEgaWQgc2l0IGFtZXQgZGlhbS4gRG9uZWMg +ZnJpbmdpbGxhIGVyb3MgYXQgcXVhbSBpbXBlcmRpZXQgYXQgZ3JhdmlkYSB0b3J0 +b3IgdWxsYW1jb3JwZXIuIEZ1c2NlIGRvbG9yIHJpc3VzLCB2aXZlcnJhIGlkIGFs +aXF1ZXQgc2VkLCBkaWduaXNzaW0gcXVpcyBtYXVyaXMuIFF1aXNxdWUgYWMgbWV0 +dXMgaWQgcXVhbSBsb2JvcnRpcyB0cmlzdGlxdWUgYXQgdmVsIGVuaW0uIFBoYXNl +bGx1cyBpbiB0b3J0b3IgbWF1cmlzLiBTZWQgdGluY2lkdW50IGR1aSBub24gZXJv +cyBzb2xsaWNpdHVkaW4gdm9sdXRwYXQuIEN1cmFiaXR1ciB2aXZlcnJhIGVsZW1l +bnR1bSBhcmN1IGFjIHVsdHJpY2VzLiBOdWxsYSBmZWxpcyBsaWd1bGEsIGF1Y3Rv +ciBhdCBsYWNpbmlhIHNlZCwgdGluY2lkdW50IGF0IG1pLiBJbiB2ZWwgZWxpdCBv +cmNpLiBWZXN0aWJ1bHVtIGVyYXQgbmlzaSwgbW9sZXN0aWUgdmVsIGF1Y3RvciB2 +ZWwsIHNhZ2l0dGlzIGFjIGxlY3R1cy4gUGVsbGVudGVzcXVlIHVsdHJpY2llcyBj +b25kaW1lbnR1bSBudWxsYSBuZWMgZXVpc21vZC4KCkRvbmVjIGNvbnNlY3RldHVy +IHZlbmVuYXRpcyBzZW1wZXIuIFN1c3BlbmRpc3NlIHZlbCBkaWN0dW0gYXVndWUu +IFBlbGxlbnRlc3F1ZSBub24gbWF1cmlzIGp1c3RvLiBEb25lYyBhY2N1bXNhbiwg +bWV0dXMgdXQgcHJldGl1bSBtb2xlc3RpZSwgbGlndWxhIGp1c3RvIGx1Y3R1cyBv +cmNpLCBub24gdmFyaXVzIG1pIG5pYmggZXUganVzdG8uIFZlc3RpYnVsdW0gc2Vt +IHNlbSwgdGluY2lkdW50IGVnZXQgcG9ydGEgYSwgZmVybWVudHVtIGV0IHNhcGll +bi4gTnVsbGEgZmFjaWxpc2kuIFBlbGxlbnRlc3F1ZSBpbiB2ZXN0aWJ1bHVtIGFu +dGUuIE51bmMgaWFjdWxpcyBsaWd1bGEgbmVjIG9kaW8gc2FnaXR0aXMgbmVjIHBv +cnR0aXRvciBuaWJoIHNlbXBlci4gVXQgZWdldCBtZXR1cyBvcmNpLiBQcm9pbiBn +cmF2aWRhIG9yY2kgZGlnbmlzc2ltIGRpYW0gaWFjdWxpcyBhY2N1bXNhbi4gQWVu +ZWFuIGF1Z3VlIG9yY2ksIHBsYWNlcmF0IGV0IGNvbnZhbGxpcyBlZ2V0LCBzb2Rh +bGVzIHF1aXMgZGlhbS4gU2VkIHN1c2NpcGl0IG5pc2kgcXVpcyBsaWJlcm8gc29s +bGljaXR1ZGluIGV1IG1vbGxpcyBuZXF1ZSBtb2xlc3RpZS4gTWFlY2VuYXMgcHVy +dXMgbmlzbCwgY29uc2VjdGV0dXIgbm9uIHZlaGljdWxhIHNpdCBhbWV0LCB1bGxh +bWNvcnBlciBxdWlzIG5pYmguIFByYWVzZW50IHF1YW0gaXBzdW0sIG1vbGVzdGll +IGV1IHB1bHZpbmFyIGF0LCBpYWN1bGlzIGV1IHR1cnBpcy4gQ3JhcyBuZWMgZWxp +dCB1dCBsaWJlcm8gc3VzY2lwaXQgYWxpcXVldCBldCBuZWMgbGVjdHVzLiBWZXN0 +aWJ1bHVtIHB1cnVzIGF1Z3VlLCB0cmlzdGlxdWUgdml0YWUgY29udmFsbGlzIGF0 +LCB2ZWhpY3VsYSBub24gbWV0dXMuIEZ1c2NlIGx1Y3R1cyBjb25ndWUgbWksIHZl +bCBzYWdpdHRpcyBkb2xvciBtb2xsaXMgdmVsLiBQcmFlc2VudCBpbiBudW5jIGFj +Y3Vtc2FuIGxvcmVtIGxvYm9ydGlzIGlhY3VsaXMgdXQgdml0YWUgaXBzdW0uIFN1 +c3BlbmRpc3NlIHB1bHZpbmFyLCBudW5jIGFjIGFsaXF1ZXQgc2VtcGVyLCBsYWN1 +cyBsb3JlbSBldWlzbW9kIHB1cnVzLCB2ZWwgbW9sbGlzIG1ldHVzIHJpc3VzIG5l +YyBzYXBpZW4uCgpJbiB2ZW5lbmF0aXMgcG9zdWVyZSBzYXBpZW4sIHNpdCBhbWV0 +IGV1aXNtb2QgZG9sb3IgcGVsbGVudGVzcXVlIGV1LiBQcmFlc2VudCBsYW9yZWV0 +IGZlbGlzIHV0IG1ldHVzIHZlc3RpYnVsdW0gY29uZGltZW50dW0uIFV0IHNjZWxl +cmlzcXVlIGxlbyBhdWd1ZS4gU3VzcGVuZGlzc2Ugdml0YWUgZG9sb3IgcHVydXMs +IGlkIHJ1dHJ1bSBhbnRlLiBGdXNjZSBpbiB2ZWxpdCBhbnRlLCBhIHBlbGxlbnRl +c3F1ZSBtaS4gTWFlY2VuYXMgdmVsIHJpc3VzIGVnZXQgb3JjaSBmZXJtZW50dW0g +cHJldGl1bSBuZWMgdmVsIHNhcGllbi4gUGhhc2VsbHVzIGlwc3VtIG1hZ25hLCBi +aWJlbmR1bSBxdWlzIGZhdWNpYnVzIHZlbCwgcGxhY2VyYXQgaWQgbWFnbmEuIFZp +dmFtdXMgcXVhbSBkdWksIGNvbnNlY3RldHVyIHNlZCBwdWx2aW5hciBldSwgaW50 +ZXJkdW0gaWQgaXBzdW0uIENyYXMgbG9ib3J0aXMgZmFjaWxpc2lzIHJ1dHJ1bS4g +Q3VtIHNvY2lpcyBuYXRvcXVlIHBlbmF0aWJ1cyBldCBtYWduaXMgZGlzIHBhcnR1 +cmllbnQgbW9udGVzLCBuYXNjZXR1ciByaWRpY3VsdXMgbXVzLiBOYW0gdmVzdGli +dWx1bSBudW5jIHNlZCBqdXN0byBkaWduaXNzaW0gYWMgdGluY2lkdW50IHNhcGll +biBjb25ndWUuCgpQaGFzZWxsdXMgbm9uIGRpY3R1bSB0dXJwaXMuIFByb2luIGVn +ZXQgbWFzc2EgbGFjaW5pYSBsaWJlcm8gcnV0cnVtIHZlc3RpYnVsdW0uIE51bGxh +IGFsaXF1ZXQgbGliZXJvIGlkIHNhcGllbiBhbGlxdWFtIGZlcm1lbnR1bS4gVml2 +YW11cyBsZWN0dXMgaXBzdW0sIHBoYXJldHJhIHV0IGRhcGlidXMgdXQsIGFsaXF1 +YW0gYWMgbmVxdWUuIFZpdmFtdXMgZmF1Y2lidXMgbWkgcXVpcyBtYXVyaXMgcnV0 +cnVtIGFjIHBsYWNlcmF0IG5pc2kgc2NlbGVyaXNxdWUuIE1hdXJpcyBlbGl0IG9y +Y2ksIGFkaXBpc2NpbmcgZXUgY29uc2VxdWF0IGlkLCB2ZW5lbmF0aXMgaW4gbnVu +Yy4gQWVuZWFuIG5vbiBibGFuZGl0IGxpYmVyby4gU3VzcGVuZGlzc2UgaWQgYXVn +dWUgZHVpLiBRdWlzcXVlIG5lYyBvcmNpIHZlbCBvZGlvIG1hdHRpcyBncmF2aWRh +LiBWZXN0aWJ1bHVtIGFudGUgaXBzdW0gcHJpbWlzIGluIGZhdWNpYnVzIG9yY2kg +bHVjdHVzIGV0IHVsdHJpY2VzIHBvc3VlcmUgY3ViaWxpYSBDdXJhZTsgTWF1cmlz +IHZvbHV0cGF0IGR1aSB1dCBsYWN1cyBhZGlwaXNjaW5nIGJpYmVuZHVtLiBMb3Jl +bSBpcHN1bSBkb2xvciBzaXQgYW1ldCwgY29uc2VjdGV0dXIgYWRpcGlzY2luZyBl +bGl0LiBWaXZhbXVzIHZlbmVuYXRpcyBqdXN0byBldSBzYXBpZW4gZmVybWVudHVt +IGNvbmd1ZSBxdWlzIGluIG51bmMuIE51bGxhbSBsYWNpbmlhIGVyb3MgbG9yZW0s +IHV0IGFsaXF1YW0gb3JjaS4gUGhhc2VsbHVzIHN1c2NpcGl0LCBsYWN1cyBldCB0 +ZW1wb3Igc2VtcGVyLCBlc3QgbWF1cmlzIGNvbmd1ZSBtYXNzYSwgc2VkIHVsdHJp +Y2VzIG9yY2kgZGlhbSB2aXRhZSBpcHN1bS4KCk51bGxhIGZhY2lsaXNpLiBTZWQg +cG9zdWVyZSBmcmluZ2lsbGEgZmVsaXMsIGFjIHZlbmVuYXRpcyBkdWkgdnVscHV0 +YXRlIHV0LiBQcm9pbiBlbGVpZmVuZCB0ZW1wb3IgbW9sZXN0aWUuIE51bGxhIHRp +bmNpZHVudCBsZWN0dXMgdml0YWUgbmVxdWUgYmliZW5kdW0gcHJldGl1bS4gSW4g +bGliZXJvIG5pc2wsIHRyaXN0aXF1ZSBuZWMgYmliZW5kdW0gc2l0IGFtZXQsIHVs +bGFtY29ycGVyIG5lYyBlcmF0LiBTdXNwZW5kaXNzZSBpbnRlcmR1bSBwb3J0YSBv +cmNpLCBxdWlzIHZpdmVycmEgZXJhdCBhdWN0b3IgYXQuIER1aXMgYWMgZGlhbSBl +dCBsaWd1bGEgYmxhbmRpdCB0ZW1wb3IgbmVjIGV1IGxhY3VzLiBDdW0gc29jaWlz +IG5hdG9xdWUgcGVuYXRpYnVzIGV0IG1hZ25pcyBkaXMgcGFydHVyaWVudCBtb250 +ZXMsIG5hc2NldHVyIHJpZGljdWx1cyBtdXMuIFByYWVzZW50IHBlbGxlbnRlc3F1 +ZSB2YXJpdXMgbnVsbGEgdmVsIGFsaXF1YW0uIEFsaXF1YW0gdXQgbGVjdHVzIG1h +dXJpcywgaWQgYWxpcXVldCBsYWN1cy4gSW50ZWdlciBzY2VsZXJpc3F1ZSBlbGVt +ZW50dW0gZHVpLCBldSBsYW9yZWV0IGF1Z3VlIGVsZW1lbnR1bSBzaXQgYW1ldC4g +VXQgdWxsYW1jb3JwZXIgdGVsbHVzIGNvbnZhbGxpcyBzYXBpZW4gdmVzdGlidWx1 +bSBub24gbGFvcmVldCBwdXJ1cyBhZGlwaXNjaW5nLiBOdW5jIG5lYyBxdWFtIG51 +bmMuIFZpdmFtdXMgdWx0cmljZXMgZmVybWVudHVtIG1hc3NhLCBzaXQgYW1ldCBz +Y2VsZXJpc3F1ZSBudW5jIGltcGVyZGlldCB1dC4KClZlc3RpYnVsdW0gYW50ZSBp +cHN1bSBwcmltaXMgaW4gZmF1Y2lidXMgb3JjaSBsdWN0dXMgZXQgdWx0cmljZXMg +cG9zdWVyZSBjdWJpbGlhIEN1cmFlOyBJbiBoYWMgaGFiaXRhc3NlIHBsYXRlYSBk +aWN0dW1zdC4gTnVsbGFtIHRpbmNpZHVudCBtb2xlc3RpZSBpcHN1bSB2ZWwgcmhv +bmN1cy4gSW50ZWdlciBlZ2V0IG51bmMgZXUgdGVsbHVzIHRpbmNpZHVudCBsYWNp +bmlhLiBJbnRlZ2VyIG5lYyBuaXNpIGVnZXQgYXVndWUgc2VtcGVyIHZhcml1cyBp +ZCBhYyBxdWFtLiBOYW0gdGluY2lkdW50LCB0ZWxsdXMgYWMgY29uZGltZW50dW0g +YWNjdW1zYW4sIGRvbG9yIGVyb3Mgdml2ZXJyYSBsZW8sIHBoYXJldHJhIHB1bHZp +bmFyIGxlY3R1cyBlcm9zIGluIG1pLiBEb25lYyBjb25zZXF1YXQsIHR1cnBpcyBp +ZCBjb252YWxsaXMgdm9sdXRwYXQsIGFudGUgc2VtIGVsZW1lbnR1bSBtYWduYSwg +cXVpcyB0ZW1wb3IgcmlzdXMgZGlhbSB2ZWwgdHVycGlzLiBNb3JiaSBhIG9yY2kg +b3JjaSwgZWdlc3RhcyBmZXVnaWF0IGxlY3R1cy4gTnVsbGEgbmVjIG5pYmggaWQg +YXVndWUgaW50ZXJkdW0gbW9sbGlzLiBTdXNwZW5kaXNzZSBwbGFjZXJhdCB0ZW1w +dXMgbnVuYyBhYyB2ZXN0aWJ1bHVtLiBEb25lYyBldCBtZXR1cyBkaWN0dW0gbGVv +IGJpYmVuZHVtIHVsdHJpY2VzIGluIG5lYyBsZWN0dXMuIFV0IHNlZCB2ZWxpdCBu +aWJoLCBzb2RhbGVzIHBvcnRhIG51bmMuIEluIGhhYyBoYWJpdGFzc2UgcGxhdGVh +IGRpY3R1bXN0LiBTZWQgZWxpdCB0b3J0b3IsIGFsaXF1ZXQgdmVsIHZvbHV0cGF0 +IGEsIHRpbmNpZHVudCBzZWQgc2FwaWVuLiBTdXNwZW5kaXNzZSBlZ2V0IGxpYmVy +byBsYWN1cy4gVml2YW11cyBhdWN0b3IgYW50ZSBub24gbmVxdWUgcG9ydHRpdG9y +IHV0IHByZXRpdW0gbmlzbCB0ZW1wdXMuIE51bGxhIHNvZGFsZXMgcmlzdXMgZXQg +ZXJhdCB2YXJpdXMgbGFvcmVldC4gTWFlY2VuYXMgbHVjdHVzIGxvYm9ydGlzIGxp +Z3VsYSBlZ2V0IGZlcm1lbnR1bS4KClZpdmFtdXMgY29udmFsbGlzIG5pYmggdml0 +YWUgdHVycGlzIGZldWdpYXQgdWx0cmljZXMuIFF1aXNxdWUgdml0YWUgYmxhbmRp +dCBtYXNzYS4gTWF1cmlzIGV1aXNtb2QgdXJuYSB1dCBuZXF1ZSBmZXJtZW50dW0g +dml0YWUgaW1wZXJkaWV0IG1hdXJpcyBldWlzbW9kLiBJbiBhIGR1aSB0ZWxsdXMs +IG5lYyBwb3N1ZXJlIGRvbG9yLiBBZW5lYW4gdWxsYW1jb3JwZXIgYXVndWUgaWQg +ZXJhdCBsYWNpbmlhIHB1bHZpbmFyLiBQZWxsZW50ZXNxdWUgYXQgbnVsbGEgdGVs +bHVzLiBOYW0gZWxlbWVudHVtIGlhY3VsaXMgcHVsdmluYXIuIFZpdmFtdXMgdG9y +dG9yIGxlY3R1cywgZ3JhdmlkYSB1dCBjb21tb2RvIGEsIHZpdmVycmEgdXQgb2Rp +by4gUGhhc2VsbHVzIGVsZW1lbnR1bSBibGFuZGl0IG9kaW8sIG5lYyBkYXBpYnVz +IGFudGUgbWFsZXN1YWRhIGEuIE1hZWNlbmFzIGltcGVyZGlldCwgZmVsaXMgYSBz +ZW1wZXIgZmFjaWxpc2lzLCBtYXNzYSBudWxsYSBhbGlxdWV0IHRvcnRvciwgZXQg +bWFsZXN1YWRhIG1hZ25hIGxlY3R1cyBhYyBwdXJ1cy4gQWVuZWFuIGF1Y3RvciB0 +ZWxsdXMgaWQganVzdG8gY29uZGltZW50dW0gdHJpc3RpcXVlLiBDcmFzIHZpdGFl +IHJ1dHJ1bSBhcmN1LiBNYXVyaXMgdGVtcHVzLCBtYWduYSBlZ2V0IHZhcml1cyBp +bnRlcmR1bSwgbmlzbCBqdXN0byBwb3J0YSBhdWd1ZSwgc2VkIHBvcnRhIG5pc2wg +cXVhbSBhIG5pYmguIE1hZWNlbmFzIHZpdGFlIHB1cnVzIGRpYW0uIFByYWVzZW50 +IGJpYmVuZHVtIG5pYmggZHVpLCBpbiB0aW5jaWR1bnQgbnVuYy4gRHVpcyB2aXRh +ZSBzZW0gYW50ZS4KCk1hdXJpcyBwb3N1ZXJlIGZlbGlzIGV0IHR1cnBpcyBzb2Rh +bGVzIGhlbmRyZXJpdCB1dCBpZCBudW5jLiBEb25lYyBsYW9yZWV0IG1hbGVzdWFk +YSBlcm9zLiBOYW0gcXVpcyBkaWFtIGFyY3UsIGV1IHRyaXN0aXF1ZSB0ZWxsdXMu +IFBlbGxlbnRlc3F1ZSBxdWlzIGVsaXQgbnVuYy4gQ3JhcyBsZW8gbG9yZW0sIG9y +bmFyZSBjb21tb2RvIG1vbGVzdGllIHNpdCBhbWV0LCBjb25zZXF1YXQgdmVsIGVz +dC4gSW4gaGFjIGhhYml0YXNzZSBwbGF0ZWEgZGljdHVtc3QuIENyYXMgcmlzdXMg +cXVhbSwgc3VzY2lwaXQgc2VtcGVyIGltcGVyZGlldCB1bHRyaWNlcywgdHJpc3Rp +cXVlIG5lYyBzYXBpZW4uIFBlbGxlbnRlc3F1ZSBjb25kaW1lbnR1bSwgdHVycGlz +IG5lYyBzb2RhbGVzIGNvbnNlY3RldHVyLCBkaWFtIHNlbSBiaWJlbmR1bSBkaWFt +LCB2aXRhZSBhbGlxdWV0IG1pIGFyY3UgYSBhcmN1LiBQaGFzZWxsdXMgaGVuZHJl +cml0LCBtYWduYSBxdWlzIGdyYXZpZGEgZmVybWVudHVtLCBtYWduYSBsZWN0dXMg +c2VtcGVyIG1hc3NhLCBzZWQgY29uZ3VlIHVybmEgbmliaCBhdCBudWxsYS4gQ3Jh +cyBzZWQgbmliaCBtaS4gTnVsbGEgdGVtcG9yIHByZXRpdW0gcG9ydGEuCgpVdCBp +ZCBqdXN0byB2aXRhZSB0dXJwaXMgY29udmFsbGlzIGNvbmd1ZS4gQ3VyYWJpdHVy +IG1hbGVzdWFkYSBwdXJ1cyBlZ2V0IGRpYW0gYXVjdG9yIGV0IHVsbGFtY29ycGVy +IHZlbGl0IG1hbGVzdWFkYS4gUGhhc2VsbHVzIHNjZWxlcmlzcXVlIGZlcm1lbnR1 +bSBsaWJlcm8uIE1vcmJpIGR1aSB0b3J0b3IsIGJsYW5kaXQgbWFsZXN1YWRhIGxv +Ym9ydGlzIHVsdHJpY2llcywgYmxhbmRpdCBldCBuaXNpLiBOdWxsYSBtYXR0aXMg +ZmFjaWxpc2lzIGxhY3VzLiBBbGlxdWFtIHNvZGFsZXMgZWxpdCBzaXQgYW1ldCBt +ZXR1cyB2ZW5lbmF0aXMgYSBjb21tb2RvIHF1YW0gYmliZW5kdW0uIFV0IG5vbiB0 +ZWxsdXMgdG9ydG9yLiBTZWQgc2VtcGVyLCBuaXNpIGluIHRlbXBvciB2ZXN0aWJ1 +bHVtLCBzZW0gbnVsbGEgZXVpc21vZCBhcmN1LCB1dCBzb2RhbGVzIGVzdCBudW5j +IGF0IHRlbGx1cy4gRG9uZWMgbm9uIG1ldHVzIG5vbiBkb2xvciBzY2VsZXJpc3F1 +ZSB2aXZlcnJhLiBQaGFzZWxsdXMgbmVjIG51bGxhIGp1c3RvLCB1dCBwb3J0dGl0 +b3IgbnVsbGEuIEZ1c2NlIGZldWdpYXQgZ3JhdmlkYSBzb2xsaWNpdHVkaW4uIFNl +ZCBpZCBoZW5kcmVyaXQgbWF1cmlzLiBEb25lYyBsZWN0dXMgdG9ydG9yLCBwb3J0 +YSBzaXQgYW1ldCBjb25kaW1lbnR1bSBzZWQsIHZhcml1cyBhIHZlbGl0LiBJbiBk +aWN0dW0gZG9sb3Igc2VkIGVzdCBkaWN0dW0gaW4gcnV0cnVtIG5lcXVlIHN1c2Np +cGl0LgoKTWFlY2VuYXMgaW1wZXJkaWV0IGNvbnZhbGxpcyB1bHRyaWNpZXMuIEN1 +bSBzb2NpaXMgbmF0b3F1ZSBwZW5hdGlidXMgZXQgbWFnbmlzIGRpcyBwYXJ0dXJp +ZW50IG1vbnRlcywgbmFzY2V0dXIgcmlkaWN1bHVzIG11cy4gUGVsbGVudGVzcXVl +IG51bmMgdHVycGlzLCBpYWN1bGlzIHF1aXMgZWxlaWZlbmQgZXUsIHRpbmNpZHVu +dCB1dCBsYWN1cy4gQ3VyYWJpdHVyIHZpdGFlIHRlbGx1cyBuaWJoLiBQZWxsZW50 +ZXNxdWUgZWdldCBjb21tb2RvIG5pYmguIE51bGxhIGxhb3JlZXQsIGVyb3MgaWQg +aW1wZXJkaWV0IG1vbGxpcywgbmlzaSBlc3QgZWdlc3RhcyBmZWxpcywgZWdldCBs +dWN0dXMgZW5pbSBsYWN1cyB2aXRhZSBhcmN1LiBOdWxsYW0gaXBzdW0gZGlhbSwg +ZmF1Y2lidXMgZmV1Z2lhdCBjb21tb2RvIGV0LCB0ZW1wb3IgYWMgbGFjdXMuIERv +bmVjIHZlbCBlcmF0IG1hc3NhLCBhdCBwcmV0aXVtIGVzdC4gUGVsbGVudGVzcXVl +IGx1Y3R1cyBuaXNpIG51bGxhLCBhYyBhbGlxdWV0IGF1Z3VlLiBNYWVjZW5hcyBp +ZCBwaGFyZXRyYSBkb2xvci4gUHJvaW4gZGFwaWJ1cyBtYXR0aXMgY3Vyc3VzLiBN +b3JiaSBpbnRlcmR1bSwgZW5pbSBxdWlzIGZlcm1lbnR1bSBwbGFjZXJhdCwgbmlz +aSBtaSBjb25ndWUgc2VtLCBhIHRlbXBvciBuaXNsIG1hdXJpcyBpbiBzZW0uIElu +IGNvbmRpbWVudHVtLCBpcHN1bSBuZWMgdmVuZW5hdGlzIHZlbmVuYXRpcywgbnVs +bGEgZW5pbSBsYW9yZWV0IGFudGUsIG5lYyBoZW5kcmVyaXQgaXBzdW0gbGVjdHVz +IGVnZXQgcmlzdXMuIFBlbGxlbnRlc3F1ZSBlbmltIGxpYmVybywgdGluY2lkdW50 +IHZpdGFlIG1vbGVzdGllIHNpdCBhbWV0LCBncmF2aWRhIG5lYyBsYWN1cy4gRHVp +cyBhYyBzYXBpZW4gbGliZXJvLCBpbiBhbGlxdWV0IHF1YW0uIE1vcmJpIHRlbXBv +ciBsaWJlcm8gcXVpcyBlc3QgZ3JhdmlkYSBzZWQgZWdlc3RhcyBudWxsYSB2dWxw +dXRhdGUuCgpEb25lYyBsYWNpbmlhIG1pIGF0IHRlbGx1cyB2aXZlcnJhIGxvYm9y +dGlzLiBOdWxsYSBpbnRlcmR1bSwgdXJuYSB1dCBmYXVjaWJ1cyBzZW1wZXIsIGR1 +aSBsZWN0dXMgZnJpbmdpbGxhIGVyYXQsIHV0IGFsaXF1YW0gbmlzbCBpcHN1bSBh +dCBlcm9zLiBWaXZhbXVzIGNvbnZhbGxpcyBoZW5kcmVyaXQgYXJjdSBxdWlzIGNv +bmRpbWVudHVtLiBQcmFlc2VudCBhdCBmZXVnaWF0IHNhcGllbi4gUXVpc3F1ZSBu +b24gb3JjaSBhcmN1LiBQZWxsZW50ZXNxdWUgZWdldCBtaSBhcmN1LCBzaXQgYW1l +dCBsdWN0dXMgbnVuYy4gQ3VyYWJpdHVyIGxlY3R1cyBsZW8sIGNvbnNlcXVhdCBz +ZW1wZXIgaW1wZXJkaWV0IGV0LCBlbGVtZW50dW0gdml0YWUgZGlhbS4gUHJvaW4g +cHVydXMgbnVsbGEsIHB1bHZpbmFyIGlkIGltcGVyZGlldCBzZWQsIGZldWdpYXQg +YSBudWxsYS4gUHJvaW4gc3VzY2lwaXQgZWxpdCB2ZWwgYXJjdSB2ZW5lbmF0aXMg +c29kYWxlcy4gQ3JhcyBhY2N1bXNhbiBtYXNzYSBhYyBudWxsYSBwdWx2aW5hciBm +ZXVnaWF0IGV1IGF0IHRlbGx1cy4gUXVpc3F1ZSB2aXRhZSBlcmF0IG9yY2ksIG5v +biB0ZW1wb3IgZW5pbS4gRG9uZWMgb3JuYXJlIGxvYm9ydGlzIG1pIHZpdGFlIGNv +bnNlcXVhdC4gSW50ZWdlciB2aXZlcnJhLCB2ZWxpdCB2ZWwgcGVsbGVudGVzcXVl +IGFjY3Vtc2FuLCBhdWd1ZSBsaWd1bGEgYmxhbmRpdCBuaXNsLCBlZ2V0IGNvbmRp +bWVudHVtIG5lcXVlIGFyY3UgaW4gZXJhdC4gTmFtIHF1aXMgbG9yZW0gbG9yZW0s +IHZlbCBjdXJzdXMgcmlzdXMuIEluIG5lYyBudW5jIGRvbG9yLCBxdWlzIHBvcnR0 +aXRvciBuZXF1ZS4gTWFlY2VuYXMgdHVycGlzIG9kaW8sIGRpY3R1bSB2aXRhZSBj +b21tb2RvIHRpbmNpZHVudCwgYWxpcXVhbSB1dCBhdWd1ZS4gUGhhc2VsbHVzIGF0 +IGp1c3RvIGxhY3VzLiBQaGFzZWxsdXMgc2l0IGFtZXQgdXJuYSBhdCBhbnRlIHZh +cml1cyBwZWxsZW50ZXNxdWUuIFBlbGxlbnRlc3F1ZSBpbiBsaWJlcm8gYWMgdXJu +YSBmcmluZ2lsbGEgdGluY2lkdW50IHZpdGFlIHNlZCB2ZWxpdC4KCkRvbmVjIGFj +IHJpc3VzIHNhcGllbi4gTnVsbGEgZmFjaWxpc2kuIERvbmVjIGF0IHZlbGl0IG5v +biBudW5jIHRlbXB1cyBmZXJtZW50dW0uIEN1bSBzb2NpaXMgbmF0b3F1ZSBwZW5h +dGlidXMgZXQgbWFnbmlzIGRpcyBwYXJ0dXJpZW50IG1vbnRlcywgbmFzY2V0dXIg +cmlkaWN1bHVzIG11cy4gRnVzY2UgaW50ZXJkdW0gYWxpcXVhbSBsb3JlbSwgaW4g +c2NlbGVyaXNxdWUgZW5pbSB0aW5jaWR1bnQgaWQuIFByYWVzZW50IHNvbGxpY2l0 +dWRpbiBkdWkgbmVjIGxhY3VzIGxhY2luaWEgcGxhY2VyYXQuIFV0IGVnZXQgbWF0 +dGlzIG1ldHVzLiBJbiB2ZWwgc2VtIHVybmEsIGV1IGNvbnZhbGxpcyB0dXJwaXMu +IER1aXMgaGVuZHJlcml0IGlwc3VtIHVybmEsIG5vbiBwZWxsZW50ZXNxdWUgb3Jj +aS4gVXQgZXN0IG1ldHVzLCBlbGVtZW50dW0gaW4gYmliZW5kdW0gaWQsIHZpdmVy +cmEgZGlnbmlzc2ltIHRlbGx1cy4gRHVpcyBpZCBlcmF0IGxpYmVyby4gVmVzdGli +dWx1bSBpbiBsaWJlcm8gbm9uIHNlbSB0aW5jaWR1bnQgZWxlbWVudHVtIHNlZCBl +dCBuaXNpLiBQaGFzZWxsdXMgbGVjdHVzIGVyYXQsIGVsZWlmZW5kIGlkIHNhZ2l0 +dGlzIHV0LCBmcmluZ2lsbGEgc2VkIHR1cnBpcy4gQWxpcXVhbSB2ZWwgZXJvcyBp +ZCBudW5jIHZlbmVuYXRpcyB1bGxhbWNvcnBlci4gQWxpcXVhbSB0cmlzdGlxdWUg +bWFzc2EgYSBtYXVyaXMgc2NlbGVyaXNxdWUgbm9uIGZhdWNpYnVzIG5lcXVlIHVs +dHJpY2llcy4KCkFsaXF1YW0gY29uc2VxdWF0IGx1Y3R1cyBlbGl0LCBpZCBtYWxl +c3VhZGEgZXJvcyBsb2JvcnRpcyB1dC4gTnVsbGFtIGEgaGVuZHJlcml0IGxpYmVy +by4gTWFlY2VuYXMgZXQgc2VtIGF0IGVyYXQgbWF0dGlzIGVsZWlmZW5kIHNlZCBz +aXQgYW1ldCBzZW0uIE51bGxhIGxvYm9ydGlzIG5pYmggYSBvcmNpIGVsZWlmZW5k +IHRlbXBvci4gUHJvaW4gbnVsbGEgZmVsaXMsIHZlbmVuYXRpcyBxdWlzIHVsdHJp +Y2llcyB2ZWwsIGFsaXF1ZXQgaW4gZG9sb3IuIFBoYXNlbGx1cyB0aW5jaWR1bnQg +ZG9sb3IgZmVybWVudHVtIG1hc3NhIGlhY3VsaXMgZGlnbmlzc2ltIHZlbCB1dCBk +dWkuIFByb2luIHRpbmNpZHVudCBzYWdpdHRpcyBzb2RhbGVzLiBQcm9pbiBtYXR0 +aXMgdmFyaXVzIGVuaW0sIGF0IGx1Y3R1cyBzZW0gaGVuZHJlcml0IGV1LiBVdCB2 +aXRhZSBncmF2aWRhIG9kaW8uIEFsaXF1YW0gZXJhdCB2b2x1dHBhdC4gTnVsbGEg +ZnJpbmdpbGxhIHBsYWNlcmF0IHZlbGl0LCBzZWQgYWxpcXVldCBudWxsYSBpbXBl +cmRpZXQgYS4gRG9uZWMgZWxlaWZlbmQgcHVsdmluYXIgb3JjaSwgaW4gcG9ydGEg +ZGlhbSBwb3N1ZXJlIGJpYmVuZHVtLiBQcm9pbiBlZ2VzdGFzIHBvcnR0aXRvciBh +bGlxdWFtLiBRdWlzcXVlIHNhcGllbiBmZWxpcywgaGVuZHJlcml0IGlkIGNvbmd1 +ZSBldSwgdGluY2lkdW50IHNlZCBlc3QuIFZpdmFtdXMgY3Vyc3VzIHByZXRpdW0g +ZXJhdCB1dCBmYXVjaWJ1cy4gSW50ZWdlciBsaWJlcm8gZWxpdCwgdmVuZW5hdGlz +IHZlbCBhbGlxdWV0IG5lYywgaW50ZXJkdW0gaW4gZW5pbS4gTmFtIGEgdmVsaXQg +anVzdG8sIHZpdGFlIGlhY3VsaXMgdHVycGlzLgoKVml2YW11cyBuaWJoIGxpZ3Vs +YSwgaW50ZXJkdW0gdmVzdGlidWx1bSB2ZW5lbmF0aXMgdml0YWUsIGZlcm1lbnR1 +bSBpbiBtYWduYS4gU3VzcGVuZGlzc2UgZHVpIGFyY3UsIGdyYXZpZGEgYWMgZWdl +c3RhcyBub24sIGNvbmd1ZSBub24gZGlhbS4gUGVsbGVudGVzcXVlIGhhYml0YW50 +IG1vcmJpIHRyaXN0aXF1ZSBzZW5lY3R1cyBldCBuZXR1cyBldCBtYWxlc3VhZGEg +ZmFtZXMgYWMgdHVycGlzIGVnZXN0YXMuIFBlbGxlbnRlc3F1ZSBwdWx2aW5hciBw +aGFyZXRyYSBsb3JlbSwgZXQgcG9zdWVyZSBzZW0gY29uZ3VlIHV0LiBTZWQgZWxl +bWVudHVtIGNvbnZhbGxpcyBkb2xvciBldSB2dWxwdXRhdGUuIEludGVnZXIgbmli +aCBqdXN0bywgcGVsbGVudGVzcXVlIGVnZXQgdWx0cmljaWVzIGF1Y3RvciwgZmVy +bWVudHVtIG5vbiBtaS4gUGVsbGVudGVzcXVlIGF0IG5lcXVlIGVzdC4gQ3VyYWJp +dHVyIHBlbGxlbnRlc3F1ZSBhcmN1IHNlZCBsYWN1cyBwbGFjZXJhdCBxdWlzIGRp +Z25pc3NpbSBvcmNpIHBsYWNlcmF0LiBOdWxsYW0gcGVsbGVudGVzcXVlIGxpYmVy +byBpZCBhbnRlIGRhcGlidXMgc2VkIGJpYmVuZHVtIG1ldHVzIHRyaXN0aXF1ZS4g +Vml2YW11cyBpZCBkdWkgcXVpcyBhcmN1IHVsdHJpY2VzIHZpdmVycmEuIFBlbGxl +bnRlc3F1ZSBhdWN0b3IgbmlzaSBzZWQgZXN0IGxhb3JlZXQgdml2ZXJyYS4gU3Vz +cGVuZGlzc2UgbGFjaW5pYSBsZWN0dXMgbWFzc2EuIEFsaXF1YW0gZXJhdCB2b2x1 +dHBhdC4KClF1aXNxdWUgdWxsYW1jb3JwZXIgYXVndWUgaW4ganVzdG8gdWx0cmlj +aWVzIHBvcnRhLiBTZWQgcXVpcyBhcmN1IGFjIGxvcmVtIGFjY3Vtc2FuIHBvc3Vl +cmUuIE1hdXJpcyBjb25zZXF1YXQsIGxpYmVybyBlZ2V0IGZldWdpYXQgbG9ib3J0 +aXMsIGlwc3VtIGZlbGlzIHZlc3RpYnVsdW0gdGVsbHVzLCB2ZWwgdWx0cmljZXMg +aXBzdW0gYXJjdSBldSBuaXNsLiBDdW0gc29jaWlzIG5hdG9xdWUgcGVuYXRpYnVz +IGV0IG1hZ25pcyBkaXMgcGFydHVyaWVudCBtb250ZXMsIG5hc2NldHVyIHJpZGlj +dWx1cyBtdXMuIEluIGhhYyBoYWJpdGFzc2UgcGxhdGVhIGRpY3R1bXN0LiBEdWlz +IHZpdmVycmEgdHVycGlzIHZlbCBlbGl0IGVsZWlmZW5kIGF0IHBvcnR0aXRvciB2 +ZWxpdCByaG9uY3VzLiBTZWQgYXQgZG9sb3IgcXVpcyBuaXNpIGNvbW1vZG8gcG9y +dHRpdG9yLiBNb3JiaSBsb3JlbSBvcmNpLCBjb21tb2RvIGEgbGFvcmVldCBuZWMs +IHZhcml1cyBhdCBsYWN1cy4gTWF1cmlzIHNlZCB2YXJpdXMgZW5pbS4gQWxpcXVh +bSBncmF2aWRhIGFkaXBpc2Npbmcgc2VtIG5vbiBzZW1wZXIuIFN1c3BlbmRpc3Nl +IGVnZXQgZ3JhdmlkYSBudW5jLgoKQ3JhcyB2ZXN0aWJ1bHVtIHRvcnRvciBuZWMg +bGlndWxhIG9ybmFyZSB0ZW1wb3IuIFV0IGlhY3VsaXMgbGlndWxhIGV0IGxlY3R1 +cyB0aW5jaWR1bnQgaWFjdWxpcy4gTWFlY2VuYXMgcHVsdmluYXIgdm9sdXRwYXQg +bGFjaW5pYS4gQ3VyYWJpdHVyIGhlbmRyZXJpdCBtYWxlc3VhZGEgbGVjdHVzLCBz +ZWQgbWFsZXN1YWRhIGVyb3MgZWdlc3RhcyBlZ2V0LiBBbGlxdWFtIGJpYmVuZHVt +IHZhcml1cyBvZGlvIHZhcml1cyBtYXR0aXMuIFByb2luIGFjIHJob25jdXMgYXJj +dS4gTnVsbGEgc3VzY2lwaXQgdG9ydG9yIGEgZXN0IHZpdmVycmEgdWxsYW1jb3Jw +ZXIuIEN1cmFiaXR1ciBldCBkdWkgZGlhbS4gU2VkIGF0IG5lcXVlIG5pc2wuIEN1 +cmFiaXR1ciBzYWdpdHRpcyBvcmNpIG5pc2wuIEN1bSBzb2NpaXMgbmF0b3F1ZSBw +ZW5hdGlidXMgZXQgbWFnbmlzIGRpcyBwYXJ0dXJpZW50IG1vbnRlcywgbmFzY2V0 +dXIgcmlkaWN1bHVzIG11cy4KCkNyYXMgZmVsaXMgbWV0dXMsIHZhcml1cyBzaXQg +YW1ldCBjb25zZXF1YXQgZWdldCwgc2VtcGVyIHZpdGFlIGxlby4gTWF1cmlzIHV0 +IG5pc2kgbGFjdXMsIGEgcHJldGl1bSBsYWN1cy4gRHVpcyBlZ2V0IGVzdCBuZWMg +ZG9sb3Igc29sbGljaXR1ZGluIGZlcm1lbnR1bS4gTWFlY2VuYXMgb3JuYXJlIGFk +aXBpc2NpbmcgZHVpLCB2aXRhZSBwZWxsZW50ZXNxdWUgbmlzbCBhbGlxdWFtIGEu +IFZpdmFtdXMgYXVjdG9yIGZyaW5naWxsYSBsaWd1bGEsIGlkIHRlbXBvciBqdXN0 +byBjb25ndWUgYS4gUHJhZXNlbnQgcXVpcyBsYW9yZWV0IGF1Z3VlLiBEb25lYyBp +ZCBvcmNpIHV0IG5pc2kgdml2ZXJyYSBjb21tb2RvLiBQZWxsZW50ZXNxdWUgZGlj +dHVtIHZhcml1cyBvcmNpIHZlbCBwaGFyZXRyYS4gTnVuYyBsaWJlcm8gbmlzbCBt +YXNzYSBudW5jLg== + + + + text/plain + + + + + \ No newline at end of file -- cgit v1.2.3 From 1eef6f950703d93bccc557210be8f1820818aa73 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 6 Oct 2009 10:02:34 +0000 Subject: UTF-8 default charset for form-params if x-www-urlencoded DataURL connection git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@522 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index b092ba41..93e5bb1c 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -274,7 +274,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { InputStreamReader reader = new InputStreamReader(formParameter.getData(), (formParameter.getCharSet() != null) ? formParameter.getCharSet() - : null); + : "UTF-8"); // assume request was application/x-www-form-urlencoded, formParam therefore UTF-8 while ((len = reader.read(cbuf)) != -1) { urlEnc.write(cbuf, 0, len); } -- cgit v1.2.3 From dbac8211c342c8830baf0a48424b2769d4ec63af Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 15 Oct 2009 16:55:52 +0000 Subject: reset pos on buf reread (indexoutofboundsEx 4096) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@524 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java index f052ce05..f60b42b3 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java @@ -312,12 +312,18 @@ public class XWWWFormUrlInputIterator implements Iterator { } else if (buf[pos] == '+') { b[off] = ' '; } else if (buf[pos] == '%') { - if (++pos == count && (count = in.read(buf)) == -1) { - throw new IOException("Invalid URL encoding."); + if (++pos == count) { + if ((count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + pos = 0; } int c1 = Character.digit(buf[pos], 16); - if (++pos == count && (count = in.read(buf)) == -1) { - throw new IOException("Invalid URL encoding."); + if (++pos == count) { + if ((count = in.read(buf)) == -1) { + throw new IOException("Invalid URL encoding."); + } + pos = 0; } int c2 = Character.digit(buf[pos], 16); b[off] = (byte) ((c1 << 4) | c2); -- cgit v1.2.3 From aaf34f6dfc26ef28c6ddbe2987ebf7c3dd48e664 Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 16 Oct 2009 14:58:21 +0000 Subject: Fixed some further issues in XWWWFormUrlInputIterator. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@532 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../egiz/bku/binding/XWWWFormUrlInputIterator.java | 34 ++--- .../bku/binding/XWWWFormUrlInputIteratorTest.java | 147 +++++++++++++++++++++ .../at/gv/egiz/bku/binding/XWWWFormUrlEncoded1.txt | 1 + .../at/gv/egiz/bku/binding/XWWWFormUrlEncoded2.txt | 1 + 4 files changed, 168 insertions(+), 15 deletions(-) create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded1.txt create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded2.txt (limited to 'bkucommon/src/main') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java index f60b42b3..9279130d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIterator.java @@ -83,23 +83,25 @@ public class XWWWFormUrlInputIterator implements Iterator { if (done) { return false; } - if (currentParameter != null) { - // we have to disconnect the current parameter - // to look for further parameters - try { + try { + if (currentParameter != null) { + // we have to disconnect the current parameter + // to look for further parameters currentParameter.formParameterValue.disconnect(); - // fill buffer if empty - if (pos >= count) { - if ((count = in.read(buf)) == -1) { - // done - done = true; - return false; - } - pos = 0; + } + // fill buffer if empty + if (pos >= count) { + if ((count = in.read(buf)) == -1) { + // done + done = true; + return false; } - } catch (IOException e) { - deferredIOException = e; + pos = 0; } + } catch (IOException e) { + deferredIOException = e; + // return true to be able to report error + return true; } return true; } @@ -108,7 +110,9 @@ public class XWWWFormUrlInputIterator implements Iterator { public FormParameter next() { if (hasNext()) { // skip separator - pos++; + if (buf[pos] == PARAM_SEP) { + pos++; + } currentParameter = new XWWWFormUrlEncodedParameter(); return currentParameter; } else { diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java index 703e4460..4d81f038 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/XWWWFormUrlInputIteratorTest.java @@ -1,20 +1,41 @@ package at.gv.egiz.bku.binding; +import java.io.BufferedInputStream; +import java.io.BufferedOutputStream; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStreamWriter; +import java.io.UnsupportedEncodingException; +import java.net.URL; import java.net.URLEncoder; +import java.nio.CharBuffer; +import java.nio.channels.FileChannel; import java.nio.charset.Charset; import org.junit.Ignore; import org.junit.Test; + +import at.gv.egiz.bku.utils.URLEncodingWriter; import static org.junit.Assert.