From 32d17447a258188b2d534bcb0bf65a659ba7b7d0 Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 29 Aug 2008 12:11:34 +0000 Subject: Initial import. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../egiz/idlink/CompressedIdentityLinkFactory.java | 416 +++++++++++++++++++++ .../at/gv/egiz/idlink/IdentityLinkTransformer.java | 285 ++++++++++++++ .../at/gv/egiz/idlink/ans1/CitizenPublicKey.java | 92 +++++ .../java/at/gv/egiz/idlink/ans1/IdentityLink.java | 315 ++++++++++++++++ .../java/at/gv/egiz/idlink/ans1/PersonData.java | 91 +++++ .../at/gv/egiz/idlink/ans1/PhysicalPersonData.java | 143 +++++++ 6 files changed, 1342 insertions(+) create mode 100644 utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java create mode 100644 utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java create mode 100644 utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java create mode 100644 utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java create mode 100644 utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java create mode 100644 utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java (limited to 'utils/src/main/java/at/gv/egiz/idlink') diff --git a/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java b/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java new file mode 100644 index 00000000..5f4e5d92 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/CompressedIdentityLinkFactory.java @@ -0,0 +1,416 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink; + +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStreamReader; +import java.security.PublicKey; +import java.security.cert.X509Certificate; +import java.util.List; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.PropertyException; +import javax.xml.bind.Unmarshaller; +import javax.xml.transform.Source; +import javax.xml.transform.dom.DOMResult; + +import org.w3._2000._09.xmldsig_.KeyValueType; +import org.w3c.dom.Attr; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; +import at.gv.e_government.reference.namespace.persondata._20020228_.AbstractPersonType; +import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; +import