*; public class XWWWFormUrlInputIteratorTest { + @Test + public void testEmpty() throws IOException { + + ByteArrayInputStream emptyStream = new ByteArrayInputStream(new byte[] {}); + + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(emptyStream); + + assertFalse(decoder.hasNext()); + + } + @Test public void testOneParam() throws IOException { @@ -148,5 +169,131 @@ public class XWWWFormUrlInputIteratorTest { } + @Test + public void testURLEnc1() throws IOException { + + InputStream urlEncStream = new BufferedInputStream(getClass() + .getResourceAsStream("XWWWFormUrlEncoded1.txt")); + + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(urlEncStream); + + assertTrue(decoder.hasNext()); + FormParameter param = decoder.next(); + assertNotNull(param); + assertEquals("XMLRequest", param.getFormParameterName()); + InputStream vis = param.getFormParameterValue(); + assertNotNull(vis); + ByteArrayOutputStream os = new ByteArrayOutputStream(); + byte[] buf = new byte[1024]; + for (int l; (l = vis.read(buf)) != -1;) { + os.write(buf, 0, l); + } + assertEquals(-1, vis.read()); + assertFalse(decoder.hasNext()); + assertEquals(-1, urlEncStream.read()); + + } + + @Test + public void testURLEnc2() throws IOException { + + InputStream urlEncStream = new BufferedInputStream(getClass() + .getResourceAsStream("XWWWFormUrlEncoded2.txt")); + + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(urlEncStream); + + assertTrue(decoder.hasNext()); + FormParameter param = decoder.next(); + assertNotNull(param); + assertEquals("XMLRequest", param.getFormParameterName()); + InputStream vis = param.getFormParameterValue(); + assertNotNull(vis); + ByteArrayOutputStream os = new ByteArrayOutputStream(); + byte[] buf = new byte[1024]; + for (int l; (l = vis.read(buf)) != -1;) { + os.write(buf, 0, l); + } + assertEquals(-1, vis.read()); + vis.close(); + + assertTrue(decoder.hasNext()); + param = decoder.next(); + assertNotNull(param); + assertEquals("EmptyParam", param.getFormParameterName()); + vis = param.getFormParameterValue(); + assertNotNull(vis); + assertEquals(-1, vis.read()); + vis.close(); + + assertTrue(decoder.hasNext()); + param = decoder.next(); + assertNotNull(param); + assertEquals("TransferParam__", param.getFormParameterName()); + vis = param.getFormParameterValue(); + assertNotNull(vis); + for (int l = 0; (l = vis.read(buf)) != -1;) { + os.write(buf, 0, l); + } + assertEquals(-1, vis.read()); + vis.close(); + + } + + @Ignore + @Test + public void testURLEncLoremIpsum() throws IOException { + + InputStream urlEncStream = new BufferedInputStream(getClass() + .getResourceAsStream("UrlEncodedLoremIpsum.txt")); + + XWWWFormUrlInputIterator decoder = new XWWWFormUrlInputIterator(urlEncStream); + + assertTrue(decoder.hasNext()); + FormParameter param = decoder.next(); + assertNotNull(param); + assertEquals("LoremIpsum", param.getFormParameterName()); + InputStream vis = param.getFormParameterValue(); + assertNotNull(vis); + ByteArrayOutputStream os = new ByteArrayOutputStream(); + byte[] buf = new byte[1024]; + for (int l; (l = vis.read(buf)) != -1;) { + os.write(buf, 0, l); + } + assertEquals(-1, vis.read()); + vis.close(); + + assertFalse(decoder.hasNext()); + + } + + + public static void main(String[] args) throws IOException { + + URL resource = XWWWFormUrlInputIteratorTest.class + .getResource("LoremIpsum.txt"); + + BufferedInputStream is = new BufferedInputStream(resource.openStream()); + + InputStreamReader reader = new InputStreamReader(is, "UTF-8"); + + StringBuilder sb = new StringBuilder(); + char[] b = new char[1024]; + for (int l; (l = reader.read(b)) != -1;) { + sb.append(b, 0, l); + } + String li = sb.toString(); + + FileOutputStream os = new FileOutputStream("UrlEncodedLoremIpsum.txt"); + OutputStreamWriter writer = new OutputStreamWriter(new BufferedOutputStream(os), "ISO-8859-1"); + URLEncodingWriter encoder = new URLEncodingWriter(writer); + + for (int i = 0; i < 100; i++) { + encoder.write(li); + } + + encoder.flush(); + encoder.close(); + + } } diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded1.txt b/bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded1.txt new file mode 100644 index 00000000..32804c17 --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded1.txt @@ -0,0 +1 @@ +XMLRequest=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0D%0A%3Csl%3ACreateXMLSignatureRequest+%0D%0A++xmlns%3Asl%3D%22http%3A%2F%2Fwww.buergerkarte.at%2Fnamespaces%2Fsecuritylayer%2F1.2%23%22%3E%0D%0A%3Csl%3AKeyboxIdentifier%3ESecureSignatureKeypair%3C%2Fsl%3AKeyboxIdentifier%3E%0D%0A++%3Csl%3ADataObjectInfo+Structure%3D%22enveloping%22%3E%0D%0A++++%3Csl%3ADataObject%3E%0D%0A++++++%3Csl%3AXMLContent%3ELorem+ipsum+dolor+sit+amet%2C+consectetur+adipiscing+elit.+Pellentesque+sed+dui+sed+enim+lobortis+ullamcorper+eu+sit+amet+libero.+Cras+mi+dolor%2C+ultrices+quis+tincidunt+non%2C+imperdiet+in+orci.+Nulla+placerat+sodales+nibh+sit+amet+ornare.+Suspendisse+potenti.+Duis+ultricies+metus+tortor%2C+id+mattis+nulla.+Proin+cursus+commodo+aliquet.+In+posuere%2C+lorem+sit+amet+egestas+consequat%2C+diam+ligula+accumsan+dui%2C+non+placerat+diam+nisl+id+tortor.+Aliquam+blandit+viverra+tellus%2C+vel+facilisis+eros+fermentum+ultrices.+Nullam+sodales+mattis+vulputate.+Suspendisse+luctus+dapibus+odio%2C+tincidunt+tempus+dui+sollicitudin+sed.%0D%0A%0D%0AMauris+auctor%2C+est+non+mattis+consequat%2C+ante+sem+tristique+sem%2C+eget+porttitor+nisl+magna+consectetur+tortor.+Sed+semper+diam+nec+leo+fermentum+dictum.+Suspendisse+sed+ipsum+orci.+Phasellus+rhoncus+odio+sed+lorem+rhoncus+et+tincidunt+mi+semper.+Etiam+accumsan+aliquam+augue%2C+id+aliquet+dui+lacinia+non.+Suspendisse+non+purus+a+turpis+imperdiet+vestibulum+id+in+nisi.+Sed+quis+leo+nec+massa+rhoncus+pharetra+ac+non+ipsum.+Proin+tristique+est+eget+dolor+euismod+vitae+rhoncus+metus+molestie.+Duis+volutpat+leo+libero%2C+molestie+fermentum+turpis.+Praesent+interdum+tellus+mattis+lorem+mollis+sit+amet+elementum+risus+cursus.+Nam+erat+nulla%2C+mollis+sit+amet+rutrum+ut%2C+pharetra+gravida+ligula.+In+hac+habitasse+platea+dictumst.+Maecenas+non+massa+ac+ipsum+eleifend+tempor.+Ut+sed+diam+nisi%2C+in+volutpat+libero.+Duis+vehicula+purus+eu+risus+ultricies+rutrum.+Duis+risus+mi%2C+aliquam+nec+venenatis+vel%2C+scelerisque+eget+eros.+Pellentesque+mollis+aliquet+nibh%2C+et+hendrerit+tortor+lobortis+sed.%0D%0A%0D%0AAenean+odio+sem%2C+pretium+eget+sagittis+sed%2C+rhoncus+a+nisi.+Nulla+cursus+diam+sit+amet+massa+iaculis+ultricies.+Aenean+odio+lorem%2C+bibendum+vitae+consequat+vel%2C+luctus+id+diam.+Proin+congue%2C+dui+non+eleifend+interdum%2C+lorem+lorem+semper+ligula%2C+in+condimentum+orci+enim+eget+tellus.+Aliquam+erat+volutpat.+Quisque+porttitor+volutpat+elit%2C+quis+ultricies+elit+imperdiet+at.+Donec+dictum+ultricies+ligula.+Aliquam+in+condimentum+quam.+Ut+placerat+suscipit+dolor%2C+a+aliquet+arcu+suscipit+ut.+Suspendisse+et+arcu+id+quam+vehicula+ultrices.+Duis+erat+leo%2C+tempor+vel+aliquet+eu%2C+feugiat+eget+erat.+Nulla+facilisi.+Nulla+sed+lorem+sapien.+Aliquam+ullamcorper+dui+sed+nisl+sollicitudin+tempus.+Donec+ipsum+quam%2C+placerat+at+tincidunt+et%2C+condimentum+sit+amet+sapien.+In+luctus+ullamcorper+molestie.+Cras+non+augue+elit.+Ut+cursus+volutpat+augue%2C+sed+condimentum+est+mollis+vitae.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Donec+consectetur+lacus+quis+turpis+semper+elementum+vitae+eleifend+dui.%0D%0A%0D%0APraesent+sed+libero+metus.+Nulla+est+nulla%2C+condimentum+non+volutpat+nec%2C+elementum+at+nisi.+Vivamus+posuere+dignissim+ultricies.+Fusce+massa+velit%2C+dignissim+quis+vehicula+in%2C+consequat+at+purus.+Duis+accumsan+lacinia+mattis.+Aliquam+eget+felis+eget+odio+viverra+ornare+ut+non+orci.+Vivamus+porta%2C+magna+sit+amet+ornare+lacinia%2C+sem+erat+porta+lectus%2C+at+porttitor+nisl+nisl+tincidunt+nisi.+Pellentesque+ornare+massa+ac+urna+feugiat+dignissim.+Ut+at+metus+nunc%2C+sit+amet+vulputate+arcu.+In+hac+habitasse+platea+dictumst.+Suspendisse+eget+elit+nec+erat+iaculis+accumsan+ac+nec+velit.+Aliquam+erat+volutpat.+Proin+id+nibh+odio.+Cras+ullamcorper%2C+dolor+a+rutrum+pharetra%2C+turpis+ligula+adipiscing+nisl%2C+a+tristique+tortor+lorem+in+dolor.+Proin+ac+ligula+felis%2C+et+malesuada+orci.+Aliquam+erat+volutpat.+Phasellus+faucibus+ipsum+quis+libero+posuere+vitae+accumsan+enim+mollis.+Cras+metus+odio%2C+eleifend+sed+suscipit+at%2C+gravida+quis+diam.%0D%0A%0D%0AEtiam+lorem+turpis%2C+consequat+sit+amet+vestibulum+faucibus%2C+accumsan+in+libero.+Nam+ornare+laoreet+placerat.+Nam+pellentesque+lectus+at+urna+tincidunt+facilisis.+Suspendisse+a+libero+in+arcu+eleifend+semper+vitae+sed+tortor.+Curabitur+ac+magna+a+eros+blandit+eleifend+vel+in+tortor.+Morbi+pretium+ullamcorper+ligula+rutrum+porta.+Pellentesque+vitae+viverra+erat.+Quisque+neque+orci%2C+condimentum+id+tempus+in%2C+porttitor+nec+nibh.+Donec+a+odio+a+lectus+dapibus+fermentum+a+sit+amet+sem.+Cras+risus+dolor%2C+ultricies+eget+suscipit+nec%2C+tempus+eget+justo.+Aenean+suscipit+fermentum+nisl%2C+vel+sodales+elit+euismod+ac.+In+non+laoreet+mi.+Morbi+aliquet+quam+id+nunc+aliquet+facilisis.+Nulla+elementum+fringilla+eleifend.+Sed+tristique+nunc+eget+turpis+ullamcorper+varius.+Pellentesque+non+diam+nec+lorem+mollis+vulputate.+In+hac+habitasse+platea+dictumst.+Aenean+pellentesque+leo+ac+augue+molestie+non+varius+nibh+consectetur.+Donec+quis+dui+eget+tortor+pharetra+convallis+vel+quis+orci.+Nulla+at+odio+nisi%2C+sit+amet+luctus+diam.%0D%0A%0D%0ANam+nisl+nibh%2C+faucibus+eu+aliquet+non%2C+elementum+vitae+quam.+Etiam+massa+massa%2C+gravida+ut+pharetra+non%2C+mollis+in+augue.+Integer+urna+quam%2C+tincidunt+et+lacinia+et%2C+vehicula+sit+amet+justo.+Nulla+dui+dui%2C+semper+eget+adipiscing+rutrum%2C+dignissim+a+mi.+Cras+sit+amet+mauris+ac+neque+pretium+ultricies+sit+amet+non+elit.+Praesent+viverra+vehicula+orci+ut+congue.+Quisque+fermentum+neque+eu+turpis+scelerisque+sit+amet+luctus+erat+imperdiet.+Nulla+volutpat+quam+ut+ante+eleifend+in+tempus+diam+laoreet.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Proin+et+lacus+ligula%2C+eget+fermentum+urna.+Ut+quis+urna+ac+nibh+molestie+sollicitudin.+Morbi+interdum+arcu+mauris.%0D%0A%0D%0ASed+posuere%2C+eros+eu+tempus+tempus%2C+nulla+felis+ultrices+tortor%2C+vel+fermentum+nunc+lectus+a+nisi.+Duis+enim+nisl%2C+facilisis+sit+amet+ullamcorper+nec%2C+imperdiet+vulputate+massa.+Nam+semper+aliquet+nunc%2C+vitae+malesuada+turpis+congue+a.+Proin+dolor+eros%2C+sollicitudin+eget+gravida+id%2C+adipiscing+a+risus.+Praesent+sed+mauris+ut+diam+mollis+tempus.+Curabitur+pulvinar+tortor+non+sapien+interdum+in+aliquet+metus+dignissim.+Aliquam+ut+orci+id+nunc+elementum+dapibus+non+ac+odio.+Etiam+nibh+ligula%2C+varius+sed+congue+et%2C+euismod+ac+dui.+Suspendisse+sit+amet+malesuada+ligula.+Aliquam+tempus+nunc+et+massa+mattis+iaculis.%0D%0A%0D%0ADonec+sit+amet+tincidunt+elit.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Aenean+id+ante+ligula.+Fusce+at+libero+sed+nisl+luctus+sagittis.+Vivamus+sodales+nibh+eros%2C+at+pulvinar+neque.+Lorem+ipsum+dolor+sit+amet%2C+consectetur+adipiscing+elit.+Proin+augue+libero%2C+euismod+nec+semper+quis%2C+sollicitudin+ut+nulla.+Suspendisse+egestas+sapien+et+ante+interdum+ac+sollicitudin+arcu+malesuada.+Nulla+posuere+pretium+felis+id+ultricies.+Curabitur+nec+porttitor+lectus.%0D%0A%0D%0ANam+consectetur+tempor+sapien.+Nam+lobortis+porttitor+bibendum.+Maecenas+ac+enim+at+magna+tempor+imperdiet.+Donec+sed+ligula+ligula.+Morbi+et+orci+tortor.+Nulla+egestas+enim+vitae+libero+tincidunt+quis+rhoncus+quam+aliquam.+Etiam+non+justo+orci%2C+sit+amet+aliquam+eros.+Proin+vestibulum+leo+convallis+velit+tincidunt+nec+egestas+odio+lacinia.+Quisque+pellentesque+tempus+nisl%2C+ut+porta+tellus+aliquet+in.+Vestibulum+mollis+dapibus+velit+non+egestas.+Proin+vel+viverra+sapien.+Aliquam+erat+volutpat.+Curabitur+enim+eros%2C+aliquam+nec+dictum+eu%2C+fermentum+quis+nibh.+Donec+eget+enim+in+velit+viverra+scelerisque+sit+amet+in+lectus.+Etiam+sit+amet+orci+nisi.+Maecenas+ullamcorper%2C+nibh+quis+eleifend+euismod%2C+enim+turpis+pretium+nibh%2C+nec+venenatis+velit+risus+eu+tellus.%0D%0A%0D%0APraesent+elementum+mattis+placerat.+Curabitur+at+interdum+nibh.+Quisque+ullamcorper+eleifend+nunc+a+mollis.+Cras+ut+nulla+risus%2C+et+suscipit+risus.+Aenean+erat+diam%2C+facilisis+at+placerat+id%2C+placerat+sed+est.+Ut+nibh+libero%2C+varius+eget+suscipit+sed%2C+ultrices+eget+nisl.+Aenean+dignissim+enim+eget+dui+malesuada+et+consectetur+lorem+ullamcorper.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Donec+at+nisl+ut+eros+facilisis+congue+nec+at+dui.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Proin+in+sem+nulla.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Integer+facilisis%2C+odio+vel+euismod+pretium%2C+libero+lorem+elementum+lorem%2C+at+accumsan+nisl+est+sed+nibh.+Etiam+blandit+diam+sed+tortor+molestie+at+rutrum+neque+viverra.%0D%0A%0D%0AUt+ultricies+pharetra+velit%2C+a+viverra+metus+elementum+vel.+Pellentesque+vitae+interdum+lorem.+Nam+tincidunt+nibh+eu+neque+rutrum+vehicula.+Vestibulum+vitae+arcu+vel+ante+commodo+blandit.+Sed+placerat+lobortis+nisi%2C+et+hendrerit+justo+ultrices+aliquam.+Suspendisse+eget+risus+vel+sapien+hendrerit+dignissim.+Sed+interdum+pellentesque+varius.+Nam+scelerisque%2C+mauris+ut+cursus+hendrerit%2C+purus+felis+rutrum+ante%2C+in+convallis+velit+urna+ornare+nisi.+Vestibulum+et+sapien+quis+justo+pretium+interdum.+Praesent+volutpat%2C+nisi+at+hendrerit+aliquet%2C+elit+libero+tincidunt+purus%2C+egestas+viverra+risus+magna+quis+risus.%0D%0A%0D%0ADonec+id+justo+sem.+Aenean+facilisis+pulvinar+est+ut+auctor.+Morbi+tincidunt+mollis+adipiscing.+Sed+pulvinar+lorem+neque.+Duis+eros+felis%2C+ultricies+eget+ultrices+ut%2C+dignissim+vitae+arcu.+Proin+quis+quam+mi.+Nunc+sagittis+ultricies+nibh%2C+eu+porttitor+urna+eleifend+in.+Sed+eget+lorem+eros.+Duis+non+tincidunt+sapien.+Vivamus+blandit+facilisis+ante.+Quisque+lectus+neque%2C+varius+vel+fringilla+eget%2C+vulputate+non+libero.%0D%0A%0D%0AClass+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Aenean+varius+congue+ultrices.+Phasellus+suscipit+vulputate+tristique.+Donec+nec+libero+vel+diam+sagittis+dignissim.+Donec+sed+dui+at+augue+sollicitudin+tristique+sollicitudin+in+nulla.+Nullam+id+magna+enim.+Etiam+convallis+mollis+urna+a+malesuada.+Duis+ac+iaculis+tellus.+Donec+scelerisque+eleifend+elit+ut+ornare.+Cras+vitae+sem+augue%2C+quis+lacinia+elit.+Pellentesque+sit+amet+nunc+metus%2C+luctus+lobortis+erat.+Nulla+lacus+lorem%2C+pharetra+ac+consectetur+at%2C+mattis+id+arcu.%0D%0A%0D%0ANunc+mi+est%2C+pharetra+vel+mattis+sit+amet%2C+faucibus+ut+tortor.+Morbi+ut+ante+eget+purus+gravida+dictum+in+sit+amet+ligula.+Aliquam+malesuada+metus+quis+nunc+placerat+lobortis.+Nulla+venenatis+vehicula+lacus%2C+sed+vestibulum+nibh+egestas+ornare.+Sed+a+lorem+nulla.+Donec+malesuada+dolor+congue+est+condimentum+eu+tincidunt+orci+ullamcorper.+Nam+porttitor+fermentum+purus+nec+molestie.+Nunc+porttitor+tincidunt+lobortis.+Nullam+vulputate+imperdiet+neque%2C+et+consectetur+lectus+molestie+vitae.+Nulla+facilisi.%0D%0A%0D%0APhasellus+laoreet+auctor+elit%2C+ac+sagittis+mi+tincidunt+eu.+Nunc+cursus+ipsum+eget+nulla+molestie+sollicitudin.+Vivamus+sapien+orci%2C+cursus+ut+fringilla+sed%2C+suscipit+id+libero.+Proin+convallis+lectus+et+mauris+suscipit+aliquet+non+quis+urna.+Donec+sit+amet+consequat+metus.+Praesent+lacus+ligula%2C+interdum+quis+rutrum+ut%2C+sodales+in+neque.+Donec+sed+nisi+nibh%2C+aliquet+volutpat+est.+Curabitur+volutpat+nunc+ante.+Nullam+pharetra+enim+at+eros+pulvinar+in+tincidunt+augue+interdum.+Maecenas+mi+quam%2C+placerat+nec+mollis+nec%2C+iaculis+eu+lorem.+Suspendisse+potenti.+Aenean+eu+neque+sit+amet+sapien+pulvinar+pretium.+Etiam+augue+quam%2C+malesuada+non+pretium+at%2C+feugiat+sit+amet+tortor.%0D%0A%0D%0ADonec+a+dui+in+augue+lacinia+pellentesque.+Praesent+vitae+tortor+sit+amet+velit+posuere+accumsan.+Phasellus+et+augue+ac+mauris+porttitor+tempus.+Pellentesque+non+odio+quis+nulla+dictum+facilisis.+Donec+blandit+odio+quam.+Mauris+quam+nunc%2C+semper+semper+posuere+eu%2C+pharetra+sed+diam.+Donec+tincidunt+ultrices+cursus.+Sed+venenatis+rhoncus+nisl%2C+nec+tempus+augue+imperdiet+non.+Nulla+facilisi.+Sed+rutrum+accumsan+velit+sit+amet+placerat.+Sed+rhoncus+quam+nec+enim+feugiat+ultricies.+Sed+et+lorem+elit.+Integer+semper+aliquam+nibh%2C+non+lobortis+lorem+fringilla+a.+Suspendisse+potenti.+Suspendisse+suscipit+est+mattis+massa+imperdiet+lacinia.+Integer+interdum+nisl+a+neque+posuere+porta.+Ut+eget+velit+ut+leo+elementum+vulputate.+Maecenas+congue+dignissim+bibendum.%0D%0A%0D%0ACurabitur+sed+cursus+nunc.+Pellentesque+aliquet+odio+et+augue+cursus+lacinia.+Nullam+molestie%2C+lorem+nec+gravida+aliquet%2C+augue+diam+vestibulum+tellus%2C+vitae+gravida+eros+ante+consequat+metus.+Donec+tempor+rhoncus+interdum.+Proin+laoreet+pretium+placerat.+Mauris+id+eros+eget+nisl+cursus+consequat+et+id+mauris.+Cras+non+nulla+a+tellus+sodales+eleifend+nec+quis+augue.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Nunc+blandit+est+nec+dolor+facilisis+eget+placerat+libero+imperdiet.+Cras+ultricies+mollis+nulla%2C+ut+ullamcorper+neque+bibendum+a.+Fusce+ullamcorper+orci+vitae+metus+auctor+tempor.+In+sit+amet+tellus+sed+libero+sagittis+consequat.+Aenean+posuere+nisi+id+sapien+tristique+a+malesuada+lorem+fermentum.+Quisque+pretium+malesuada+fermentum.+Sed+ut+nunc+ac+risus+consectetur+consequat+a+quis+dolor.+Cras+sit+amet+leo+felis.%0D%0A%0D%0ASed+vitae+justo+dolor%2C+eu+adipiscing+nibh.+Aliquam+ut+ultrices+ligula.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Ut+sed+porttitor+felis.+Etiam+lectus+dolor%2C+egestas+id+scelerisque+vitae%2C+tristique+sed+justo.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Suspendisse+eu+quam+vel+lorem+sollicitudin+mattis.+Nulla+dictum+consequat+convallis.+Morbi+convallis+ligula+ac+sem+pellentesque+consequat.+Nam+et+est+nec+diam+eleifend+blandit+at+ac+metus.+Duis+rutrum+elementum+consequat.+Sed+semper+accumsan+pharetra.+Suspendisse+volutpat+nisi+hendrerit+justo+tincidunt+tempus.+Ut+venenatis+tincidunt+pretium.+Phasellus+porta+diam+in+purus+pulvinar+et+iaculis+massa+mollis.+Nulla+facilisi.+Vivamus+justo+felis%2C+euismod+vel+volutpat+vel%2C+euismod+at+orci.+Morbi+cursus%2C+massa+nec+ornare+consequat%2C+quam+leo+laoreet+lectus%2C+non+placerat+tortor+enim+eu+tellus.+Sed+ut+purus+nibh%2C+eget+dictum+purus.%0D%0A%0D%0ADonec+nisl+est%2C+pretium+sit+amet+faucibus+id%2C+vestibulum+et+nisl.+Morbi+egestas+pulvinar+sollicitudin.+Duis+tincidunt+enim+id+nulla+commodo+nec+lobortis+lacus+tristique.+Mauris+iaculis+mattis+turpis+non+molestie.+Quisque+non+ante+sed+orci+dictum+egestas.+In+ac+enim+at+dolor+posuere+laoreet.+Morbi+tortor+libero%2C+iaculis+nec+rhoncus+id%2C+laoreet+at+elit.+Cras+orci+dui%2C+interdum+at+lacinia+non%2C+venenatis+a+elit.+Etiam+suscipit+massa+in+ante+auctor+faucibus.+Praesent+non+quam+a+diam+viverra+gravida+sit+amet+eu+eros.+Quisque+sit+amet+suscipit+turpis.%0D%0A%0D%0APhasellus+non+tellus+purus%2C+sed+tempor+elit.+Cras+rutrum+condimentum+congue.+Sed+nec+felis+nibh.+Nam+condimentum+nisi+et+nulla+eleifend+in+imperdiet+velit+imperdiet.+Cras+ut+leo+sed+lectus+interdum+vehicula+quis+in+erat.+Nulla+et+semper+risus.+Cras+velit+sem%2C+sagittis+sit+amet+scelerisque+ut%2C+cursus+vitae+quam.+Maecenas+neque+dui%2C+dictum+non+porttitor+sed%2C+adipiscing+at+massa.+Phasellus+pulvinar+dui+ut+turpis+sagittis+et+imperdiet+nisl+porttitor.+Curabitur+porttitor+velit+in+justo+luctus+vel+placerat+est+tristique.+Maecenas+non+nisi+eget+est+feugiat+blandit.+Proin+eget+dui+lorem.+Aenean+id+sem+non+velit+commodo+sagittis+eget+in+quam.+Mauris+vitae+diam+quam%2C+et+mattis+turpis.+Integer+a+fringilla+erat.+Nunc+ligula+enim%2C+varius+eget+varius+non%2C+consectetur+sit+amet+nibh.+In+interdum+justo+sollicitudin+ipsum+pulvinar+ornare.+Aenean+et+gravida+nunc.+Fusce+in+ipsum+quis+lectus+commodo+laoreet+eu+eget+lorem.%0D%0A%0D%0APhasellus+dui+justo%2C+pulvinar+scelerisque+consectetur+nec%2C+mollis+vitae+metus.+Integer+id+tortor+nec+dui+rhoncus+vulputate+sed+id+tellus.+Nulla+sodales+suscipit+dolor%2C+vitae+pharetra+lacus+sagittis+ullamcorper.+Aenean+convallis+dapibus+sapien%2C+eget+interdum+tellus+accumsan+eget.+Nulla+at+purus+vel+nulla+auctor+fermentum+sed+aliquet+odio.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Pellentesque+laoreet%2C+nunc+vitae+venenatis+viverra%2C+velit+purus+aliquam+neque%2C+vitae+luctus+risus+magna+a+ante.+Proin+et+lectus+odio%2C+id+pulvinar+sapien.+Maecenas+vulputate+gravida+laoreet.+Sed+ut+nisl+vel+risus+malesuada+auctor.+Aenean+viverra+fermentum+sem+nec+sodales.+Etiam+eget+arcu+nibh.+Sed+eget+euismod+massa.+Sed+feugiat+nibh+aliquam+odio+lobortis+vehicula.+Duis+vulputate+mattis+enim+at+semper.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Aenean+laoreet+ultricies+neque.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B%0D%0A%0D%0ACras+condimentum+magna+nec+mauris+viverra+eu+vulputate+nunc+feugiat.+Proin+lobortis+ultrices+mauris.+Sed+euismod%2C+nunc+et+ullamcorper+tincidunt%2C+eros+lectus+egestas+lectus%2C+eget+aliquam+elit+augue+in+eros.+Aenean+in+lorem+sed+tellus+porta+convallis.+Phasellus+sem+nunc%2C+facilisis+vel+luctus+ut%2C+mattis+vel+risus.+Donec+quis+feugiat+nulla.+Donec+eleifend+tempor+sodales.+Sed+mattis+congue+orci+non+tincidunt.+Fusce+massa+nisi%2C+pretium+ac+consequat+non%2C+sagittis+et+justo.+Phasellus+est+velit%2C+placerat+quis+posuere+et%2C+pellentesque+at+est.+Etiam+quis+lacus+a+nibh+eleifend+adipiscing.+Sed+vel+leo+arcu.+Fusce+porta+fringilla+felis+in+blandit.%0D%0A%0D%0ADonec+pretium%2C+eros+eget+auctor+elementum%2C+neque+tortor+placerat+urna%2C+id+dapibus+magna+lacus+sed+elit.+Quisque+auctor+molestie+turpis+et+mollis.+Nam+ipsum+metus%2C+lacinia+et+blandit+a%2C+egestas+aliquam+quam.+Suspendisse+potenti.+Morbi+tempus+lorem+eget+nibh+ultricies+congue.+Maecenas+in+enim+sed+odio+cursus+tincidunt.+Aliquam+erat+volutpat.+Fusce+fermentum+consectetur+bibendum.+Aenean+adipiscing+augue+non+ante+mattis+egestas.+Maecenas+porttitor+egestas+convallis.+Pellentesque+rhoncus+tincidunt+volutpat.+Aliquam+sed+sem+ac+augue+placerat+placerat+nec+sed+neque.%0D%0A%0D%0AMorbi+congue+eleifend+metus+at+pellentesque.+Maecenas+odio+mauris%2C+suscipit+eu+placerat+rutrum%2C+venenatis+ac+libero.+Duis+eleifend%2C+risus+placerat+congue+vestibulum%2C+neque+sem+varius+diam%2C+ultricies+auctor+nisi+massa+et+tellus.+Morbi+neque+odio%2C+suscipit+eleifend+dapibus+eget%2C+sodales+ac+massa.+Nullam+laoreet%2C+libero+sit+amet+ultricies+gravida%2C+neque+sem+eleifend+metus%2C+nec+consectetur+eros+lacus+ac+mauris.+Quisque+sollicitudin+consectetur+ante+non+lacinia.+Sed+quis+dolor+dolor%2C+eu+euismod+turpis.+In+posuere+metus+et+ligula+imperdiet+vitae+placerat+eros+bibendum.+Nullam+tincidunt+tincidunt+nisl+ac+mollis.+Mauris+at+augue+justo.+Nam+ac+vestibulum+justo.+In+id+elit+tortor.+Nunc+feugiat+molestie+orci%2C+in+molestie+elit+bibendum+eu.+Proin+libero+ipsum%2C+consectetur+sit+amet+facilisis+euismod%2C+bibendum+vel+felis.+Aliquam+posuere+quam+non+sapien+placerat+porttitor.%0D%0A%0D%0ANunc+volutpat%2C+arcu+sed+fringilla+blandit%2C+odio+risus+gravida+odio%2C+sollicitudin+tincidunt+lacus+odio+a+lectus.+Morbi+lacus+quam%2C+hendrerit+nec+facilisis+non%2C+luctus+ac+velit.+Lorem+ipsum+dolor+sit+amet%2C+consectetur+adipiscing+elit.+Proin+vitae+quam+orci%2C+quis+pellentesque+nisl.+Nullam+congue+risus+non+nisl+pulvinar+iaculis.+Integer+id+nisl+lorem%2C+eget+egestas+lacus.+Sed+nec+felis+eget+nisl+sagittis+sagittis.+Nunc+eu+laoreet+velit.+Vestibulum+quis+turpis+mi%2C+eget+tempor+ipsum.+Mauris+aliquet+tristique+feugiat.+Nulla+condimentum+bibendum+augue%2C+et+hendrerit+quam+porta+eget.+Etiam+imperdiet+tellus+nisl%2C+non+laoreet+neque.+Integer+sit+amet+pulvinar+lectus.+Cras+aliquam+turpis+at+urna+aliquam+vitae+dignissim+enim+tempor.+In+hac+habitasse+platea+dictumst.+Nulla+facilisi.+Integer+id+metus+orci.+Fusce+posuere+fermentum+scelerisque.+Praesent+non+facilisis+arcu.+Mauris+cursus+sem+sed+est+consequat+et+iaculis+orci+tincidunt.%0D%0A%0D%0ACurabitur+vulputate+faucibus+elit%2C+vitae+euismod+enim+condimentum+quis.+Aenean+pretium+cursus+odio%2C+in+interdum+magna+elementum+eu.+Donec+mi+lacus%2C+pulvinar+at+euismod+id%2C+mattis+sed+mi.+Vivamus+vehicula+dolor+id+arcu+commodo+scelerisque.+Nunc+ante+enim%2C+elementum+eu+sodales+pharetra%2C+placerat+id+orci.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Nam+porttitor+ornare+sapien%2C+sit+amet+ultrices+lorem+viverra+ac.+Nunc+nec+consequat+arcu.+Pellentesque+quis+pharetra+purus.+Vestibulum+consequat+sapien+non+velit+euismod+ultrices.+Donec+ultrices+mattis+metus%2C+id+suscipit+ipsum+tempus+vitae.+Duis+sodales%2C+arcu+et+tempor+molestie%2C+nibh+enim+ornare+dolor%2C+eu+rutrum+sapien+mauris+porttitor+sem.+Cras+at+convallis+dui.+Integer+sed+magna+turpis.+Morbi+congue+dictum+mauris%2C+ut+pellentesque+lorem+rhoncus+sit+amet.+Praesent+venenatis+purus+a+augue+rutrum+scelerisque.+Nulla+vitae+enim+quis+massa+mattis+malesuada+vitae+sed+purus.+Integer+luctus+posuere+arcu%2C+eu+lacinia+nunc+porttitor+vitae.+Curabitur+ullamcorper+consectetur+velit%2C+ut+porttitor+nulla+consequat+at.+Proin+quis+sapien+quis+lorem+venenatis+venenatis+sed+a+ante.%0D%0A%0D%0ANam+elementum+mauris+in+felis+accumsan+dignissim.+Etiam+sit+amet+elit+velit%2C+id+pellentesque+lorem.+Suspendisse+potenti.+Nam+imperdiet+interdum+lacus+et+facilisis.+Mauris+a+erat+leo%2C+posuere+dignissim+ante.+Pellentesque+at+turpis+sit+amet+odio+venenatis+accumsan+ut+in+diam.+Duis+vel+dolor+condimentum+erat+cursus+ornare.+Praesent+tempor+erat+vel+sapien+tempus+tincidunt.+Curabitur+consequat+lectus+lacus.+Suspendisse+ac+lectus+mauris%2C+ut+pharetra+diam.+Nam+massa+eros%2C+tincidunt+sit+amet+rhoncus+quis%2C+tincidunt+id+ipsum.+Aenean+tempus+porta+nibh+volutpat+iaculis.+Nulla+eleifend+laoreet+laoreet.+Aliquam+erat+volutpat.+Praesent+dolor+purus%2C+congue+eu+condimentum+sollicitudin%2C+posuere+ac+purus.+Sed+dolor+augue%2C+pretium+vel+mattis+sit+amet%2C+volutpat+eget+elit.%0D%0A%0D%0AAenean+sed+turpis+ac+odio+varius+bibendum.+Suspendisse+nulla+metus%2C+accumsan+non+euismod+nec%2C+fermentum+id+turpis.+Integer+venenatis+ante+et+odio+viverra+eget+condimentum+ipsum+blandit.+Morbi+convallis+venenatis+massa+ut+varius.+Vivamus+non+massa+sed+augue+pulvinar+porta.+Phasellus+sem+orci%2C+ultricies+et+lobortis+ac%2C+iaculis+non+libero.+Donec+non+magna+sit+amet+dolor+eleifend+pharetra+eu+eu+risus.+Duis+in+nisi+nulla%2C+sed+egestas+diam.+Morbi+at+nisl+metus%2C+in+tincidunt+tellus.+Mauris+a+rutrum+justo.+Proin+ligula+quam%2C+hendrerit+eu+viverra+non%2C+blandit+at+massa.+Praesent+ornare+nisi+et+dolor+vulputate+vel+porttitor+quam+varius.%0D%0A%0D%0ASuspendisse+tempor+pretium+luctus.+Nunc+cursus+sapien+rutrum+dolor+dictum+a+tincidunt+leo+pretium.+Ut+porta%2C+magna+bibendum+cursus+mollis%2C+lorem+augue+rhoncus+metus%2C+in+convallis+diam+elit+rhoncus+ante.+Integer+ut+condimentum+turpis.+Nulla+quis+erat+lectus.+Phasellus+volutpat+pulvinar+convallis.+Donec+quis+ante+sem%2C+ac+elementum+urna.+Suspendisse+ullamcorper+commodo+tortor%2C+a+venenatis+nisl+ullamcorper+a.+Integer+euismod+lobortis+purus%2C+non+fringilla+nunc+aliquam+vitae.+Sed+sit+amet+dolor+dui.+Donec+ultricies+bibendum+condimentum.+Nunc+mi+elit%2C+viverra+vitae+volutpat+blandit%2C+laoreet+id+diam.%0D%0A%0D%0AAenean+at+venenatis+nisi.+Morbi+vulputate+elit+sit+amet+felis+placerat+nec+bibendum+erat+aliquam.+Nullam+dignissim+nulla+sit+amet+tortor+dictum+pulvinar+ut+at+massa.+Sed+a+feugiat+nisi.+Quisque+ultricies+egestas+dui%2C+imperdiet+accumsan+leo+rhoncus+eget.+Mauris+molestie+diam+eget+nulla+sollicitudin+ut+lobortis+purus+rhoncus.+Aenean+ut+ligula+et+lacus+iaculis+ullamcorper.+Mauris+non+felis+sed+massa+imperdiet+mollis.+Proin+tristique+lorem+id+sem+placerat+ac+egestas+ipsum+vestibulum.+Maecenas+enim+nisl%2C+sollicitudin+quis+consequat+eu%2C+mollis+quis+ipsum.+Proin+leo+mauris%2C+pulvinar+sit+amet+vestibulum+ac%2C+pulvinar+ac+quam.%0D%0A%0D%0AFusce+sem+odio%2C+pretium+non+bibendum+nec%2C+suscipit+nec+tortor.+Donec+elit+odio%2C+sollicitudin+vitae+pretium+in%2C+ultricies+sit+amet+turpis.+Curabitur+at+justo+nunc.+Sed+in+consectetur+magna.+Cras+imperdiet+felis+a+turpis+ultricies+blandit.+In+aliquam+dictum+ante+eget+vehicula.+Aliquam+erat+volutpat.+Nulla+interdum+purus+dolor.+Nullam+convallis+hendrerit+commodo.+Donec+consectetur+nulla+ac+ligula+suscipit+dignissim.+Pellentesque+eget+mauris+nec+orci+pharetra+tempus+at+eu+quam.+Phasellus+neque+massa%2C+convallis+sed+interdum+et%2C+iaculis+vel+tellus.%0D%0A%0D%0ADonec+tincidunt+nulla+sed+orci+tempor+eget+pretium+magna+ultrices.+Fusce+vestibulum+lacus+vel+ante+hendrerit+fringilla.+Donec+risus+felis%2C+varius+sit+amet+semper+a%2C+porttitor+at+metus.+Curabitur+dui+nulla%2C+convallis+in+posuere+eget%2C+iaculis+non+arcu.+In+facilisis+erat+vitae+ligula+rhoncus+eget+mollis+nibh+tempor.+Nunc+posuere+pretium+lacinia.+Sed+condimentum+bibendum+fringilla.+Donec+sit+amet+purus+id+odio+venenatis+pulvinar.+Nam+vitae+risus+sed+libero+luctus+blandit.+In+eget+massa+sit+amet+mi+tempor+semper+in+quis+nisi.+Fusce+nec+semper+ligula.+Aliquam+a+orci+id+lectus+adipiscing+bibendum+eget+non+nulla.+Morbi+vitae+ornare+lorem.+Nunc+faucibus%2C+enim+vel+vehicula+faucibus%2C+ligula+nibh+interdum+ipsum%2C+ut+eleifend+nisl+dolor+nec+nisi.%0D%0A%0D%0AIn+et+venenatis+ligula.+Quisque+pulvinar%2C+tellus+sed+molestie+vulputate%2C+lacus+odio+ultrices+lorem%2C+a+ornare+tortor+sapien+ac+sem.+Vestibulum+nibh+enim%2C+auctor+at+condimentum+ut%2C+tincidunt+at+orci.+Phasellus+placerat+sem+id+purus+consequat+non+venenatis+dui+consequat.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Vivamus+aliquam+rutrum+diam+at+rutrum.+Vivamus+a+nunc+eros.+Donec+aliquam+turpis+facilisis+lorem+aliquam+sit+amet+euismod+augue+lacinia.+Duis+ligula+orci%2C+dictum+sed+venenatis+vitae%2C+elementum+scelerisque+neque.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Curabitur+imperdiet+tincidunt+auctor.+Integer+ut+tellus+sed+justo+blandit+congue+sit+amet+malesuada+diam.+Aenean+egestas+congue+augue+ac+mattis.+Nam+vestibulum+dapibus+mattis.+Morbi+elit+metus%2C+sagittis+quis+faucibus+sit+amet%2C+varius+in+elit.+Maecenas+eu+ante+et+arcu+sagittis+sodales+at+in+volutpat.%3C%2Fsl%3AXMLContent%3E%0D%0A++++%3C%2Fsl%3ADataObject%3E%0D%0A+++%3Csl%3ATransformsInfo%3E%0D%0A+++++%3Csl%3AFinalDataMetaInfo%3E%0D%0A++++++%3Csl%3AMimeType%3Etext%2Fplain%3C%2Fsl%3AMimeType%3E%0D%0A++++++%3C%2Fsl%3AFinalDataMetaInfo%3E%0D%0A+++%3C%2Fsl%3ATransformsInfo%3E%0D%0A+%3C%2Fsl%3ADataObjectInfo%3E%0D%0A%3C%2Fsl%3ACreateXMLSignatureRequest%3E \ No newline at end of file diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded2.txt b/bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded2.txt new file mode 100644 index 00000000..de63c03c --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/binding/XWWWFormUrlEncoded2.txt @@ -0,0 +1 @@ +XMLRequest=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0D%0A%3Csl%3ACreateXMLSignatureRequest+%0D%0A++xmlns%3Asl%3D%22http%3A%2F%2Fwww.buergerkarte.at%2Fnamespaces%2Fsecuritylayer%2F1.2%23%22%3E%0D%0A%3Csl%3AKeyboxIdentifier%3ESecureSignatureKeypair%3C%2Fsl%3AKeyboxIdentifier%3E%0D%0A++%3Csl%3ADataObjectInfo+Structure%3D%22enveloping%22%3E%0D%0A++++%3Csl%3ADataObject%3E%0D%0A++++++%3Csl%3AXMLContent%3ELorem+ipsum+dolor+sit+amet%2C+consectetur+adipiscing+elit.+Pellentesque+sed+dui+sed+enim+lobortis+ullamcorper+eu+sit+amet+libero.+Cras+mi+dolor%2C+ultrices+quis+tincidunt+non%2C+imperdiet+in+orci.+Nulla+placerat+sodales+nibh+sit+amet+ornare.+Suspendisse+potenti.+Duis+ultricies+metus+tortor%2C+id+mattis+nulla.+Proin+cursus+commodo+aliquet.+In+posuere%2C+lorem+sit+amet+egestas+consequat%2C+diam+ligula+accumsan+dui%2C+non+placerat+diam+nisl+id+tortor.+Aliquam+blandit+viverra+tellus%2C+vel+facilisis+eros+fermentum+ultrices.+Nullam+sodales+mattis+vulputate.+Suspendisse+luctus+dapibus+odio%2C+tincidunt+tempus+dui+sollicitudin+sed.%0D%0A%0D%0AMauris+auctor%2C+est+non+mattis+consequat%2C+ante+sem+tristique+sem%2C+eget+porttitor+nisl+magna+consectetur+tortor.+Sed+semper+diam+nec+leo+fermentum+dictum.+Suspendisse+sed+ipsum+orci.+Phasellus+rhoncus+odio+sed+lorem+rhoncus+et+tincidunt+mi+semper.+Etiam+accumsan+aliquam+augue%2C+id+aliquet+dui+lacinia+non.+Suspendisse+non+purus+a+turpis+imperdiet+vestibulum+id+in+nisi.+Sed+quis+leo+nec+massa+rhoncus+pharetra+ac+non+ipsum.+Proin+tristique+est+eget+dolor+euismod+vitae+rhoncus+metus+molestie.+Duis+volutpat+leo+libero%2C+molestie+fermentum+turpis.+Praesent+interdum+tellus+mattis+lorem+mollis+sit+amet+elementum+risus+cursus.+Nam+erat+nulla%2C+mollis+sit+amet+rutrum+ut%2C+pharetra+gravida+ligula.+In+hac+habitasse+platea+dictumst.+Maecenas+non+massa+ac+ipsum+eleifend+tempor.+Ut+sed+diam+nisi%2C+in+volutpat+libero.+Duis+vehicula+purus+eu+risus+ultricies+rutrum.+Duis+risus+mi%2C+aliquam+nec+venenatis+vel%2C+scelerisque+eget+eros.+Pellentesque+mollis+aliquet+nibh%2C+et+hendrerit+tortor+lobortis+sed.%0D%0A%0D%0AAenean+odio+sem%2C+pretium+eget+sagittis+sed%2C+rhoncus+a+nisi.+Nulla+cursus+diam+sit+amet+massa+iaculis+ultricies.+Aenean+odio+lorem%2C+bibendum+vitae+consequat+vel%2C+luctus+id+diam.+Proin+congue%2C+dui+non+eleifend+interdum%2C+lorem+lorem+semper+ligula%2C+in+condimentum+orci+enim+eget+tellus.+Aliquam+erat+volutpat.+Quisque+porttitor+volutpat+elit%2C+quis+ultricies+elit+imperdiet+at.+Donec+dictum+ultricies+ligula.+Aliquam+in+condimentum+quam.+Ut+placerat+suscipit+dolor%2C+a+aliquet+arcu+suscipit+ut.+Suspendisse+et+arcu+id+quam+vehicula+ultrices.+Duis+erat+leo%2C+tempor+vel+aliquet+eu%2C+feugiat+eget+erat.+Nulla+facilisi.+Nulla+sed+lorem+sapien.+Aliquam+ullamcorper+dui+sed+nisl+sollicitudin+tempus.+Donec+ipsum+quam%2C+placerat+at+tincidunt+et%2C+condimentum+sit+amet+sapien.+In+luctus+ullamcorper+molestie.+Cras+non+augue+elit.+Ut+cursus+volutpat+augue%2C+sed+condimentum+est+mollis+vitae.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Donec+consectetur+lacus+quis+turpis+semper+elementum+vitae+eleifend+dui.%0D%0A%0D%0APraesent+sed+libero+metus.+Nulla+est+nulla%2C+condimentum+non+volutpat+nec%2C+elementum+at+nisi.+Vivamus+posuere+dignissim+ultricies.+Fusce+massa+velit%2C+dignissim+quis+vehicula+in%2C+consequat+at+purus.+Duis+accumsan+lacinia+mattis.+Aliquam+eget+felis+eget+odio+viverra+ornare+ut+non+orci.+Vivamus+porta%2C+magna+sit+amet+ornare+lacinia%2C+sem+erat+porta+lectus%2C+at+porttitor+nisl+nisl+tincidunt+nisi.+Pellentesque+ornare+massa+ac+urna+feugiat+dignissim.+Ut+at+metus+nunc%2C+sit+amet+vulputate+arcu.+In+hac+habitasse+platea+dictumst.+Suspendisse+eget+elit+nec+erat+iaculis+accumsan+ac+nec+velit.+Aliquam+erat+volutpat.+Proin+id+nibh+odio.+Cras+ullamcorper%2C+dolor+a+rutrum+pharetra%2C+turpis+ligula+adipiscing+nisl%2C+a+tristique+tortor+lorem+in+dolor.+Proin+ac+ligula+felis%2C+et+malesuada+orci.+Aliquam+erat+volutpat.+Phasellus+faucibus+ipsum+quis+libero+posuere+vitae+accumsan+enim+mollis.+Cras+metus+odio%2C+eleifend+sed+suscipit+at%2C+gravida+quis+diam.%0D%0A%0D%0AEtiam+lorem+turpis%2C+consequat+sit+amet+vestibulum+faucibus%2C+accumsan+in+libero.+Nam+ornare+laoreet+placerat.+Nam+pellentesque+lectus+at+urna+tincidunt+facilisis.+Suspendisse+a+libero+in+arcu+eleifend+semper+vitae+sed+tortor.+Curabitur+ac+magna+a+eros+blandit+eleifend+vel+in+tortor.+Morbi+pretium+ullamcorper+ligula+rutrum+porta.+Pellentesque+vitae+viverra+erat.+Quisque+neque+orci%2C+condimentum+id+tempus+in%2C+porttitor+nec+nibh.+Donec+a+odio+a+lectus+dapibus+fermentum+a+sit+amet+sem.+Cras+risus+dolor%2C+ultricies+eget+suscipit+nec%2C+tempus+eget+justo.+Aenean+suscipit+fermentum+nisl%2C+vel+sodales+elit+euismod+ac.+In+non+laoreet+mi.+Morbi+aliquet+quam+id+nunc+aliquet+facilisis.+Nulla+elementum+fringilla+eleifend.+Sed+tristique+nunc+eget+turpis+ullamcorper+varius.+Pellentesque+non+diam+nec+lorem+mollis+vulputate.+In+hac+habitasse+platea+dictumst.+Aenean+pellentesque+leo+ac+augue+molestie+non+varius+nibh+consectetur.+Donec+quis+dui+eget+tortor+pharetra+convallis+vel+quis+orci.+Nulla+at+odio+nisi%2C+sit+amet+luctus+diam.%0D%0A%0D%0ANam+nisl+nibh%2C+faucibus+eu+aliquet+non%2C+elementum+vitae+quam.+Etiam+massa+massa%2C+gravida+ut+pharetra+non%2C+mollis+in+augue.+Integer+urna+quam%2C+tincidunt+et+lacinia+et%2C+vehicula+sit+amet+justo.+Nulla+dui+dui%2C+semper+eget+adipiscing+rutrum%2C+dignissim+a+mi.+Cras+sit+amet+mauris+ac+neque+pretium+ultricies+sit+amet+non+elit.+Praesent+viverra+vehicula+orci+ut+congue.+Quisque+fermentum+neque+eu+turpis+scelerisque+sit+amet+luctus+erat+imperdiet.+Nulla+volutpat+quam+ut+ante+eleifend+in+tempus+diam+laoreet.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Proin+et+lacus+ligula%2C+eget+fermentum+urna.+Ut+quis+urna+ac+nibh+molestie+sollicitudin.+Morbi+interdum+arcu+mauris.%0D%0A%0D%0ASed+posuere%2C+eros+eu+tempus+tempus%2C+nulla+felis+ultrices+tortor%2C+vel+fermentum+nunc+lectus+a+nisi.+Duis+enim+nisl%2C+facilisis+sit+amet+ullamcorper+nec%2C+imperdiet+vulputate+massa.+Nam+semper+aliquet+nunc%2C+vitae+malesuada+turpis+congue+a.+Proin+dolor+eros%2C+sollicitudin+eget+gravida+id%2C+adipiscing+a+risus.+Praesent+sed+mauris+ut+diam+mollis+tempus.+Curabitur+pulvinar+tortor+non+sapien+interdum+in+aliquet+metus+dignissim.+Aliquam+ut+orci+id+nunc+elementum+dapibus+non+ac+odio.+Etiam+nibh+ligula%2C+varius+sed+congue+et%2C+euismod+ac+dui.+Suspendisse+sit+amet+malesuada+ligula.+Aliquam+tempus+nunc+et+massa+mattis+iaculis.%0D%0A%0D%0ADonec+sit+amet+tincidunt+elit.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Aenean+id+ante+ligula.+Fusce+at+libero+sed+nisl+luctus+sagittis.+Vivamus+sodales+nibh+eros%2C+at+pulvinar+neque.+Lorem+ipsum+dolor+sit+amet%2C+consectetur+adipiscing+elit.+Proin+augue+libero%2C+euismod+nec+semper+quis%2C+sollicitudin+ut+nulla.+Suspendisse+egestas+sapien+et+ante+interdum+ac+sollicitudin+arcu+malesuada.+Nulla+posuere+pretium+felis+id+ultricies.+Curabitur+nec+porttitor+lectus.%0D%0A%0D%0ANam+consectetur+tempor+sapien.+Nam+lobortis+porttitor+bibendum.+Maecenas+ac+enim+at+magna+tempor+imperdiet.+Donec+sed+ligula+ligula.+Morbi+et+orci+tortor.+Nulla+egestas+enim+vitae+libero+tincidunt+quis+rhoncus+quam+aliquam.+Etiam+non+justo+orci%2C+sit+amet+aliquam+eros.+Proin+vestibulum+leo+convallis+velit+tincidunt+nec+egestas+odio+lacinia.+Quisque+pellentesque+tempus+nisl%2C+ut+porta+tellus+aliquet+in.+Vestibulum+mollis+dapibus+velit+non+egestas.+Proin+vel+viverra+sapien.+Aliquam+erat+volutpat.+Curabitur+enim+eros%2C+aliquam+nec+dictum+eu%2C+fermentum+quis+nibh.+Donec+eget+enim+in+velit+viverra+scelerisque+sit+amet+in+lectus.+Etiam+sit+amet+orci+nisi.+Maecenas+ullamcorper%2C+nibh+quis+eleifend+euismod%2C+enim+turpis+pretium+nibh%2C+nec+venenatis+velit+risus+eu+tellus.%0D%0A%0D%0APraesent+elementum+mattis+placerat.+Curabitur+at+interdum+nibh.+Quisque+ullamcorper+eleifend+nunc+a+mollis.+Cras+ut+nulla+risus%2C+et+suscipit+risus.+Aenean+erat+diam%2C+facilisis+at+placerat+id%2C+placerat+sed+est.+Ut+nibh+libero%2C+varius+eget+suscipit+sed%2C+ultrices+eget+nisl.+Aenean+dignissim+enim+eget+dui+malesuada+et+consectetur+lorem+ullamcorper.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Donec+at+nisl+ut+eros+facilisis+congue+nec+at+dui.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B+Proin+in+sem+nulla.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Integer+facilisis%2C+odio+vel+euismod+pretium%2C+libero+lorem+elementum+lorem%2C+at+accumsan+nisl+est+sed+nibh.+Etiam+blandit+diam+sed+tortor+molestie+at+rutrum+neque+viverra.%0D%0A%0D%0AUt+ultricies+pharetra+velit%2C+a+viverra+metus+elementum+vel.+Pellentesque+vitae+interdum+lorem.+Nam+tincidunt+nibh+eu+neque+rutrum+vehicula.+Vestibulum+vitae+arcu+vel+ante+commodo+blandit.+Sed+placerat+lobortis+nisi%2C+et+hendrerit+justo+ultrices+aliquam.+Suspendisse+eget+risus+vel+sapien+hendrerit+dignissim.+Sed+interdum+pellentesque+varius.+Nam+scelerisque%2C+mauris+ut+cursus+hendrerit%2C+purus+felis+rutrum+ante%2C+in+convallis+velit+urna+ornare+nisi.+Vestibulum+et+sapien+quis+justo+pretium+interdum.+Praesent+volutpat%2C+nisi+at+hendrerit+aliquet%2C+elit+libero+tincidunt+purus%2C+egestas+viverra+risus+magna+quis+risus.%0D%0A%0D%0ADonec+id+justo+sem.+Aenean+facilisis+pulvinar+est+ut+auctor.+Morbi+tincidunt+mollis+adipiscing.+Sed+pulvinar+lorem+neque.+Duis+eros+felis%2C+ultricies+eget+ultrices+ut%2C+dignissim+vitae+arcu.+Proin+quis+quam+mi.+Nunc+sagittis+ultricies+nibh%2C+eu+porttitor+urna+eleifend+in.+Sed+eget+lorem+eros.+Duis+non+tincidunt+sapien.+Vivamus+blandit+facilisis+ante.+Quisque+lectus+neque%2C+varius+vel+fringilla+eget%2C+vulputate+non+libero.%0D%0A%0D%0AClass+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Aenean+varius+congue+ultrices.+Phasellus+suscipit+vulputate+tristique.+Donec+nec+libero+vel+diam+sagittis+dignissim.+Donec+sed+dui+at+augue+sollicitudin+tristique+sollicitudin+in+nulla.+Nullam+id+magna+enim.+Etiam+convallis+mollis+urna+a+malesuada.+Duis+ac+iaculis+tellus.+Donec+scelerisque+eleifend+elit+ut+ornare.+Cras+vitae+sem+augue%2C+quis+lacinia+elit.+Pellentesque+sit+amet+nunc+metus%2C+luctus+lobortis+erat.+Nulla+lacus+lorem%2C+pharetra+ac+consectetur+at%2C+mattis+id+arcu.%0D%0A%0D%0ANunc+mi+est%2C+pharetra+vel+mattis+sit+amet%2C+faucibus+ut+tortor.+Morbi+ut+ante+eget+purus+gravida+dictum+in+sit+amet+ligula.+Aliquam+malesuada+metus+quis+nunc+placerat+lobortis.+Nulla+venenatis+vehicula+lacus%2C+sed+vestibulum+nibh+egestas+ornare.+Sed+a+lorem+nulla.+Donec+malesuada+dolor+congue+est+condimentum+eu+tincidunt+orci+ullamcorper.+Nam+porttitor+fermentum+purus+nec+molestie.+Nunc+porttitor+tincidunt+lobortis.+Nullam+vulputate+imperdiet+neque%2C+et+consectetur+lectus+molestie+vitae.+Nulla+facilisi.%0D%0A%0D%0APhasellus+laoreet+auctor+elit%2C+ac+sagittis+mi+tincidunt+eu.+Nunc+cursus+ipsum+eget+nulla+molestie+sollicitudin.+Vivamus+sapien+orci%2C+cursus+ut+fringilla+sed%2C+suscipit+id+libero.+Proin+convallis+lectus+et+mauris+suscipit+aliquet+non+quis+urna.+Donec+sit+amet+consequat+metus.+Praesent+lacus+ligula%2C+interdum+quis+rutrum+ut%2C+sodales+in+neque.+Donec+sed+nisi+nibh%2C+aliquet+volutpat+est.+Curabitur+volutpat+nunc+ante.+Nullam+pharetra+enim+at+eros+pulvinar+in+tincidunt+augue+interdum.+Maecenas+mi+quam%2C+placerat+nec+mollis+nec%2C+iaculis+eu+lorem.+Suspendisse+potenti.+Aenean+eu+neque+sit+amet+sapien+pulvinar+pretium.+Etiam+augue+quam%2C+malesuada+non+pretium+at%2C+feugiat+sit+amet+tortor.%0D%0A%0D%0ADonec+a+dui+in+augue+lacinia+pellentesque.+Praesent+vitae+tortor+sit+amet+velit+posuere+accumsan.+Phasellus+et+augue+ac+mauris+porttitor+tempus.+Pellentesque+non+odio+quis+nulla+dictum+facilisis.+Donec+blandit+odio+quam.+Mauris+quam+nunc%2C+semper+semper+posuere+eu%2C+pharetra+sed+diam.+Donec+tincidunt+ultrices+cursus.+Sed+venenatis+rhoncus+nisl%2C+nec+tempus+augue+imperdiet+non.+Nulla+facilisi.+Sed+rutrum+accumsan+velit+sit+amet+placerat.+Sed+rhoncus+quam+nec+enim+feugiat+ultricies.+Sed+et+lorem+elit.+Integer+semper+aliquam+nibh%2C+non+lobortis+lorem+fringilla+a.+Suspendisse+potenti.+Suspendisse+suscipit+est+mattis+massa+imperdiet+lacinia.+Integer+interdum+nisl+a+neque+posuere+porta.+Ut+eget+velit+ut+leo+elementum+vulputate.+Maecenas+congue+dignissim+bibendum.%0D%0A%0D%0ACurabitur+sed+cursus+nunc.+Pellentesque+aliquet+odio+et+augue+cursus+lacinia.+Nullam+molestie%2C+lorem+nec+gravida+aliquet%2C+augue+diam+vestibulum+tellus%2C+vitae+gravida+eros+ante+consequat+metus.+Donec+tempor+rhoncus+interdum.+Proin+laoreet+pretium+placerat.+Mauris+id+eros+eget+nisl+cursus+consequat+et+id+mauris.+Cras+non+nulla+a+tellus+sodales+eleifend+nec+quis+augue.+Class+aptent+taciti+sociosqu+ad+litora+torquent+per+conubia+nostra%2C+per+inceptos+himenaeos.+Nunc+blandit+est+nec+dolor+facilisis+eget+placerat+libero+imperdiet.+Cras+ultricies+mollis+nulla%2C+ut+ullamcorper+neque+bibendum+a.+Fusce+ullamcorper+orci+vitae+metus+auctor+tempor.+In+sit+amet+tellus+sed+libero+sagittis+consequat.+Aenean+posuere+nisi+id+sapien+tristique+a+malesuada+lorem+fermentum.+Quisque+pretium+malesuada+fermentum.+Sed+ut+nunc+ac+risus+consectetur+consequat+a+quis+dolor.+Cras+sit+amet+leo+felis.%0D%0A%0D%0ASed+vitae+justo+dolor%2C+eu+adipiscing+nibh.+Aliquam+ut+ultrices+ligula.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Ut+sed+porttitor+felis.+Etiam+lectus+dolor%2C+egestas+id+scelerisque+vitae%2C+tristique+sed+justo.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Suspendisse+eu+quam+vel+lorem+sollicitudin+mattis.+Nulla+dictum+consequat+convallis.+Morbi+convallis+ligula+ac+sem+pellentesque+consequat.+Nam+et+est+nec+diam+eleifend+blandit+at+ac+metus.+Duis+rutrum+elementum+consequat.+Sed+semper+accumsan+pharetra.+Suspendisse+volutpat+nisi+hendrerit+justo+tincidunt+tempus.+Ut+venenatis+tincidunt+pretium.+Phasellus+porta+diam+in+purus+pulvinar+et+iaculis+massa+mollis.+Nulla+facilisi.+Vivamus+justo+felis%2C+euismod+vel+volutpat+vel%2C+euismod+at+orci.+Morbi+cursus%2C+massa+nec+ornare+consequat%2C+quam+leo+laoreet+lectus%2C+non+placerat+tortor+enim+eu+tellus.+Sed+ut+purus+nibh%2C+eget+dictum+purus.%0D%0A%0D%0ADonec+nisl+est%2C+pretium+sit+amet+faucibus+id%2C+vestibulum+et+nisl.+Morbi+egestas+pulvinar+sollicitudin.+Duis+tincidunt+enim+id+nulla+commodo+nec+lobortis+lacus+tristique.+Mauris+iaculis+mattis+turpis+non+molestie.+Quisque+non+ante+sed+orci+dictum+egestas.+In+ac+enim+at+dolor+posuere+laoreet.+Morbi+tortor+libero%2C+iaculis+nec+rhoncus+id%2C+laoreet+at+elit.+Cras+orci+dui%2C+interdum+at+lacinia+non%2C+venenatis+a+elit.+Etiam+suscipit+massa+in+ante+auctor+faucibus.+Praesent+non+quam+a+diam+viverra+gravida+sit+amet+eu+eros.+Quisque+sit+amet+suscipit+turpis.%0D%0A%0D%0APhasellus+non+tellus+purus%2C+sed+tempor+elit.+Cras+rutrum+condimentum+congue.+Sed+nec+felis+nibh.+Nam+condimentum+nisi+et+nulla+eleifend+in+imperdiet+velit+imperdiet.+Cras+ut+leo+sed+lectus+interdum+vehicula+quis+in+erat.+Nulla+et+semper+risus.+Cras+velit+sem%2C+sagittis+sit+amet+scelerisque+ut%2C+cursus+vitae+quam.+Maecenas+neque+dui%2C+dictum+non+porttitor+sed%2C+adipiscing+at+massa.+Phasellus+pulvinar+dui+ut+turpis+sagittis+et+imperdiet+nisl+porttitor.+Curabitur+porttitor+velit+in+justo+luctus+vel+placerat+est+tristique.+Maecenas+non+nisi+eget+est+feugiat+blandit.+Proin+eget+dui+lorem.+Aenean+id+sem+non+velit+commodo+sagittis+eget+in+quam.+Mauris+vitae+diam+quam%2C+et+mattis+turpis.+Integer+a+fringilla+erat.+Nunc+ligula+enim%2C+varius+eget+varius+non%2C+consectetur+sit+amet+nibh.+In+interdum+justo+sollicitudin+ipsum+pulvinar+ornare.+Aenean+et+gravida+nunc.+Fusce+in+ipsum+quis+lectus+commodo+laoreet+eu+eget+lorem.%0D%0A%0D%0APhasellus+dui+justo%2C+pulvinar+scelerisque+consectetur+nec%2C+mollis+vitae+metus.+Integer+id+tortor+nec+dui+rhoncus+vulputate+sed+id+tellus.+Nulla+sodales+suscipit+dolor%2C+vitae+pharetra+lacus+sagittis+ullamcorper.+Aenean+convallis+dapibus+sapien%2C+eget+interdum+tellus+accumsan+eget.+Nulla+at+purus+vel+nulla+auctor+fermentum+sed+aliquet+odio.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Pellentesque+laoreet%2C+nunc+vitae+venenatis+viverra%2C+velit+purus+aliquam+neque%2C+vitae+luctus+risus+magna+a+ante.+Proin+et+lectus+odio%2C+id+pulvinar+sapien.+Maecenas+vulputate+gravida+laoreet.+Sed+ut+nisl+vel+risus+malesuada+auctor.+Aenean+viverra+fermentum+sem+nec+sodales.+Etiam+eget+arcu+nibh.+Sed+eget+euismod+massa.+Sed+feugiat+nibh+aliquam+odio+lobortis+vehicula.+Duis+vulputate+mattis+enim+at+semper.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Aenean+laoreet+ultricies+neque.+Vestibulum+ante+ipsum+primis+in+faucibus+orci+luctus+et+ultrices+posuere+cubilia+Curae%3B%0D%0A%0D%0ACras+condimentum+magna+nec+mauris+viverra+eu+vulputate+nunc+feugiat.+Proin+lobortis+ultrices+mauris.+Sed+euismod%2C+nunc+et+ullamcorper+tincidunt%2C+eros+lectus+egestas+lectus%2C+eget+aliquam+elit+augue+in+eros.+Aenean+in+lorem+sed+tellus+porta+convallis.+Phasellus+sem+nunc%2C+facilisis+vel+luctus+ut%2C+mattis+vel+risus.+Donec+quis+feugiat+nulla.+Donec+eleifend+tempor+sodales.+Sed+mattis+congue+orci+non+tincidunt.+Fusce+massa+nisi%2C+pretium+ac+consequat+non%2C+sagittis+et+justo.+Phasellus+est+velit%2C+placerat+quis+posuere+et%2C+pellentesque+at+est.+Etiam+quis+lacus+a+nibh+eleifend+adipiscing.+Sed+vel+leo+arcu.+Fusce+porta+fringilla+felis+in+blandit.%0D%0A%0D%0ADonec+pretium%2C+eros+eget+auctor+elementum%2C+neque+tortor+placerat+urna%2C+id+dapibus+magna+lacus+sed+elit.+Quisque+auctor+molestie+turpis+et+mollis.+Nam+ipsum+metus%2C+lacinia+et+blandit+a%2C+egestas+aliquam+quam.+Suspendisse+potenti.+Morbi+tempus+lorem+eget+nibh+ultricies+congue.+Maecenas+in+enim+sed+odio+cursus+tincidunt.+Aliquam+erat+volutpat.+Fusce+fermentum+consectetur+bibendum.+Aenean+adipiscing+augue+non+ante+mattis+egestas.+Maecenas+porttitor+egestas+convallis.+Pellentesque+rhoncus+tincidunt+volutpat.+Aliquam+sed+sem+ac+augue+placerat+placerat+nec+sed+neque.%0D%0A%0D%0AMorbi+congue+eleifend+metus+at+pellentesque.+Maecenas+odio+mauris%2C+suscipit+eu+placerat+rutrum%2C+venenatis+ac+libero.+Duis+eleifend%2C+risus+placerat+congue+vestibulum%2C+neque+sem+varius+diam%2C+ultricies+auctor+nisi+massa+et+tellus.+Morbi+neque+odio%2C+suscipit+eleifend+dapibus+eget%2C+sodales+ac+massa.+Nullam+laoreet%2C+libero+sit+amet+ultricies+gravida%2C+neque+sem+eleifend+metus%2C+nec+consectetur+eros+lacus+ac+mauris.+Quisque+sollicitudin+consectetur+ante+non+lacinia.+Sed+quis+dolor+dolor%2C+eu+euismod+turpis.+In+posuere+metus+et+ligula+imperdiet+vitae+placerat+eros+bibendum.+Nullam+tincidunt+tincidunt+nisl+ac+mollis.+Mauris+at+augue+justo.+Nam+ac+vestibulum+justo.+In+id+elit+tortor.+Nunc+feugiat+molestie+orci%2C+in+molestie+elit+bibendum+eu.+Proin+libero+ipsum%2C+consectetur+sit+amet+facilisis+euismod%2C+bibendum+vel+felis.+Aliquam+posuere+quam+non+sapien+placerat+porttitor.%0D%0A%0D%0ANunc+volutpat%2C+arcu+sed+fringilla+blandit%2C+odio+risus+gravida+odio%2C+sollicitudin+tincidunt+lacus+odio+a+lectus.+Morbi+lacus+quam%2C+hendrerit+nec+facilisis+non%2C+luctus+ac+velit.+Lorem+ipsum+dolor+sit+amet%2C+consectetur+adipiscing+elit.+Proin+vitae+quam+orci%2C+quis+pellentesque+nisl.+Nullam+congue+risus+non+nisl+pulvinar+iaculis.+Integer+id+nisl+lorem%2C+eget+egestas+lacus.+Sed+nec+felis+eget+nisl+sagittis+sagittis.+Nunc+eu+laoreet+velit.+Vestibulum+quis+turpis+mi%2C+eget+tempor+ipsum.+Mauris+aliquet+tristique+feugiat.+Nulla+condimentum+bibendum+augue%2C+et+hendrerit+quam+porta+eget.+Etiam+imperdiet+tellus+nisl%2C+non+laoreet+neque.+Integer+sit+amet+pulvinar+lectus.+Cras+aliquam+turpis+at+urna+aliquam+vitae+dignissim+enim+tempor.+In+hac+habitasse+platea+dictumst.+Nulla+facilisi.+Integer+id+metus+orci.+Fusce+posuere+fermentum+scelerisque.+Praesent+non+facilisis+arcu.+Mauris+cursus+sem+sed+est+consequat+et+iaculis+orci+tincidunt.%0D%0A%0D%0ACurabitur+vulputate+faucibus+elit%2C+vitae+euismod+enim+condimentum+quis.+Aenean+pretium+cursus+odio%2C+in+interdum+magna+elementum+eu.+Donec+mi+lacus%2C+pulvinar+at+euismod+id%2C+mattis+sed+mi.+Vivamus+vehicula+dolor+id+arcu+commodo+scelerisque.+Nunc+ante+enim%2C+elementum+eu+sodales+pharetra%2C+placerat+id+orci.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Nam+porttitor+ornare+sapien%2C+sit+amet+ultrices+lorem+viverra+ac.+Nunc+nec+consequat+arcu.+Pellentesque+quis+pharetra+purus.+Vestibulum+consequat+sapien+non+velit+euismod+ultrices.+Donec+ultrices+mattis+metus%2C+id+suscipit+ipsum+tempus+vitae.+Duis+sodales%2C+arcu+et+tempor+molestie%2C+nibh+enim+ornare+dolor%2C+eu+rutrum+sapien+mauris+porttitor+sem.+Cras+at+convallis+dui.+Integer+sed+magna+turpis.+Morbi+congue+dictum+mauris%2C+ut+pellentesque+lorem+rhoncus+sit+amet.+Praesent+venenatis+purus+a+augue+rutrum+scelerisque.+Nulla+vitae+enim+quis+massa+mattis+malesuada+vitae+sed+purus.+Integer+luctus+posuere+arcu%2C+eu+lacinia+nunc+porttitor+vitae.+Curabitur+ullamcorper+consectetur+velit%2C+ut+porttitor+nulla+consequat+at.+Proin+quis+sapien+quis+lorem+venenatis+venenatis+sed+a+ante.%0D%0A%0D%0ANam+elementum+mauris+in+felis+accumsan+dignissim.+Etiam+sit+amet+elit+velit%2C+id+pellentesque+lorem.+Suspendisse+potenti.+Nam+imperdiet+interdum+lacus+et+facilisis.+Mauris+a+erat+leo%2C+posuere+dignissim+ante.+Pellentesque+at+turpis+sit+amet+odio+venenatis+accumsan+ut+in+diam.+Duis+vel+dolor+condimentum+erat+cursus+ornare.+Praesent+tempor+erat+vel+sapien+tempus+tincidunt.+Curabitur+consequat+lectus+lacus.+Suspendisse+ac+lectus+mauris%2C+ut+pharetra+diam.+Nam+massa+eros%2C+tincidunt+sit+amet+rhoncus+quis%2C+tincidunt+id+ipsum.+Aenean+tempus+porta+nibh+volutpat+iaculis.+Nulla+eleifend+laoreet+laoreet.+Aliquam+erat+volutpat.+Praesent+dolor+purus%2C+congue+eu+condimentum+sollicitudin%2C+posuere+ac+purus.+Sed+dolor+augue%2C+pretium+vel+mattis+sit+amet%2C+volutpat+eget+elit.%0D%0A%0D%0AAenean+sed+turpis+ac+odio+varius+bibendum.+Suspendisse+nulla+metus%2C+accumsan+non+euismod+nec%2C+fermentum+id+turpis.+Integer+venenatis+ante+et+odio+viverra+eget+condimentum+ipsum+blandit.+Morbi+convallis+venenatis+massa+ut+varius.+Vivamus+non+massa+sed+augue+pulvinar+porta.+Phasellus+sem+orci%2C+ultricies+et+lobortis+ac%2C+iaculis+non+libero.+Donec+non+magna+sit+amet+dolor+eleifend+pharetra+eu+eu+risus.+Duis+in+nisi+nulla%2C+sed+egestas+diam.+Morbi+at+nisl+metus%2C+in+tincidunt+tellus.+Mauris+a+rutrum+justo.+Proin+ligula+quam%2C+hendrerit+eu+viverra+non%2C+blandit+at+massa.+Praesent+ornare+nisi+et+dolor+vulputate+vel+porttitor+quam+varius.%0D%0A%0D%0ASuspendisse+tempor+pretium+luctus.+Nunc+cursus+sapien+rutrum+dolor+dictum+a+tincidunt+leo+pretium.+Ut+porta%2C+magna+bibendum+cursus+mollis%2C+lorem+augue+rhoncus+metus%2C+in+convallis+diam+elit+rhoncus+ante.+Integer+ut+condimentum+turpis.+Nulla+quis+erat+lectus.+Phasellus+volutpat+pulvinar+convallis.+Donec+quis+ante+sem%2C+ac+elementum+urna.+Suspendisse+ullamcorper+commodo+tortor%2C+a+venenatis+nisl+ullamcorper+a.+Integer+euismod+lobortis+purus%2C+non+fringilla+nunc+aliquam+vitae.+Sed+sit+amet+dolor+dui.+Donec+ultricies+bibendum+condimentum.+Nunc+mi+elit%2C+viverra+vitae+volutpat+blandit%2C+laoreet+id+diam.%0D%0A%0D%0AAenean+at+venenatis+nisi.+Morbi+vulputate+elit+sit+amet+felis+placerat+nec+bibendum+erat+aliquam.+Nullam+dignissim+nulla+sit+amet+tortor+dictum+pulvinar+ut+at+massa.+Sed+a+feugiat+nisi.+Quisque+ultricies+egestas+dui%2C+imperdiet+accumsan+leo+rhoncus+eget.+Mauris+molestie+diam+eget+nulla+sollicitudin+ut+lobortis+purus+rhoncus.+Aenean+ut+ligula+et+lacus+iaculis+ullamcorper.+Mauris+non+felis+sed+massa+imperdiet+mollis.+Proin+tristique+lorem+id+sem+placerat+ac+egestas+ipsum+vestibulum.+Maecenas+enim+nisl%2C+sollicitudin+quis+consequat+eu%2C+mollis+quis+ipsum.+Proin+leo+mauris%2C+pulvinar+sit+amet+vestibulum+ac%2C+pulvinar+ac+quam.%0D%0A%0D%0AFusce+sem+odio%2C+pretium+non+bibendum+nec%2C+suscipit+nec+tortor.+Donec+elit+odio%2C+sollicitudin+vitae+pretium+in%2C+ultricies+sit+amet+turpis.+Curabitur+at+justo+nunc.+Sed+in+consectetur+magna.+Cras+imperdiet+felis+a+turpis+ultricies+blandit.+In+aliquam+dictum+ante+eget+vehicula.+Aliquam+erat+volutpat.+Nulla+interdum+purus+dolor.+Nullam+convallis+hendrerit+commodo.+Donec+consectetur+nulla+ac+ligula+suscipit+dignissim.+Pellentesque+eget+mauris+nec+orci+pharetra+tempus+at+eu+quam.+Phasellus+neque+massa%2C+convallis+sed+interdum+et%2C+iaculis+vel+tellus.%0D%0A%0D%0ADonec+tincidunt+nulla+sed+orci+tempor+eget+pretium+magna+ultrices.+Fusce+vestibulum+lacus+vel+ante+hendrerit+fringilla.+Donec+risus+felis%2C+varius+sit+amet+semper+a%2C+porttitor+at+metus.+Curabitur+dui+nulla%2C+convallis+in+posuere+eget%2C+iaculis+non+arcu.+In+facilisis+erat+vitae+ligula+rhoncus+eget+mollis+nibh+tempor.+Nunc+posuere+pretium+lacinia.+Sed+condimentum+bibendum+fringilla.+Donec+sit+amet+purus+id+odio+venenatis+pulvinar.+Nam+vitae+risus+sed+libero+luctus+blandit.+In+eget+massa+sit+amet+mi+tempor+semper+in+quis+nisi.+Fusce+nec+semper+ligula.+Aliquam+a+orci+id+lectus+adipiscing+bibendum+eget+non+nulla.+Morbi+vitae+ornare+lorem.+Nunc+faucibus%2C+enim+vel+vehicula+faucibus%2C+ligula+nibh+interdum+ipsum%2C+ut+eleifend+nisl+dolor+nec+nisi.%0D%0A%0D%0AIn+et+venenatis+ligula.+Quisque+pulvinar%2C+tellus+sed+molestie+vulputate%2C+lacus+odio+ultrices+lorem%2C+a+ornare+tortor+sapien+ac+sem.+Vestibulum+nibh+enim%2C+auctor+at+condimentum+ut%2C+tincidunt+at+orci.+Phasellus+placerat+sem+id+purus+consequat+non+venenatis+dui+consequat.+Cum+sociis+natoque+penatibus+et+magnis+dis+parturient+montes%2C+nascetur+ridiculus+mus.+Vivamus+aliquam+rutrum+diam+at+rutrum.+Vivamus+a+nunc+eros.+Donec+aliquam+turpis+facilisis+lorem+aliquam+sit+amet+euismod+augue+lacinia.+Duis+ligula+orci%2C+dictum+sed+venenatis+vitae%2C+elementum+scelerisque+neque.+Pellentesque+habitant+morbi+tristique+senectus+et+netus+et+malesuada+fames+ac+turpis+egestas.+Curabitur+imperdiet+tincidunt+auctor.+Integer+ut+tellus+sed+justo+blandit+congue+sit+amet+malesuada+diam.+Aenean+egestas+congue+augue+ac+mattis.+Nam+vestibulum+dapibus+mattis.+Morbi+elit+metus%2C+sagittis+quis+faucibus+sit+amet%2C+varius+in+elit.+Maecenas+eu+ante+et+arcu+sagittis+sodales+at+in+volutpat.%3C%2Fsl%3AXMLContent%3E%0D%0A++++%3C%2Fsl%3ADataObject%3E%0D%0A+++%3Csl%3ATransformsInfo%3E%0D%0A+++++%3Csl%3AFinalDataMetaInfo%3E%0D%0A++++++%3Csl%3AMimeType%3Etext%2Fplain%3C%2Fsl%3AMimeType%3E%0D%0A++++++%3C%2Fsl%3AFinalDataMetaInfo%3E%0D%0A+++%3C%2Fsl%3ATransformsInfo%3E%0D%0A+%3C%2Fsl%3ADataObjectInfo%3E%0D%0A%3C%2Fsl%3ACreateXMLSignatureRequest%3E&EmptyParam=&TransferParam__=%21%22%23%24%25%26%27%28%29*%2B%2C-.%2F0123456789%3A%3B%3C%3D%3E%3F%40ABCDEFGHIJKLMNOPQRSTUVWXYZ%5B%5C%5D%5E_%60abcdefghijklmnopqrstuvwxyz%7B%7C%7D%7E%C2%A1%C2%A2%C2%A3%C2%A4%C2%A5%C2%A6%C2%A7%C2%A8%C2%A9%C2%AA%C2%AB%C2%AC+%C2%AE%C2%AF%C2%B0%C2%B1%C2%B2%C2%B3%C2%B4%C2%B5%C2%B6%C2%B7%C2%B8%C2%B9%C2%BA%C2%BB%C2%BC%C2%BD%C2%BE%C2%BF%C3%80%C3%81%C3%82%C3%83%C3%84%C3%85%C3%86%C3%87%C3%88%C3%89%C3%8A%C3%8B%C3%8C%C3%8D%C3%8E%C3%8F%C3%90%C3%91%C3%92%C3%93%C3%94%C3%95%C3%96%C3%97%C3%98%C3%99%C3%9A%C3%9B%C3%9C%C3%9D%C3%9E%C3%9F%C3%A0%C3%A1%C3%A2%C3%A3%C3%A4%C3%A5%C3%A6%C3%A7%C3%A8%C3%A9%C3%AA%C3%AB%C3%AC%C3%AD%C3%AE%C3%AF%C3%B0%C3%B1%C3%B2%C3%B3%C3%B4%C3%B5%C3%B6%C3%B7%C3%B8%C3%B9%C3%BA%C3%BB%C3%BC%C3%BD%C3%BE%C3%BF%CE%8E%CE%8F%CE%90%CE%91%CE%92%CE%93%CE%94%CE%95%CE%96%CE%97%CE%98%CE%99%CE%9A%CE%9B%CE%9C%CE%9D%CE%9E%CE%9F%CE%A0%CE%A1%CE%A3%CE%A4%CE%A5%CE%A6%CE%A7%CE%A8%CE%A9%CE%AA%CE%AB%CE%AC%CE%AD%CE%AE%CE%AF%CE%B0%CE%B1%CE%B2%CE%B3%CE%B4%CE%B5%CE%B6%CE%B7%CE%B8%CE%B9%CE%BA%CE%BB%CE%BC%CE%BD%CE%BE%CE%BF%CF%80%CF%81%CF%82%CF%83%CF%84%CF%85%CF%86%CF%87%CF%88%CF%89%CF%8A%CF%8B%CF%8C%CF%8D%CF%8E%CF%90%CF%91%CF%92%CF%93%CF%94%CF%95%CF%96%CF%97%CF%98%CF%99%CF%9A%CF%9B%CF%9C%CF%9D%CF%9E%CF%9F%CF%A0%CF%A1%D0%80%D0%81%D0%82%D0%83%D0%84%D0%85%D0%86%D0%87%D0%88%D0%89%D0%8A%D0%8B%D0%8C%D0%8D%D0%8E%D0%8F%D0%90%D0%91%D0%92%D0%93%D0%94%D0%95%D0%96%D0%97%D0%98%D0%99%D0%9A%D0%9B%D0%9C%D0%9D%D0%9E%D0%9F%D0%A0%D0%A1%D0%A2%D0%A3%D0%A4%D0%A5%D0%A6%D0%A7%D0%A8%D0%A9%D0%AA%D0%AB%D0%AC%D0%AD%D0%AE%D0%AF%D0%B0%D0%B1%D0%B2%D0%B3%D0%B4%D0%B5%D0%B6%D0%B7%D0%B8%D0%B9%D0%BA%D0%BB%D0%BC%D0%BD%D0%BE%D0%BF%D1%80%D1%81%D1%82%D1%83%D1%84%D1%85%D1%86%D1%87%D1%88%D1%89%D1%8A%D1%8B%D1%8C%D1%8D%D1%8E%D1%8F%D1%90%D1%91%D1%92%D1%93%D1%94%D1%95%D1%96%D1%97%D1%98%D1%99%D1%9A%D1%9B%D1%9C%D1%9D%D1%9E%D1%9F%D2%90%D2%91%D2%92%D2%93%D2%94%D2%95%D2%96%D2%97%D2%98%D2%99%D2%9A%D2%9B%D2%B0%D2%B1%D2%B2%D2%B3%D3%80%D3%81%D3%82%D3%83%D3%84%D3%90%D3%91%D3%92%D3%93%D3%94%D3%95%D3%96%D3%97%D3%98%D3%99%D3%9A%D3%9B%D3%9C%D3%9D%D3%9E%D3%9F%D3%A0%D3%A1%D3%A2%D3%A3%D3%A4%D3%A5%D3%A6%D3%A7%D3%A8%D3%A9%D3%AA%D3%AB%D3%AC%D3%AD%D3%AE%D3%AF%D3%B0%D3%B1%D3%B2%D3%B3%D3%B4%D3%B5%D3%B6%D3%B7%D3%B8%D3%B9 \ No newline at end of file -- cgit v1.2.3 From 83e8c95ea7d257166d350a59bfd81e9833ec14fd Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 5 Nov 2009 19:05:14 +0000 Subject: [#484] European Language support git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@535 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUApplet/pom.xml | 1 + .../at/gv/egiz/bku/online/applet/BKUApplet.java | 572 ++++++++-------- .../bku/online/applet/viewer/URLFontLoader.java | 82 +++ BKUApplet/src/test/resources/appletTest.html | 35 +- .../egiz/bku/online/applet/ActivationApplet.java | 4 +- .../bku/online/applet/PINManagementApplet.java | 4 +- BKUCommonGUI/pom.xml | 18 +- .../main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java | 27 +- .../src/main/java/at/gv/egiz/bku/gui/BKUIcons.java | 57 ++ .../at/gv/egiz/bku/gui/SecureViewerDialog.java | 98 +-- .../at/gv/egiz/bku/gui/viewer/FontProvider.java | 40 ++ .../egiz/bku/gui/viewer/FontProviderException.java | 29 + .../at/gv/egiz/bku/gui/Messages.properties | 2 +- .../at/gv/egiz/bku/gui/Messages_en.properties | 2 +- .../main/resources/at/gv/egiz/bku/gui/chip128.png | Bin 0 -> 7775 bytes .../main/resources/at/gv/egiz/bku/gui/chip16.png | Bin 0 -> 787 bytes .../main/resources/at/gv/egiz/bku/gui/chip24.png | Bin 0 -> 1227 bytes .../main/resources/at/gv/egiz/bku/gui/chip48.png | Bin 0 -> 2771 bytes .../test/java/at/gv/egiz/bku/gui/BKUGUITest.java | 2 +- .../java/at/gv/egiz/bku/gui/DummyFontLoader.java | 35 + .../at/gv/egiz/bku/gui/SecureViewerDialogTest.java | 165 +++++ BKUFonts/pom.xml | 43 ++ BKUFonts/src/main/fonts/DejaVuLGCSans.ttf | Bin 0 -> 498636 bytes BKUFonts/src/main/fonts/DejaVuLGCSansMono.ttf | Bin 0 -> 282704 bytes BKUFonts/src/main/fonts/DejaVuLGCSerif.ttf | Bin 0 -> 304924 bytes BKUFonts/src/main/fonts/LICENSE | 99 +++ .../services/at.gv.egiz.bku.gui.SecureFontProvider | 3 + .../java/at/gv/egiz/bku/gui/ActivationGUI.java | 6 +- .../main/java/at/gv/egiz/bku/gui/CardMgmtGUI.java | 5 +- .../java/at/gv/egiz/bku/gui/PINManagementGUI.java | 4 +- .../at/gv/egiz/bku/gui/PINManagementGUIFacade.java | 1 - .../java/at/gv/egiz/bku/gui/ActivationGuiTest.java | 3 +- .../test/java/at/gv/egiz/bku/gui/BKUGUIWorker.java | 1 - .../java/at/gv/egiz/bku/gui/DummyFontLoader.java | 35 + .../gv/egiz/bku/local/stal/LocalSTALFactory.java | 36 +- .../main/resources/at/gv/egiz/bku/gui/chip128.png | Bin 7775 -> 0 bytes .../main/resources/at/gv/egiz/bku/gui/chip16.png | Bin 787 -> 0 bytes .../main/resources/at/gv/egiz/bku/gui/chip24.png | Bin 1227 -> 0 bytes .../main/resources/at/gv/egiz/bku/gui/chip32.png | Bin 1753 -> 0 bytes .../main/resources/at/gv/egiz/bku/gui/chip48.png | Bin 2771 -> 0 bytes BKUOnline/pom.xml | 22 + .../stal/service/impl/STALRequestBrokerImpl.java | 1 - BKUOnline/src/main/webapp/SLRequestForm.html | 40 +- BKUOnline/src/main/webapp/applet.jsp | 13 +- BKUOnline/src/main/webapp/index.html | 3 +- BKUOnline/src/main/webapp/js/deployJava_orig.js | 725 +++++++++++++++++++++ BKUViewer/pom.xml | 15 +- .../java/at/gv/egiz/bku/text/TextValidator.java | 38 +- .../at/gv/egiz/bku/text/TestTextValidator.java | 121 +++- bkucommon/pom.xml | 10 +- .../at/gv/egiz/bku/viewer/ResourceFontLoader.java | 61 ++ .../at/gv/egiz/bku/viewer/ValidatorFactory.java | 23 +- pom.xml | 1 + 53 files changed, 1983 insertions(+), 499 deletions(-) create mode 100644 BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/viewer/URLFontLoader.java create mode 100644 BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUIcons.java create mode 100644 BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProvider.java create mode 100644 BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProviderException.java create mode 100644 BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip128.png create mode 100644 BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip16.png create mode 100644 BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip24.png create mode 100644 BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip48.png create mode 100644 BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java create mode 100644 BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/SecureViewerDialogTest.java create mode 100644 BKUFonts/pom.xml create mode 100644 BKUFonts/src/main/fonts/DejaVuLGCSans.ttf create mode 100644 BKUFonts/src/main/fonts/DejaVuLGCSansMono.ttf create mode 100644 BKUFonts/src/main/fonts/DejaVuLGCSerif.ttf create mode 100644 BKUFonts/src/main/fonts/LICENSE create mode 100644 BKUFonts/src/main/fonts/META-INF/services/at.gv.egiz.bku.gui.SecureFontProvider create mode 100644 BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java delete mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip128.png delete mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip16.png delete mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip24.png delete mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip32.png delete mode 100644 BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip48.png create mode 100644 BKUOnline/src/main/webapp/js/deployJava_orig.js create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/viewer/ResourceFontLoader.java (limited to 'bkucommon/src/main') diff --git a/BKUApplet/pom.xml b/BKUApplet/pom.xml index 397c5670..4172517b 100644 --- a/BKUApplet/pom.xml +++ b/BKUApplet/pom.xml @@ -21,6 +21,7 @@ at.gv.egiz + true ${project.build.outputDirectory} META-INF\/ diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java index 6346b7f4..7a15f7a5 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/BKUApplet.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.online.applet; +import at.gv.egiz.bku.online.applet.viewer.URLFontLoader; import at.gv.egiz.bku.gui.BKUGUIFacade.Style; import at.gv.egiz.bku.gui.DefaultHelpListener; import at.gv.egiz.bku.gui.AbstractHelpListener; @@ -25,6 +26,8 @@ import java.net.MalformedURLException; import java.net.URL; import java.util.Locale; +import java.util.logging.Level; +import java.util.logging.Logger; import javax.net.ssl.HttpsURLConnection; import javax.swing.JApplet; import javax.swing.JPanel; @@ -34,6 +37,7 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.gui.BKUGUIFacade; import at.gv.egiz.bku.gui.BKUGUIImpl; +import at.gv.egiz.bku.gui.viewer.FontProvider; import at.gv.egiz.stal.service.STALPortType; import at.gv.egiz.stal.service.STALService; import java.applet.AppletContext; @@ -46,289 +50,287 @@ import javax.xml.namespace.QName; * Note: all swing code is executed by the event dispatch thread (see * BKUGUIFacade) */ -public class BKUApplet extends JApplet { - - private static final long serialVersionUID = 1L; - - private static Log log = LogFactory.getLog(BKUApplet.class); - /** - * Applet parameter keys - */ - public static final String GUI_STYLE = "GuiStyle"; - public final static String LOCALE = "Locale"; - public final static String WSDL_URL = "WSDL_URL"; - public static final String HASHDATA_DISPLAY = "HashDataDisplay"; - public final static String HASHDATA_URL = "HashDataURL"; - public final static String HELP_URL = "HelpURL"; - public final static String SESSION_ID = "SessionID"; - public static final String BACKGROUND_IMG = "Background"; - public static final String BACKGROUND_COLOR = "BackgroundColor"; - public static final String REDIRECT_URL = "RedirectURL"; - public static final String REDIRECT_TARGET = "RedirectTarget"; - public static final String HASHDATA_DISPLAY_FRAME = "frame"; - /** - * STAL WSDL namespace and service name - */ - public static final String STAL_WSDL_NS = "http://www.egiz.gv.at/wsdl/stal"; - public static final String STAL_SERVICE = "STALService"; - /** - * Dummy session id, used if no sessionId parameter is provided - */ - protected static final String TEST_SESSION_ID = "TestSession"; - - static { - if (log.isTraceEnabled()) { - log.trace("enabling webservice communication dump"); - System - .setProperty( - "com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump", - "true"); - } - } - - /** - * STAL - */ - protected AppletBKUWorker worker; - protected Thread workerThread; - - /* - * (non-Javadoc) - * - * @see java.applet.Applet#getParameterInfo() - */ - @Override - public String[][] getParameterInfo() { - return new String[][] { - { WSDL_URL, "url", - "URL of the WSDL of the MOCCA server side STAL" }, - { REDIRECT_URL, "url", - "URL to redirect the browser to when finished" }, - { REDIRECT_TARGET, "frame target", - "name of the target frame for redirection when finished" }, - { LOCALE, "locale", - "locale for UI localization (optional, default: system default)" }, - { GUI_STYLE, "simple, advanced, tiny", - "GUI style (optional, default: simple)" }, - { BACKGROUND_COLOR, "#hhhhhh", - "background color, e.g. '#333333' (optional, default: look and feel dependend)" }, - { BACKGROUND_IMG, "url", - "URL of a background image for the GUI (optional, default: no image)" }, - { HELP_URL, "url", - "URL for locating help files, e.g. '../help/' (no help provided if missing)" } }; - } - - /** - * Factory method to create and wire HelpListener, GUI and BKUWorker. - * (Config via applet parameters, see BKUApplet.* constants) - */ - @Override - public void init() { - log.info("Welcome to MOCCA"); - log.trace("Called init()"); - - HttpsURLConnection.setDefaultSSLSocketFactory(InternalSSLSocketFactory - .getInstance()); - - String locale = getParameter(LOCALE); - if (locale != null) { - this.setLocale(new Locale(locale)); - } - log.trace("default locale: " + Locale.getDefault()); - log.debug("setting locale: " + getLocale()); - - BKUGUIFacade.Style guiStyle; - String guiStyleParam = getParameter(GUI_STYLE); - if ("advanced".equals(guiStyleParam)) { - guiStyle = BKUGUIFacade.Style.advanced; - } else if ("tiny".equals(guiStyleParam)) { - guiStyle = BKUGUIFacade.Style.tiny; - } else { - guiStyle = BKUGUIFacade.Style.simple; - } - log.debug("setting gui-style: " + guiStyle); - - URL backgroundImgURL = null; - try { - backgroundImgURL = getURLParameter(BACKGROUND_IMG, null); - log.debug("setting background: " + backgroundImgURL); - } catch (MalformedURLException ex) { - log.warn("cannot load applet background image: " + ex.getMessage()); - } - - AbstractHelpListener helpListener = null; - try { - helpListener = new DefaultHelpListener(getAppletContext(), - getURLParameter(HELP_URL, null), getLocale()); - if (log.isDebugEnabled()) { - log - .debug("setting helpURL: " - + getURLParameter(HELP_URL, null)); - } - } catch (MalformedURLException ex) { - log.warn("failed to load help URL: " + ex.getMessage() - + ", disabling help"); - } - - SwitchFocusListener switchFocusListener = new SwitchFocusListener( - getAppletContext(), "focusToBrowser()"); - - // Note: We need a panel in order to be able to set the background - // properly. - // Setting the background without a panel has side effects with the - // different java plugins. - JPanel contentPanel = new JPanel(); - getContentPane().add(contentPanel); - - String backgroundColor = getParameter(BACKGROUND_COLOR); - if (backgroundColor != null && backgroundColor.startsWith("#")) { - try { - Color color = new Color(Integer.parseInt(backgroundColor - .substring(1), 16)); - log.debug("setting background color to " + color); - contentPanel.setBackground(color); - } catch (NumberFormatException e) { - log.debug("failed to set background color '" + backgroundColor - + "'"); - } - } - - BKUGUIFacade gui = createGUI(contentPanel, getLocale(), guiStyle, - backgroundImgURL, helpListener, switchFocusListener); - - worker = createBKUWorker(this, gui); - } - - @Override - public void start() { - log.trace("Called start()"); - workerThread = new Thread(worker); - workerThread.start(); - } - - @Override - public void stop() { - log.trace("Called stop()"); - if ((workerThread != null) && (workerThread.isAlive())) { - workerThread.interrupt(); - } - } - - @Override - public void destroy() { - log.trace("Called destroy()"); - } - - // /////////////////////////////////////////////////////////////////////////// - // factory methods for subclasses to inject different components - // /////////////////////////////////////////////////////////////////////////// - - protected BKUGUIFacade createGUI(Container contentPane, Locale locale, - Style guiStyle, URL backgroundImgURL, - AbstractHelpListener helpListener, - SwitchFocusListener switchFocusListener) { - return new BKUGUIImpl(contentPane, locale, guiStyle, backgroundImgURL, - helpListener, switchFocusListener); - } - - protected AppletBKUWorker createBKUWorker(BKUApplet applet, BKUGUIFacade gui) { - return new AppletBKUWorker(applet, gui); - } - - // /////////////////////////////////////////////////////////////////////////// - // callback for BKUWorker to allow extension - // /////////////////////////////////////////////////////////////////////////// - - /** - * Callback for BKUWorker to allow extension - * - * @return - * @throws java.net.MalformedURLException - */ - public STALPortType getSTALPort() throws MalformedURLException { - URL wsdlURL = getURLParameter(WSDL_URL, null); - log.debug("setting STAL WSDL: " + wsdlURL); - QName endpointName = new QName(STAL_WSDL_NS, STAL_SERVICE); - STALService stal = new STALService(wsdlURL, endpointName); - return stal.getSTALPort(); - } - - /** - * Callback for BKUWorker to allow extension (TODO STALPort could know its - * STALTranslator) - * - * @return - * @throws java.net.MalformedURLException - */ - public STALTranslator getSTALTranslator() { - return new STALTranslator(); - } - - /** - * Callback for BKUWorker to keep applet context out of BKUWorker - * - * @return - * @throws java.net.MalformedURLException - */ - protected void sendRedirect(String sessionId) { - try { - AppletContext ctx = getAppletContext(); - if (ctx == null) { - log - .error("no applet context (applet might already have been destroyed)"); - return; - } - URL redirectURL = getURLParameter(REDIRECT_URL, sessionId); - String redirectTarget = getParameter(REDIRECT_TARGET); - if (redirectTarget == null) { - log.info("Done. Redirecting to " + redirectURL + " ..."); - ctx.showDocument(redirectURL); - } else { - log.info("Done. Redirecting to " + redirectURL + " (target=" - + redirectTarget + ") ..."); - ctx.showDocument(redirectURL, redirectTarget); - } - } catch (MalformedURLException ex) { - log.warn("Failed to redirect: " + ex.getMessage(), ex); - // gui.showErrorDialog(errorMsg, okListener, actionCommand) - } - } - - public void getFocusFromBrowser() { - - worker.getFocusFromBrowser(); - } - - // /////////////////////////////////////////////////////////////////////////// - // utility methods - // /////////////////////////////////////////////////////////////////////////// - - protected URL getURLParameter(String paramKey, String sessionId) - throws MalformedURLException { - String urlParam = getParameter(paramKey); - if (urlParam != null && !"".equals(urlParam)) { - URL codebase = getCodeBase(); - try { - URL url; - if (codebase.getProtocol().equalsIgnoreCase("file")) { - // for debugging in appletrunner - url = new URL(urlParam); - } else { - if (sessionId != null) { - urlParam = urlParam + ";jsessionid=" + sessionId; - } - url = new URL(codebase, urlParam); - } - return url; - } catch (MalformedURLException ex) { - log.error("applet paremeter " + urlParam - + " is not a valid URL: " + ex.getMessage()); - throw ex; - } - } else { - log.error("applet paremeter " + paramKey + " not set"); - throw new MalformedURLException(paramKey + " not set"); - } - } - +public class BKUApplet extends JApplet { + + private static final long serialVersionUID = 1L; + private static Log log = LogFactory.getLog(BKUApplet.class); + /** + * Applet parameter keys + */ + public static final String GUI_STYLE = "GuiStyle"; + public final static String LOCALE = "Locale"; + public final static String WSDL_URL = "WSDL_URL"; + public static final String HASHDATA_DISPLAY = "HashDataDisplay"; + public final static String HASHDATA_URL = "HashDataURL"; + public final static String HELP_URL = "HelpURL"; + public final static String SESSION_ID = "SessionID"; + public static final String BACKGROUND_IMG = "Background"; + public static final String BACKGROUND_COLOR = "BackgroundColor"; + public static final String REDIRECT_URL = "RedirectURL"; + public static final String REDIRECT_TARGET = "RedirectTarget"; + public static final String HASHDATA_DISPLAY_FRAME = "frame"; + /** + * STAL WSDL namespace and service name + */ + public static final String STAL_WSDL_NS = "http://www.egiz.gv.at/wsdl/stal"; + public static final String STAL_SERVICE = "STALService"; + /** + * Dummy session id, used if no sessionId parameter is provided + */ + protected static final String TEST_SESSION_ID = "TestSession"; + + static { + if (log.isTraceEnabled()) { + log.trace("enabling webservice communication dump"); + System.setProperty( + "com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump", + "true"); + } + } + /** + * STAL + */ + protected AppletBKUWorker worker; + protected Thread workerThread; + + /* + * (non-Javadoc) + * + * @see java.applet.Applet#getParameterInfo() + */ + @Override + public String[][] getParameterInfo() { + return new String[][]{ + {WSDL_URL, "url", + "URL of the WSDL of the MOCCA server side STAL"}, + {REDIRECT_URL, "url", + "URL to redirect the browser to when finished"}, + {REDIRECT_TARGET, "frame target", + "name of the target frame for redirection when finished"}, + {LOCALE, "locale", + "locale for UI localization (optional, default: system default)"}, + {GUI_STYLE, "simple, advanced, tiny", + "GUI style (optional, default: simple)"}, + {BACKGROUND_COLOR, "#hhhhhh", + "background color, e.g. '#333333' (optional, default: look and feel dependend)"}, + {BACKGROUND_IMG, "url", + "URL of a background image for the GUI (optional, default: no image)"}, + {HELP_URL, "url", + "URL for locating help files, e.g. '../help/' (no help provided if missing)"}}; + } + + /** + * Factory method to create and wire HelpListener, GUI and BKUWorker. + * (Config via applet parameters, see BKUApplet.* constants) + */ + @Override + public void init() { + log.info("Welcome to MOCCA"); + log.trace("Called init()"); + showStatus("Initializing MOCCA applet"); + + HttpsURLConnection.setDefaultSSLSocketFactory(InternalSSLSocketFactory.getInstance()); + + String locale = getParameter(LOCALE); + if (locale != null) { + this.setLocale(new Locale(locale)); + } + log.trace("default locale: " + Locale.getDefault()); + log.debug("setting locale: " + getLocale()); + + BKUGUIFacade.Style guiStyle; + String guiStyleParam = getParameter(GUI_STYLE); + if ("advanced".equals(guiStyleParam)) { + guiStyle = BKUGUIFacade.Style.advanced; + } else if ("tiny".equals(guiStyleParam)) { + guiStyle = BKUGUIFacade.Style.tiny; + } else { + guiStyle = BKUGUIFacade.Style.simple; + } + log.debug("setting gui-style: " + guiStyle); + + URL backgroundImgURL = null; + try { + backgroundImgURL = getURLParameter(BACKGROUND_IMG, null); + log.debug("setting background: " + backgroundImgURL); + } catch (MalformedURLException ex) { + log.warn("cannot load applet background image: " + ex.getMessage()); + } + + AbstractHelpListener helpListener = null; + try { + helpListener = new DefaultHelpListener(getAppletContext(), + getURLParameter(HELP_URL, null), getLocale()); + if (log.isDebugEnabled()) { + log.debug("setting helpURL: " + getURLParameter(HELP_URL, null)); + } + } catch (MalformedURLException ex) { + log.warn("failed to load help URL: " + ex.getMessage() + ", disabling help"); + } + + SwitchFocusListener switchFocusListener = new SwitchFocusListener( + getAppletContext(), "focusToBrowser()"); + + // Note: We need a panel in order to be able to set the background + // properly. + // Setting the background without a panel has side effects with the + // different java plugins. + JPanel contentPanel = new JPanel(); + getContentPane().add(contentPanel); + + String backgroundColor = getParameter(BACKGROUND_COLOR); + if (backgroundColor != null && backgroundColor.startsWith("#")) { + try { + Color color = new Color(Integer.parseInt(backgroundColor.substring(1), 16)); + log.debug("setting background color to " + color); + contentPanel.setBackground(color); + } catch (NumberFormatException e) { + log.debug("failed to set background color '" + backgroundColor + "'"); + } + } + + try { + URLFontLoader fontProvider = new URLFontLoader(getCodeBase()); + fontProvider.loadInBackground(); + BKUGUIFacade gui = createGUI(contentPanel, getLocale(), guiStyle, + backgroundImgURL, fontProvider, helpListener, switchFocusListener); + + worker = createBKUWorker(this, gui); + } catch (MalformedURLException ex) { + log.fatal("failed to load font provider URL", ex); + System.err.println("invalid font provider URL " + ex.getMessage()); + } + } + + @Override + public void start() { + log.trace("Called start()"); + if (worker != null) { + showStatus("Starting MOCCA applet"); + workerThread = new Thread(worker); + workerThread.start(); + } else { + log.debug("cannot start uninitialzed MOCCA applet"); + } + } + + @Override + public void stop() { + log.trace("Called stop()"); + showStatus("Stopping MOCCA applet"); + if ((workerThread != null) && (workerThread.isAlive())) { + workerThread.interrupt(); + } + } + + @Override + public void destroy() { + log.trace("Called destroy()"); + } + + // /////////////////////////////////////////////////////////////////////////// + // factory methods for subclasses to inject different components + // /////////////////////////////////////////////////////////////////////////// + protected BKUGUIFacade createGUI(Container contentPane, Locale locale, + Style guiStyle, URL backgroundImgURL, + FontProvider fontProvider, AbstractHelpListener helpListener, + SwitchFocusListener switchFocusListener) { + return new BKUGUIImpl(contentPane, locale, guiStyle, backgroundImgURL, + fontProvider, helpListener, switchFocusListener); + } + + protected AppletBKUWorker createBKUWorker(BKUApplet applet, BKUGUIFacade gui) { + return new AppletBKUWorker(applet, gui); + } + + // /////////////////////////////////////////////////////////////////////////// + // callback for BKUWorker to allow extension + // /////////////////////////////////////////////////////////////////////////// + /** + * Callback for BKUWorker to allow extension + * + * @return + * @throws java.net.MalformedURLException + */ + public STALPortType getSTALPort() throws MalformedURLException { + URL wsdlURL = getURLParameter(WSDL_URL, null); + log.debug("setting STAL WSDL: " + wsdlURL); + QName endpointName = new QName(STAL_WSDL_NS, STAL_SERVICE); + STALService stal = new STALService(wsdlURL, endpointName); + return stal.getSTALPort(); + } + + /** + * Callback for BKUWorker to allow extension (TODO STALPort could know its + * STALTranslator) + * + * @return + * @throws java.net.MalformedURLException + */ + public STALTranslator getSTALTranslator() { + return new STALTranslator(); + } + + /** + * Callback for BKUWorker to keep applet context out of BKUWorker + * + * @return + * @throws java.net.MalformedURLException + */ + protected void sendRedirect(String sessionId) { + try { + AppletContext ctx = getAppletContext(); + if (ctx == null) { + log.error("no applet context (applet might already have been destroyed)"); + return; + } + URL redirectURL = getURLParameter(REDIRECT_URL, sessionId); + String redirectTarget = getParameter(REDIRECT_TARGET); + if (redirectTarget == null) { + log.info("Done. Redirecting to " + redirectURL + " ..."); + ctx.showDocument(redirectURL); + } else { + log.info("Done. Redirecting to " + redirectURL + " (target=" + redirectTarget + ") ..."); + ctx.showDocument(redirectURL, redirectTarget); + } + } catch (MalformedURLException ex) { + log.warn("Failed to redirect: " + ex.getMessage(), ex); + // gui.showErrorDialog(errorMsg, okListener, actionCommand) + } + } + + public void getFocusFromBrowser() { + + worker.getFocusFromBrowser(); + } + + // /////////////////////////////////////////////////////////////////////////// + // utility methods + // /////////////////////////////////////////////////////////////////////////// + protected URL getURLParameter(String paramKey, String sessionId) + throws MalformedURLException { + String urlParam = getParameter(paramKey); + if (urlParam != null && !"".equals(urlParam)) { + URL codebase = getCodeBase(); + try { + URL url; + if (codebase.getProtocol().equalsIgnoreCase("file")) { + // for debugging in appletrunner + url = new URL(urlParam); + } else { + if (sessionId != null) { + urlParam = urlParam + ";jsessionid=" + sessionId; + } + url = new URL(codebase, urlParam); + } + return url; + } catch (MalformedURLException ex) { + log.error("applet paremeter " + urlParam + " is not a valid URL: " + ex.getMessage()); + throw ex; + } + } else { + log.error("applet paremeter " + paramKey + " not set"); + throw new MalformedURLException(paramKey + " not set"); + } + } } diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/viewer/URLFontLoader.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/viewer/URLFontLoader.java new file mode 100644 index 00000000..f914aed7 --- /dev/null +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/viewer/URLFontLoader.java @@ -0,0 +1,82 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.applet.viewer; + +import at.gv.egiz.bku.gui.viewer.FontProviderException; +import at.gv.egiz.bku.gui.viewer.FontProvider; +import java.awt.Font; +import java.awt.FontFormatException; +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.concurrent.ExecutionException; +import javax.swing.SwingWorker; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class URLFontLoader extends SwingWorker implements FontProvider { + + protected static final Log log = LogFactory.getLog(URLFontLoader.class); + protected URL fontURL; + protected Font font; + + public URLFontLoader(URL codebase) throws MalformedURLException { + this.fontURL = new URL(codebase, SANSMONO_FONT_RESOURCE); + if (log.isDebugEnabled()) { + log.debug(Thread.currentThread() + " setting font load URL: " + fontURL); + } + } + + public void loadInBackground() { + if (log.isDebugEnabled()) { + log.debug(Thread.currentThread() + " scheduling font loading in background: " + fontURL); + } + this.execute(); + } + + @Override + protected Font doInBackground() throws MalformedURLException, FontFormatException, IOException { + if (log.isDebugEnabled()) { + log.debug(Thread.currentThread() + " loading font in background..."); + } + return Font.createFont(Font.TRUETYPE_FONT, fontURL.openStream()); + } + + /** + * waits for loadInBackground to finish + * @return the font loaded in loadInbackground + * @throws Exception + */ + @Override + public Font getFont() throws FontProviderException { + log.debug(Thread.currentThread() + " get font"); + try { + return get(); + } catch (InterruptedException ex) { + log.error("font loader interrupted"); +// Thread.currentThread().interrupt(); + throw new FontProviderException("font loader interrupted", ex); + } catch (ExecutionException ex) { + log.error("failed to load font", ex.getCause()); + throw new FontProviderException("failed to load font", ex.getCause()); + } + } +} diff --git a/BKUApplet/src/test/resources/appletTest.html b/BKUApplet/src/test/resources/appletTest.html index 4a768f91..d1a0f6e2 100644 --- a/BKUApplet/src/test/resources/appletTest.html +++ b/BKUApplet/src/test/resources/appletTest.html @@ -15,20 +15,25 @@ limitations under the License. --> + + + MOCCA Applet + + -
- - - - - - - - - - -
+ + + + + + + + + + + + - \ No newline at end of file + diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ActivationApplet.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ActivationApplet.java index 5bab2ef8..4f2f1331 100644 --- a/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ActivationApplet.java +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ActivationApplet.java @@ -21,6 +21,7 @@ import at.gv.egiz.bku.gui.ActivationGUI; import at.gv.egiz.bku.gui.BKUGUIFacade; import at.gv.egiz.bku.gui.SwitchFocusListener; import at.gv.egiz.bku.gui.BKUGUIFacade.Style; +import at.gv.egiz.bku.gui.viewer.FontProvider; import at.gv.egiz.bku.online.applet.BKUApplet; import at.gv.egiz.bku.smccstal.AbstractSMCCSTAL; import at.gv.egiz.bku.smccstal.CardMgmtRequestHandler; @@ -85,8 +86,9 @@ public class ActivationApplet extends BKUApplet { Locale locale, Style guiStyle, URL backgroundImgURL, + FontProvider fontProvider, AbstractHelpListener helpListener, SwitchFocusListener switchFocusListener) { - return new ActivationGUI(contentPane, locale, guiStyle, backgroundImgURL, helpListener, switchFocusListener); + return new ActivationGUI(contentPane, locale, guiStyle, backgroundImgURL, fontProvider, helpListener, switchFocusListener); } } diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/PINManagementApplet.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/PINManagementApplet.java index 055e9c31..bf323969 100644 --- a/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/PINManagementApplet.java +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/PINManagementApplet.java @@ -21,6 +21,7 @@ import at.gv.egiz.bku.gui.BKUGUIFacade; import at.gv.egiz.bku.gui.PINManagementGUI; import at.gv.egiz.bku.gui.PINManagementGUIFacade; import at.gv.egiz.bku.gui.SwitchFocusListener; +import at.gv.egiz.bku.gui.viewer.FontProvider; import java.awt.Container; import java.net.URL; import java.util.Locale; @@ -41,9 +42,10 @@ public class PINManagementApplet extends BKUApplet { Locale locale, BKUGUIFacade.Style guiStyle, URL backgroundImgURL, + FontProvider fontProvider, AbstractHelpListener helpListener, SwitchFocusListener switchFocusListener) { - return new PINManagementGUI(contentPane, locale, guiStyle, backgroundImgURL, helpListener, switchFocusListener); + return new PINManagementGUI(contentPane, locale, guiStyle, backgroundImgURL, fontProvider, helpListener, switchFocusListener); } @Override diff --git a/BKUCommonGUI/pom.xml b/BKUCommonGUI/pom.xml index 9fecb661..feefa18b 100644 --- a/BKUCommonGUI/pom.xml +++ b/BKUCommonGUI/pom.xml @@ -21,6 +21,13 @@ 1.2.8-SNAPSHOT compile + @@ -33,15 +40,4 @@ - \ No newline at end of file diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java index e83502a8..8df4bd72 100644 --- a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUGUIImpl.java @@ -17,6 +17,8 @@ package at.gv.egiz.bku.gui; +import at.gv.egiz.bku.gui.viewer.FontProviderException; +import at.gv.egiz.bku.gui.viewer.FontProvider; import at.gv.egiz.smcc.PINSpec; import at.gv.egiz.stal.HashDataInput; import java.awt.Color; @@ -73,6 +75,7 @@ public class BKUGUIImpl implements BKUGUIFacade { protected HelpKeyListener helpKeyListener; protected SwitchFocusFocusListener switchFocusKeyListener; protected SecureViewerDialog secureViewer; + protected FontProvider fontProvider; protected Container contentPane; protected ResourceBundle messages; @@ -115,8 +118,9 @@ public class BKUGUIImpl implements BKUGUIFacade { */ public BKUGUIImpl(Container contentPane, Locale locale, - Style guiStyle, + Style guiStyle, URL background, + FontProvider fontProvider, ActionListener helpListener, SwitchFocusListener switchFocusListener) { this.contentPane = contentPane; @@ -139,7 +143,8 @@ public class BKUGUIImpl implements BKUGUIFacade { registerHelpListener(helpListener); registerSwitchFocusListener(switchFocusListener); - + + this.fontProvider = fontProvider; createGUI(background); } @@ -1386,7 +1391,12 @@ public class BKUGUIImpl implements BKUGUIFacade { @Override public void run() { - showSecureViewer(dataToBeSigned.get(0)); + try { + showSecureViewer(dataToBeSigned.get(0)); + } catch (FontProviderException ex) { + log.error("failed to display secure viewer", ex); + showErrorDialog(ERR_VIEWER, new Object[] {ex.getMessage()}, backListener, backCommand); + } } }); @@ -1407,12 +1417,12 @@ public class BKUGUIImpl implements BKUGUIFacade { * @param saveListener * @param saveCommand */ - private void showSecureViewer(HashDataInput dataToBeSigned) { + private void showSecureViewer(HashDataInput dataToBeSigned) throws FontProviderException { log.debug("show secure viewer [" + Thread.currentThread().getName() + "]"); if (secureViewer == null) { secureViewer = new SecureViewerDialog(null, messages, - helpMouseListener.getActionListener()); + fontProvider, helpMouseListener.getActionListener()); // workaround for [#439] // avoid AlwaysOnTop at least in applet, otherwise make secureViewer AlwaysOnTop since MOCCA Dialog (JFrame created in LocalSTALFactory) is always on top. @@ -1485,7 +1495,12 @@ public class BKUGUIImpl implements BKUGUIFacade { int selectionIdx = lsm.getMinSelectionIndex(); if (selectionIdx >= 0) { final HashDataInput selection = signedReferences.get(selectionIdx); - showSecureViewer(selection); + try { + showSecureViewer(selection); + } catch (FontProviderException ex) { + log.error("failed to display secure viewer", ex); + showErrorDialog(ERR_VIEWER, new Object[] {ex.getMessage()}, backListener, backCommand); + } } } }); diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUIcons.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUIcons.java new file mode 100644 index 00000000..92d6897b --- /dev/null +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/BKUIcons.java @@ -0,0 +1,57 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.gui; + +import java.awt.Image; +import java.io.IOException; +import java.net.URL; +import java.util.ArrayList; +import javax.imageio.ImageIO; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class BKUIcons { + + protected static final Log log = LogFactory.getLog(BKUIcons.class); + + /** 16x16, 24x24, 32x32, 48x48, 128x128 pixels */ + public static final ArrayList icons = new ArrayList(); + + static { + String[] iconResources = new String[] { + "/at/gv/egiz/bku/gui/chip16.png", + "/at/gv/egiz/bku/gui/chip24.png", + "/at/gv/egiz/bku/gui/chip32.png", + "/at/gv/egiz/bku/gui/chip48.png", + "/at/gv/egiz/bku/gui/chip128.png" }; + for (String ir : iconResources) { + URL resource = BKUIcons.class.getResource(ir); + if (ir != null) { + try { + icons.add(ImageIO.read(resource)); + } catch (IOException ex) { + log.warn("failed to load mocca icon " + ir, ex); + } + } + } + } +} diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/SecureViewerDialog.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/SecureViewerDialog.java index ef70f94b..1883fce5 100644 --- a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/SecureViewerDialog.java +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/SecureViewerDialog.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.gui; +import at.gv.egiz.bku.gui.viewer.FontProvider; import at.gv.egiz.stal.HashDataInput; import java.awt.Container; import java.awt.Cursor; @@ -53,9 +54,12 @@ import javax.swing.JPanel; import javax.swing.JScrollPane; import javax.swing.LayoutStyle; import javax.swing.SwingUtilities; +import javax.swing.UIManager; +import javax.swing.text.DefaultEditorKit; import javax.swing.text.Document; import javax.swing.text.EditorKit; import javax.swing.text.StyledEditorKit; +import javax.swing.text.html.HTMLEditorKit; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -65,16 +69,20 @@ import org.apache.commons.logging.LogFactory; */ public class SecureViewerDialog extends JDialog implements ActionListener { - public static final String PLAINTEXT_FONT = "Monospaced"; + /** don't import BKUFonts in order not to load BKUFonts.jar + * BKUApplet includes BKUFonts as runtime dependency only, the jar is copied to the applet dir in BKUOnline with dependency-plugin + * BKUViewer has compile dependency BKUFonts, transitive in BKUOnline and BKULocal + */ + public static final String PLAINTEXT_FONT_RESOURCE = "DejaVuSansMono.ttf"; public static final Dimension VIEWER_DIMENSION = new Dimension(600, 400); protected static final Log log = LogFactory.getLog(SecureViewerDialog.class); - // private static SecureViewerDialog dialog; protected ResourceBundle messages; protected JEditorPane viewer; protected JLabel viewerLabel; protected JScrollPane scrollPane; protected HashDataInput content; //remember for save dialog + protected FontProvider fontProvider; /** * Create and display a modal SecureViewer dialog. @@ -97,10 +105,12 @@ public class SecureViewerDialog extends JDialog implements ActionListener { // dialog.setVisible(true); // } public SecureViewerDialog(Frame owner, ResourceBundle messages, -// ActionListener saveListener, String saveCommand, - ActionListener helpListener) { + // ActionListener saveListener, String saveCommand, + FontProvider fontProvider, ActionListener helpListener) { super(owner, messages.getString(BKUGUIFacade.WINDOWTITLE_VIEWER), true); + this.setIconImages(BKUIcons.icons); this.messages = messages; + this.fontProvider = fontProvider; initContentPane(VIEWER_DIMENSION, createViewerPanel(helpListener), @@ -135,7 +145,8 @@ public class SecureViewerDialog extends JDialog implements ActionListener { private JPanel createViewerPanel(final ActionListener helpListener) { viewer = new JEditorPane(); viewer.setEditable(false); - + viewer.putClientProperty(JEditorPane.HONOR_DISPLAY_PROPERTIES, Boolean.TRUE); + scrollPane = new JScrollPane(); JPanel viewerPanel = new JPanel(); @@ -167,31 +178,29 @@ public class SecureViewerDialog extends JDialog implements ActionListener { }); helpLabel.addKeyListener(new KeyAdapter() { - @Override - public void keyPressed(KeyEvent arg0) { - - if(arg0.getKeyCode() == KeyEvent.VK_ENTER) { - ActionEvent e = new ActionEvent(this, ActionEvent.ACTION_PERFORMED, BKUGUIFacade.HELP_HASHDATAVIEWER); - helpListener.actionPerformed(e); - } + @Override + public void keyPressed(KeyEvent arg0) { + + if (arg0.getKeyCode() == KeyEvent.VK_ENTER) { + ActionEvent e = new ActionEvent(this, ActionEvent.ACTION_PERFORMED, BKUGUIFacade.HELP_HASHDATAVIEWER); + helpListener.actionPerformed(e); } - }); - + } + }); + helpLabel.addFocusListener(new FocusAdapter() { - - @Override - public void focusGained(FocusEvent e) { - - helpLabel.setIcon(new ImageIcon(getClass().getResource(BKUGUIFacade.HELP_IMG_FOCUS))); - } - - @Override - public void focusLost(FocusEvent e) { - - helpLabel.setIcon(new ImageIcon(getClass().getResource(BKUGUIFacade.HELP_IMG))); - } - - + + @Override + public void focusGained(FocusEvent e) { + + helpLabel.setIcon(new ImageIcon(getClass().getResource(BKUGUIFacade.HELP_IMG_FOCUS))); + } + + @Override + public void focusLost(FocusEvent e) { + + helpLabel.setIcon(new ImageIcon(getClass().getResource(BKUGUIFacade.HELP_IMG))); + } }); helpLabel.setCursor(Cursor.getPredefinedCursor(Cursor.HAND_CURSOR)); @@ -216,9 +225,10 @@ public class SecureViewerDialog extends JDialog implements ActionListener { * @param hashDataInput */ - public void setContent(HashDataInput hashDataInput) { + public void setContent(HashDataInput hashDataInput) { //throws FontProviderException { this.content = null; + viewer.setText(null); String mimeType = hashDataInput.getMimeType(); if (mimeType == null) { @@ -228,20 +238,21 @@ public class SecureViewerDialog extends JDialog implements ActionListener { // loads editorkit for text/plain if unrecognized viewer.setContentType(mimeType); - if ("text/plain".equals(mimeType)) { - viewer.setEditorKit(new StyledEditorKit()); - viewer.setFont(new Font(PLAINTEXT_FONT, viewer.getFont().getStyle(), viewer.getFont().getSize())); -// } else if ("text/html".equals(mimeType)) { -// viewer.setEditorKit(new RestrictedHTMLEditorKit()); - } else if ("application/xhtml+xml".equals(mimeType)) { - viewer.setContentType("text/html"); - } + try { + + if ("text/plain".equals(mimeType)) { + viewer.setEditorKit(new StyledEditorKit()); + viewer.setFont(fontProvider.getFont().deriveFont(Font.PLAIN, viewer.getFont().getSize())); + } else if ("application/xhtml+xml".equals(mimeType)) { + viewer.setEditorKit(new HTMLEditorKit()); + //reset font if fontprovider font was set before (TODO also html font from fontprovider) + viewer.setFont(new Font("Dialog", Font.PLAIN, viewer.getFont().getSize())); //UIManager.getFont("Label.font")); + } - EditorKit editorKit = viewer.getEditorKit(); - Document document = editorKit.createDefaultDocument(); -// document.putProperty("IgnoreCharsetDirective", new Boolean(true)); + EditorKit editorKit = viewer.getEditorKit(); + Document document = editorKit.createDefaultDocument(); + // document.putProperty("IgnoreCharsetDirective", new Boolean(true)); - try { Charset cs = (hashDataInput.getEncoding() == null) ? Charset.forName("UTF-8") : Charset.forName(hashDataInput.getEncoding()); log.debug("secure viewer encoding: " + cs.toString()); @@ -252,11 +263,14 @@ public class SecureViewerDialog extends JDialog implements ActionListener { this.content = hashDataInput; +// } catch (Exception ex) // fontProvider // } catch (IllegalCharsetNameException ex) { // } catch (UnsupportedCharsetException ex) { +// } catch (FontProviderException ex) { } catch (Exception ex) { log.error(ex.getMessage(), ex); String p = messages.getString(BKUGUIFacade.ERR_VIEWER); + viewer.setContentType("text/plain"); viewer.setText(MessageFormat.format(p, ex.getMessage())); } viewer.setCaretPosition(0); @@ -280,7 +294,7 @@ public class SecureViewerDialog extends JDialog implements ActionListener { closeButton.setText(messages.getString(BKUGUIFacade.BUTTON_CLOSE)); closeButton.setActionCommand("close"); closeButton.addActionListener(this); - + JButton saveButton = new JButton(); saveButton.setText(messages.getString(BKUGUIFacade.BUTTON_SAVE)); saveButton.setActionCommand("save"); diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProvider.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProvider.java new file mode 100644 index 00000000..8fb815b0 --- /dev/null +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProvider.java @@ -0,0 +1,40 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.gui.viewer; + +import java.awt.Font; + +/** + * + * @author Clemens Orthacker + */ +public interface FontProvider { + + /** will be replaced by more sophisticated font selection mechanism + * (see java.awt.Font int/String constants) */ + String SANSMONO_FONT_RESOURCE = "DejaVuLGCSansMono.ttf"; + + /** + * + * @return + * @throws InterruptedException + * @throws FileNotFoundException if remote font file cannot be retrieved + */ + Font getFont() throws FontProviderException; + +} diff --git a/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProviderException.java b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProviderException.java new file mode 100644 index 00000000..5a6a277e --- /dev/null +++ b/BKUCommonGUI/src/main/java/at/gv/egiz/bku/gui/viewer/FontProviderException.java @@ -0,0 +1,29 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.gui.viewer; + +/** + * Encapsulates the reason why a font could not be loaded. + * @author Clemens Orthacker + */ +public class FontProviderException extends Exception { + + public FontProviderException(String msg, Throwable cause) { + super(msg, cause); + } +} diff --git a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages.properties b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages.properties index a96b835f..b458a214 100644 --- a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages.properties +++ b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages.properties @@ -86,7 +86,7 @@ error.test=Fehler1 {0} - Fehler2 {1} error.card.locked=B\u00FCrgerkarte ist gesperrt error.card.notactivated=Die B\u00FCrgerkarte ist nicht aktiviert error.pin.timeout=Zeit\u00FCberschreitung bei Eingabe der PIN -error.viewer=Der Inhalt kann nicht dargestellt werden: {0} +error.viewer=Der Inhalt kann nicht dargestellt werden: {0} error.external.link=Externer Link {0} wird nicht ge\u00F6ffnet error.config=Fehlerhafte Konfiguration des Systems: {0} diff --git a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages_en.properties b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages_en.properties index c795b3fa..22b9095c 100644 --- a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages_en.properties +++ b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/Messages_en.properties @@ -84,7 +84,7 @@ error.test=Error1 {0} - Error2 {1} error.card.locked=Citizen card is locked error.card.notactivated=Citizen card not activated error.pin.timeout=Timeout during PIN entry -error.viewer=Failed to display contents: {0} +error.viewer=Failed to display contents: {0} error.external.link=Cannot open external link {0} error.config=Incorrect system configuration: {0} diff --git a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip128.png b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip128.png new file mode 100644 index 00000000..c36d8079 Binary files /dev/null and b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip128.png differ diff --git a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip16.png b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip16.png new file mode 100644 index 00000000..96b580e9 Binary files /dev/null and b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip16.png differ diff --git a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip24.png b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip24.png new file mode 100644 index 00000000..efd6dbeb Binary files /dev/null and b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip24.png differ diff --git a/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip48.png b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip48.png new file mode 100644 index 00000000..491fbcac Binary files /dev/null and b/BKUCommonGUI/src/main/resources/at/gv/egiz/bku/gui/chip48.png differ diff --git a/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/BKUGUITest.java b/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/BKUGUITest.java index 9f1cb612..fdd58850 100644 --- a/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/BKUGUITest.java +++ b/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/BKUGUITest.java @@ -41,7 +41,7 @@ public class BKUGUITest { Container contentPane = testFrame.getContentPane(); // contentPane.setPreferredSize(new Dimension(170, 150)); contentPane.setPreferredSize(new Dimension(290, 190)); - BKUGUIFacade gui = new BKUGUIImpl(contentPane, null, BKUGUIFacade.Style.advanced, null, null, null); + BKUGUIFacade gui = new BKUGUIImpl(contentPane, null, BKUGUIFacade.Style.advanced, null, new DummyFontLoader(), null, null); BKUGUIWorker worker = new BKUGUIWorker(); worker.init(gui); testFrame.pack(); diff --git a/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java b/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java new file mode 100644 index 00000000..87d67adc --- /dev/null +++ b/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java @@ -0,0 +1,35 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.gui; + +import at.gv.egiz.bku.gui.viewer.FontProviderException; +import at.gv.egiz.bku.gui.viewer.FontProvider; +import java.awt.Font; + +/** + * + * @author Clemens Orthacker + */ +public class DummyFontLoader implements FontProvider { + + @Override + public Font getFont() throws FontProviderException { + return new Font("monospaced", Font.PLAIN, 10); + } + +} diff --git a/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/SecureViewerDialogTest.java b/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/SecureViewerDialogTest.java new file mode 100644 index 00000000..fc8dcd96 --- /dev/null +++ b/BKUCommonGUI/src/test/java/at/gv/egiz/bku/gui/SecureViewerDialogTest.java @@ -0,0 +1,165 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +package at.gv.egiz.bku.gui; + +import at.gv.egiz.stal.impl.ByteArrayHashDataInput; +import java.awt.Font; +import java.io.BufferedInputStream; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.ResourceBundle; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Ignore; +import org.junit.Test; + +/** + * + * @author clemens + */ +@Ignore +public class SecureViewerDialogTest { + + static SecureViewerDialog secureViewer; + static ResourceBundle messages; + + @BeforeClass + public static void setUpClass() throws Exception { + messages = ResourceBundle.getBundle("at/gv/egiz/bku/gui/Messages"); + secureViewer = new SecureViewerDialog(null, messages, new DummyFontLoader(), null); + } + + @AfterClass + public static void tearDownClass() throws Exception { + } + + @Before + public void setUp() { + } + + @After + public void tearDown() { + } + + + @Test + @Ignore + public void testLatin1Supplement() throws UnsupportedEncodingException, FileNotFoundException, IOException { +// StringBuilder data = new StringBuilder(); +// data.append("\nhttp://www.unicode.org/charts/PDF/U0080.pdf\n"); +// for (int i = 0x0080; i <= 0x00ff; i++) { +// data.append((char) i); +// } +// System.out.println(data.toString()); + BufferedInputStream bis = new BufferedInputStream(new FileInputStream("/home/clemens/IAIK/MOCCA/encoding/test_iso-8859-1.txt")); + byte[] bytes = new byte[bis.available()]; + bis.read(bytes); + String s = new String(bytes, "iso-8859-1"); + System.out.println("read iso-8859-1 bytes " + s); + + secureViewer.setContent(new ByteArrayHashDataInput(s.getBytes("UTF-8"), "id-1", "text/plain", "iso-8859-1")); + + } + + @Test + @Ignore + public void testGreek() throws UnsupportedEncodingException { +// Font fm = new Font(Font.MONOSPACED, Font.PLAIN, 10); + Font fm = new Font("Lucida Sans Typewriter", Font.PLAIN, 18); //GothicBBB-MediumH", Font.PLAIN, 10); + System.out.println(fm.getFontName() + ", " + fm.getPSName() + ", " + fm); + + StringBuilder data = new StringBuilder(); + data.append("\nhttp://www.unicode.org/charts/PDF/U0370.pdf\n"); + for (int i = 0x0370; i <= 0x03ff; i++) { + if (!fm.canDisplay((char) i)) { + System.out.println("cannot display " + Integer.toHexString(i) ); + } + data.append((char) i); + } + + System.out.println(data.toString()); + secureViewer.setContent(new ByteArrayHashDataInput(data.toString().getBytes("UTF-8"), "id-1", "text/plain", "UTF-8")); + + } + + /** + * Test of setContent method, of class SecureViewerDialog. + */ + @Test +// @Ignore + public void testCyrillic() throws UnsupportedEncodingException { + + StringBuilder data = new StringBuilder("\n"); + + int[] mocca = new int[] {0x041c, 0x04a8, 0x0480, 0x0480, 0x0466 }; + + for (int i = 0; i < mocca.length; i++) { + data.append((char) mocca[i]); + } + data.append(" goes cyrillic\n"); + + data.append("\nCyrillic - http://www.unicode.org/charts/PDF/U0400.pdf\n"); + for (int i = 0x0400; i <= 0x04ff; i++) { +// System.out.printf("%c%04x=%c\t", (i & 7) == 0 ? '\n' : '\0', i, (char)i); +// System.out.print((char) i); + data.append((char)i); + } + + data.append("\n\nCyrillic Supplement - http://www.unicode.org/charts/PDF/U0500.pdf\n"); + for (int i = 0x0500; i <= 0x0525; i++) { +// System.out.printf("%c%04x=%c\t", (i & 7) == 0 ? '\n' : '\0', i, (char)i); +// System.out.print((char) i); + data.append((char) i); + } + + for (int i = 0; i < data.length(); i++) { + char c = data.charAt(i); + if (c >= '\u0400' && c <= '\u0525') { + System.out.println(c + "\tcyrillic"); + } else if (c < '\u007f') { + System.out.println(c + "\tlatin"); + } else { + System.out.println(c + "\tunknown"); + } + } + + System.out.println(data.toString()); + +// char[] cyrillicChars = new char[] {(char) 0x0411, (char) 0x0444}; +// System.out.println(new String(cyrillicChars)); // + ": " + SMCCHelper.toString(cyrillicBytes)); +// byte[] cyrillicBytes = new byte[] {(byte) 0x11, (byte) 0x04, (byte) 0x0444}; +// System.out.println(new String(cyrillicBytes, "UTF-8") + ": " + SMCCHelper.toString(cyrillicBytes)); + +// String encoding = "cp1252"; +// String data = "öäü߀"; +// byte[] bytes = data.getBytes(encoding); +// System.out.println(data + "\t" + SMCCHelper.toString(bytes)); +// byte[] bytes2 = data.getBytes("cp1252"); +// System.out.println(data + "\t" + SMCCHelper.toString(bytes2)); + + secureViewer.setContent(new ByteArrayHashDataInput(data.toString().getBytes("UTF-8"), "id-1", "text/plain", "UTF-8")); + + System.out.println("\n\n=============================\n"); +// +//// int[] mocca = new int[] {0x0428, 0x0429, 0x04a8, 0x04e8, 0x047a, 0x042d, 0x042d, 0x0421, 0x0421, 0x04d0, 0x0466 }; +// int[] mocca = new int[] {0x0429, 0x04a8, 0x0480, 0x0480, 0x0466 }; + for (int i = 0; i < mocca.length; i++) { + System.out.print((char) mocca[i]); + } +// for (int i = 0; i < mocca.length; i++) { +// System.out.printf(" 0x%04x", mocca[i]); +// } +// + System.out.println("\n=============================\n"); + + } + + +} \ No newline at end of file diff --git a/BKUFonts/pom.xml b/BKUFonts/pom.xml new file mode 100644 index 00000000..a798f5d1 --- /dev/null +++ b/BKUFonts/pom.xml @@ -0,0 +1,43 @@ + + + 4.0.0 + + bku + at.gv.egiz + 1.2.8-SNAPSHOT + + at.gv.egiz + BKUFonts + 1.0 + BKUFonts + + This module is used in validator(s) and viewer and is a direct dependency of + - BKUViewer (attention, this is the validator!) + TextValidator depends on the fonts. (compile scope, make available for BKULocal/Online TextValidator) + (TextValidator should rather use a FontProvider) + - BKUOnline: + - direct/provided if jar inclusion in applet dir, but do not enforce inclusion as WEB-INF/lib + - transitive from BKUViewer if unpack-fonts to applet dir + - removed the BKUCommonGUI (runtime; propagate dependency to BKUApplet): + no real dependency: BKUCommonGUI contains SecureFontProvider interface only + (which does not state how fonts are loaded); implementations should depend no BKUFonts + (ResourceFontLoader in BKULocal depends on the fonts, however URLFontLoader in BKUApplet doesn't. + BKUOnline however depends on BKUFonts for providing the fonts as web-resource for the applet) + + + at.gv.egiz.bku.text.TextValidator and xxx.LocalFontProvider load fonts from classpath, + resource name must be known, TODO: encapsulate resource loading (FontProvider constants?) + + at.gv.egiz.bku.online.applet.URLFontLoader loads (unpacked) font files from applet codebase, + resource names _must_ be known since applet has no BKUFonts dependency + + + + + + src/main/fonts + + + + diff --git a/BKUFonts/src/main/fonts/DejaVuLGCSans.ttf b/BKUFonts/src/main/fonts/DejaVuLGCSans.ttf new file mode 100644 index 00000000..cae5a48b Binary files /dev/null and b/BKUFonts/src/main/fonts/DejaVuLGCSans.ttf differ diff --git a/BKUFonts/src/main/fonts/DejaVuLGCSansMono.ttf b/BKUFonts/src/main/fonts/DejaVuLGCSansMono.ttf new file mode 100644 index 00000000..21647753 Binary files /dev/null and b/BKUFonts/src/main/fonts/DejaVuLGCSansMono.ttf differ diff --git a/BKUFonts/src/main/fonts/DejaVuLGCSerif.ttf b/BKUFonts/src/main/fonts/DejaVuLGCSerif.ttf new file mode 100644 index 00000000..4b3bf2e6 Binary files /dev/null and b/BKUFonts/src/main/fonts/DejaVuLGCSerif.ttf differ diff --git a/BKUFonts/src/main/fonts/LICENSE b/BKUFonts/src/main/fonts/LICENSE new file mode 100644 index 00000000..254e2cc4 --- /dev/null +++ b/BKUFonts/src/main/fonts/LICENSE @@ -0,0 +1,99 @@ +Fonts are (c) Bitstream (see below). DejaVu changes are in public domain. +Glyphs imported from Arev fonts are (c) Tavmjong Bah (see below) + +Bitstream Vera Fonts Copyright +------------------------------ + +Copyright (c) 2003 by Bitstream, Inc. All Rights Reserved. Bitstream Vera is +a trademark of Bitstream, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of the fonts accompanying this license ("Fonts") and associated +documentation files (the "Font Software"), to reproduce and distribute the +Font Software, including without limitation the rights to use, copy, merge, +publish, distribute, and/or sell copies of the Font Software, and to permit +persons to whom the Font Software is furnished to do so, subject to the +following conditions: + +The above copyright and trademark notices and this permission notice shall +be included in all copies of one or more of the Font Software typefaces. + +The Font Software may be modified, altered, or added to, and in particular +the designs of glyphs or characters in the Fonts may be modified and +additional glyphs or characters may be added to the Fonts, only if the fonts +are renamed to names not containing either the words "Bitstream" or the word +"Vera". + +This License becomes null and void to the extent applicable to Fonts or Font +Software that has been modified and is distributed under the "Bitstream +Vera" names. + +The Font Software may be sold as part of a larger software package but no +copy of one or more of the Font Software typefaces may be sold by itself. + +THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF COPYRIGHT, PATENT, +TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL BITSTREAM OR THE GNOME +FOUNDATION BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, INCLUDING +ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF +THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM OTHER DEALINGS IN THE +FONT SOFTWARE. + +Except as contained in this notice, the names of Gnome, the Gnome +Foundation, and Bitstream Inc., shall not be used in advertising or +otherwise to promote the sale, use or other dealings in this Font Software +without prior written authorization from the Gnome Foundation or Bitstream +Inc., respectively. For further information, contact: fonts at gnome dot +org. + +Arev Fonts Copyright +------------------------------ + +Copyright (c) 2006 by Tavmjong Bah. All Rights Reserved. + +Permission is hereby granted, free of charge, to any person obtaining +a copy of the fonts accompanying this license ("Fonts") and +associated documentation files (the "Font Software"), to reproduce +and distribute the modifications to the Bitstream Vera Font Software, +including without limitation the rights to use, copy, merge, publish, +distribute, and/or sell copies of the Font Software, and to permit +persons to whom the Font Software is furnished to do so, subject to +the following conditions: + +The above copyright and trademark notices and this permission notice +shall be included in all copies of one or more of the Font Software +typefaces. + +The Font Software may be modified, altered, or added to, and in +particular the designs of glyphs or characters in the Fonts may be +modified and additional glyphs or characters may be added to the +Fonts, only if the fonts are renamed to names not containing either +the words "Tavmjong Bah" or the word "Arev". + +This License becomes null and void to the extent applicable to Fonts +or Font Software that has been modified and is distributed under the +"Tavmjong Bah Arev" names. + +The Font Software may be sold as part of a larger software package but +no copy of one or more of the Font Software typefaces may be sold by +itself. + +THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT +OF COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL +TAVMJONG BAH BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL +DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM +OTHER DEALINGS IN THE FONT SOFTWARE. + +Except as contained in this notice, the name of Tavmjong Bah shall not +be used in advertising or otherwise to promote the sale, use or other +dealings in this Font Software without prior written authorization +from Tavmjong Bah. For further information, contact: tavmjong @ free +. fr. + +$Id: LICENSE 2133 2007-11-28 02:46:28Z lechimp $ diff --git a/BKUFonts/src/main/fonts/META-INF/services/at.gv.egiz.bku.gui.SecureFontProvider b/BKUFonts/src/main/fonts/META-INF/services/at.gv.egiz.bku.gui.SecureFontProvider new file mode 100644 index 00000000..c9bf2059 --- /dev/null +++ b/BKUFonts/src/main/fonts/META-INF/services/at.gv.egiz.bku.gui.SecureFontProvider @@ -0,0 +1,3 @@ +Serif DejaVuLGCSerif.ttf +Sans DejaVuLGCSans.ttf +SansMono DejaVuLGCSansMono.ttf diff --git a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/ActivationGUI.java b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/ActivationGUI.java index 1a1426a5..37f30340 100644 --- a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/ActivationGUI.java +++ b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/ActivationGUI.java @@ -16,14 +16,13 @@ */ package at.gv.egiz.bku.gui; -import at.gv.egiz.bku.gui.*; +import at.gv.egiz.bku.gui.viewer.FontProvider; import java.awt.Container; import java.awt.Cursor; import java.awt.event.ActionListener; import java.net.URL; import java.text.MessageFormat; import java.util.Locale; -import java.util.ResourceBundle; import javax.swing.GroupLayout; import javax.swing.JButton; import javax.swing.JLabel; @@ -50,9 +49,10 @@ public class ActivationGUI extends CardMgmtGUI implements ActivationGUIFacade { Locale locale, Style guiStyle, URL backgroundImgURL, + FontProvider fontProvider, AbstractHelpListener helpListener, SwitchFocusListener switchFocusListener) { - super(contentPane, locale, guiStyle, backgroundImgURL, helpListener, switchFocusListener); + super(contentPane, locale, guiStyle, backgroundImgURL, fontProvider, helpListener, switchFocusListener); progressBar = new JProgressBar(); } diff --git a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/CardMgmtGUI.java b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/CardMgmtGUI.java index 68b2a2ba..98f44d55 100644 --- a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/CardMgmtGUI.java +++ b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/CardMgmtGUI.java @@ -17,7 +17,7 @@ package at.gv.egiz.bku.gui; -import at.gv.egiz.bku.gui.*; +import at.gv.egiz.bku.gui.viewer.FontProvider; import java.awt.Container; import java.net.URL; import java.util.Locale; @@ -38,9 +38,10 @@ public class CardMgmtGUI extends BKUGUIImpl { Locale locale, Style guiStyle, URL backgroundImgURL, + FontProvider fontProvider, AbstractHelpListener helpListener, SwitchFocusListener switchFocusListener) { - super(contentPane, locale, guiStyle, backgroundImgURL, helpListener, switchFocusListener); + super(contentPane, locale, guiStyle, backgroundImgURL, fontProvider, helpListener, switchFocusListener); } diff --git a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUI.java b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUI.java index 12f032d8..6699554e 100644 --- a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUI.java +++ b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUI.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.gui; +import at.gv.egiz.bku.gui.viewer.FontProvider; import at.gv.egiz.smcc.PINSpec; import java.awt.Container; import java.awt.Cursor; @@ -58,9 +59,10 @@ public class PINManagementGUI extends CardMgmtGUI implements PINManagementGUIFac Locale locale, Style guiStyle, URL backgroundImgURL, + FontProvider fontProvider, AbstractHelpListener helpListener, SwitchFocusListener switchFocusListener) { - super(contentPane, locale, guiStyle, backgroundImgURL, helpListener, switchFocusListener); + super(contentPane, locale, guiStyle, backgroundImgURL, fontProvider, helpListener, switchFocusListener); } @Override diff --git a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java index 297173d9..f99bcfd1 100644 --- a/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java +++ b/BKUGuiExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java @@ -17,7 +17,6 @@ package at.gv.egiz.bku.gui; -import at.gv.egiz.bku.gui.*; import at.gv.egiz.smcc.PINSpec; import java.awt.event.ActionListener; import java.util.Map; diff --git a/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/ActivationGuiTest.java b/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/ActivationGuiTest.java index fd562a21..cb05e5f1 100644 --- a/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/ActivationGuiTest.java +++ b/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/ActivationGuiTest.java @@ -21,7 +21,6 @@ package at.gv.egiz.bku.gui; -import at.gv.egiz.bku.gui.*; import java.awt.Container; import java.awt.Dimension; import javax.swing.JFrame; @@ -42,7 +41,7 @@ public class ActivationGuiTest { Container contentPane = testFrame.getContentPane(); contentPane.setPreferredSize(new Dimension(152, 145)); // contentPane.setPreferredSize(new Dimension(300, 190)); - ActivationGUIFacade gui = new ActivationGUI(contentPane, null, BKUGUIFacade.Style.tiny, null, null, null); + ActivationGUIFacade gui = new ActivationGUI(contentPane, null, BKUGUIFacade.Style.tiny, null, new DummyFontLoader(), null, null); BKUGUIWorker worker = new BKUGUIWorker(); worker.init(gui); testFrame.pack(); diff --git a/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/BKUGUIWorker.java b/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/BKUGUIWorker.java index 74ea8952..b01abe72 100644 --- a/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/BKUGUIWorker.java +++ b/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/BKUGUIWorker.java @@ -20,7 +20,6 @@ */ package at.gv.egiz.bku.gui; -import at.gv.egiz.bku.gui.*; import at.gv.egiz.smcc.PINSpec; import at.gv.egiz.stal.HashDataInput; import at.gv.egiz.stal.impl.ByteArrayHashDataInput; diff --git a/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java b/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java new file mode 100644 index 00000000..87d67adc --- /dev/null +++ b/BKUGuiExt/src/test/java/at/gv/egiz/bku/gui/DummyFontLoader.java @@ -0,0 +1,35 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.gui; + +import at.gv.egiz.bku.gui.viewer.FontProviderException; +import at.gv.egiz.bku.gui.viewer.FontProvider; +import java.awt.Font; + +/** + * + * @author Clemens Orthacker + */ +public class DummyFontLoader implements FontProvider { + + @Override + public Font getFont() throws FontProviderException { + return new Font("monospaced", Font.PLAIN, 10); + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java index 65a0d5ae..44322a07 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java @@ -16,33 +16,23 @@ */ package at.gv.egiz.bku.local.stal; +import at.gv.egiz.bku.viewer.ResourceFontLoader; import java.awt.Dimension; import java.awt.Toolkit; -import java.awt.event.WindowEvent; -import java.io.IOException; import java.net.MalformedURLException; import java.util.Locale; import at.gv.egiz.bku.gui.BKUGUIFacade; -import at.gv.egiz.bku.gui.BKUGUIImpl; +import at.gv.egiz.bku.gui.BKUIcons; import at.gv.egiz.bku.gui.PINManagementGUI; import at.gv.egiz.bku.gui.PINManagementGUIFacade; import at.gv.egiz.bku.local.gui.GUIProxy; import at.gv.egiz.bku.local.gui.LocalHelpListener; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.STALFactory; -import java.awt.Image; -import java.awt.Window; -import java.awt.event.WindowAdapter; import java.net.URL; -import java.util.ArrayList; -import java.util.logging.Level; -import java.util.logging.Logger; -import javax.imageio.ImageIO; -import javax.swing.ImageIcon; import javax.swing.JFrame; -import javax.swing.JRootPane; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -56,25 +46,6 @@ public class LocalSTALFactory implements STALFactory { protected static final Log log = LogFactory.getLog(LocalSTALFactory.class); protected static final Dimension PREFERRED_SIZE = new Dimension(318, 200); - protected static ArrayList icons = new ArrayList(); - static { - String[] iconResources = new String[] { - "/at/gv/egiz/bku/gui/chip16.png", - "/at/gv/egiz/bku/gui/chip24.png", - "/at/gv/egiz/bku/gui/chip32.png", - "/at/gv/egiz/bku/gui/chip48.png", - "/at/gv/egiz/bku/gui/chip128.png" }; - for (String ir : iconResources) { - URL resource = LocalSTALFactory.class.getResource(ir); - if (ir != null) { - try { - icons.add(ImageIO.read(resource)); - } catch (IOException ex) { - log.warn("failed to set ui dialog icon", ex); - } - } - } - } protected String helpURL; protected Locale locale; @@ -91,7 +62,7 @@ public class LocalSTALFactory implements STALFactory { } // [#439] make mocca dialog alwaysOnTop dialog.setAlwaysOnTop(true); - dialog.setIconImages(icons); + dialog.setIconImages(BKUIcons.icons); dialog.setUndecorated(true); // dialog.getRootPane().setWindowDecorationStyle(JRootPane.NONE); // dialog.addWindowListener(new WindowAdapter() { @@ -120,6 +91,7 @@ public class LocalSTALFactory implements STALFactory { dialog.getLocale(), BKUGUIFacade.Style.advanced, null, + new ResourceFontLoader(), helpListener, null); BKUGUIFacade proxy = (BKUGUIFacade) GUIProxy.newInstance(gui, dialog, new Class[] { PINManagementGUIFacade.class} ); diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip128.png b/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip128.png deleted file mode 100644 index c36d8079..00000000 Binary files a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip128.png and /dev/null differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip16.png b/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip16.png deleted file mode 100644 index 96b580e9..00000000 Binary files a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip16.png and /dev/null differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip24.png b/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip24.png deleted file mode 100644 index efd6dbeb..00000000 Binary files a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip24.png and /dev/null differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip32.png b/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip32.png deleted file mode 100644 index e7efb020..00000000 Binary files a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip32.png and /dev/null differ diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip48.png b/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip48.png deleted file mode 100644 index 491fbcac..00000000 Binary files a/BKULocal/src/main/resources/at/gv/egiz/bku/gui/chip48.png and /dev/null differ diff --git a/BKUOnline/pom.xml b/BKUOnline/pom.xml index 408ce195..3d504a8d 100644 --- a/BKUOnline/pom.xml +++ b/BKUOnline/pom.xml @@ -128,6 +128,15 @@ 1.2.8-SNAPSHOT provided + iaik iaik_jce_me4se @@ -159,6 +168,19 @@ true + + unpack-fonts + + unpack-dependencies + + + ${project.build.directory}/${project.build.finalName}/applet + at.gv.egiz + BKUFonts + META-INF/,LICENSE + false + + copy-certificates diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java index 9a9bd444..a2447ab7 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java @@ -33,7 +33,6 @@ import at.gv.egiz.stalx.service.translator.STALXTranslationHandler; import java.util.ArrayList; import java.util.Collections; import java.util.List; -import java.util.Locale; import javax.xml.bind.JAXBElement; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; diff --git a/BKUOnline/src/main/webapp/SLRequestForm.html b/BKUOnline/src/main/webapp/SLRequestForm.html index f705a0cb..24a88a1e 100644 --- a/BKUOnline/src/main/webapp/SLRequestForm.html +++ b/BKUOnline/src/main/webapp/SLRequestForm.html @@ -20,7 +20,7 @@ Security-Layer v1.2 Request Formular - - - - -

Security-Layer v1.2 Request Formular

+ + +

Security-Layer v1.2 Request Formular

@@ -110,7 +110,7 @@ SecureSignatureKeypair - Ich bin ein einfacher Text. + Ich bin ein einfacher Text. llöäü߀ @@ -120,7 +120,27 @@ - TestXHTML + + +

Heading3 large bold llöäü߀

+

Ich bin ein einfacher Text. llöäü߀

+

Ich bin ein einfacher Text. llöäü߀

+

Ich bin ein einfacher Text. llöäü߀

+

Ich bin ein einfacher Text. llöäü߀

+ + + @@ -145,7 +165,8 @@ --> - + +
Request Parameters

tiny @@ -185,8 +206,9 @@ name="StylesheetURL" value="" id="StylesheetURL">

--> +

-
+
diff --git a/BKUOnline/src/main/webapp/applet.jsp b/BKUOnline/src/main/webapp/applet.jsp index 31f3362b..df0b3ca5 100644 --- a/BKUOnline/src/main/webapp/applet.jsp +++ b/BKUOnline/src/main/webapp/applet.jsp @@ -72,14 +72,13 @@ %> - diff --git a/BKUOnline/src/main/webapp/index.html b/BKUOnline/src/main/webapp/index.html index 5bc01297..b39dafb7 100644 --- a/BKUOnline/src/main/webapp/index.html +++ b/BKUOnline/src/main/webapp/index.html @@ -22,6 +22,7 @@ +
@@ -46,7 +47,7 @@

MOCCA Web Start

-

diff --git a/BKUOnline/src/main/webapp/js/deployJava_orig.js b/BKUOnline/src/main/webapp/js/deployJava_orig.js new file mode 100644 index 00000000..316fa278 --- /dev/null +++ b/BKUOnline/src/main/webapp/js/deployJava_orig.js @@ -0,0 +1,725 @@ +/* + * Copyright (c) 2008 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Sun Microsystems nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Added by EGIZ: + * This file contains workarounds to + * [#423] Firefox 3.0.11 bug #498132 causes applet loading failure + * (lines 95-99) + * [#424] Web Start loading via java plugin (Sun deployment script) fails on WinXP/Vista + * (lines 501-506) + * + * features: + * [#425] Disable WebStart Launch Button for MacOS + * (lines 492-504) + * + */ + +/* + * deployJava.js + * + * This file is part of the Deployment Toolkit. It provides functions for web + * pages to detect the presence of a JRE, install the latest JRE, and easily run + * applets or Web Start programs. Usage guide may be found at http:///. + * + * The "live" copy of this file may be found at + * http://java.com/js/deployJava.js. + * You are encouraged to link directly to the live copy of the file. + * + * @version @(#)deployJava.js XXXXX + */ + +var deployJava={ + debug:null, + + myInterval:null, + preInstallJREList:null, + returnPage:null, + brand:null, + locale:null, + installType:null, + + EAInstallEnabled:false, + EarlyAccessURL:null, + + // GetJava page + getJavaURL:'http://java.sun.com/webapps/getjava/BrowserRedirect?host=java.com', + + // Apple redirect page + appleRedirectPage:'http://www.apple.com/support/downloads/', + oldMimeType:'application/npruntime-scriptable-plugin;DeploymentToolkit', + mimeType:'application/java-deployment-toolkit', + launchButtonPNG:'http://java.sun.com/products/jfc/tsc/articles/swing2d/webstart.png', + + getJREs:function(){ + var list=new Array(); + if(deployJava.isPluginInstalled()){ + var plugin=deployJava.getPlugin(); + var VMs=plugin.jvms; + for(var i=0;i'; + document.write(s); + } + if(!codebaseParam){ + document.write(''); + } + } + document.write('<'+'/'+'applet'+'>'); + }, + + versionCheck:function(versionPattern) + + { + var index=0; + var regex="^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?(\\*|\\+)?$"; + + var matchData=versionPattern.match(regex); + + if(matchData!=null){ + var familyMatch=true; + + var patternArray=new Array(); + + for(var i=1;i<'+'img '+'src="'+deployJava.launchButtonPNG+'" '+'border="0" /><'+'/'+'a'+'>'); + }, + + launch:function(jnlp){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().launch(jnlp); + }else{ + document.location=jnlp;return true; + } + }, + + isPluginInstalled:function(){ + var plugin=deployJava.getPlugin(); + if(plugin&&plugin.jvms){ + return true; + }else{ + return false; + } + }, + + isAutoUpdateEnabled:function(){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().isAutoUpdateEnabled(); + } + return false; + }, + + setAutoUpdateEnabled:function(){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().setAutoUpdateEnabled(); + } + return false; + }, + + setInstallerType:function(type){ + deployJava.installType=type; + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().setInstallerType(type); + } + return false; + }, + + setAdditionalPackages:function(packageList){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().setAdditionalPackages( + packageList); + } + return false; + }, + + setEarlyAccess:function(enabled){ + deployJava.EAInstallEnabled=enabled; + }, + + isPlugin2:function(){ + if(deployJava.isPluginInstalled()){ + if(deployJava.versionCheck('1.6.0_10+')){ + try{ + return deployJava.getPlugin().isPlugin2(); + }catch(err){ + + } + } + } + return false; + }, + + + getPlugin:function(){ + deployJava.refresh(); + var ret=document.getElementById('deployJavaPlugin'); + return ret; + }, + + compareVersionToPattern:function(version,patternArray,familyMatch){ + var regex="^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$"; + var matchData=version.match(regex); + + if(matchData!=null){ + var index=0; + var result=new Array(); + + for(var i=1;ipatternArray[i]){ + return true; + } + } + + return true; + } + }else{ + return false; + } + }, + + + getBrowser:function(){ + var browser=navigator.userAgent.toLowerCase(); + + if(deployJava.debug){ + alert('userAgent -> '+browser); + } + + if((navigator.vendor)&& + (navigator.vendor.toLowerCase().indexOf('apple')!=-1)&& + (browser.indexOf('safari')!=-1)){ + if(deployJava.debug){ + alert('We claim to have detected "Safari".'); + } + return'Safari'; + }else if(browser.indexOf('msie')!=-1){ + if(deployJava.debug){ + alert('We claim to have detected "IE".'); + } + return'MSIE'; + }else if((browser.indexOf('mozilla')!=-1)|| + (browser.indexOf('firefox')!=-1)){ + if(deployJava.debug){ + alert('We claim to have detected a Netscape family browser.'); + } + return'Netscape Family'; + }else{ + if(deployJava.debug){ + alert('We claim to have failed to detect a browser.'); + } + return'?'; + } + }, + + + testUsingActiveX:function(version){ + var objectName='JavaWebStart.isInstalled.'+version+'.0'; + + if(!ActiveXObject){ + if(deployJava.debug){ + alert('Browser claims to be IE, but no ActiveXObject object?'); + } + return false; + } + + try{ + return(new ActiveXObject(objectName)!=null); + }catch(exception){ + return false; + } + }, + + + testForMSVM:function(){ + var clsid='{08B0E5C0-4FCB-11CF-AAA5-00401C608500}'; + + if(typeof oClientCaps!='undefined'){ + var v=oClientCaps.getComponentVersion(clsid,"ComponentID"); + if((v=='')||(v=='5,0,5000,0')){ + return false; + }else{ + return true; + } + }else{ + return false; + } + }, + + + testUsingMimeTypes:function(version){ + if(!navigator.mimeTypes){ + if(deployJava.debug){ + alert('Browser claims to be Netscape family, but no mimeTypes[] array?'); + } + return false; + } + + for(var i=0;ib[0])return true; + if(a[0]b[1])return true; + if(a[1]b[2])return true; + if(a[2]'+ + '<'+'/'+'object'+'>'); + }else if(browser=='Netscape Family'){ + deployJava.writeEmbedTag(); + } + }, + + refresh:function(){ + navigator.plugins.refresh(false);var browser=deployJava.getBrowser();if(browser=='Netscape Family'){ + var plugin=document.getElementById('deployJavaPlugin');if(plugin==null){ + deployJava.writeEmbedTag(); + } + } + }, + + writeEmbedTag:function(){ + var written=false;if(navigator.mimeTypes!=null){ + for(var i=0;i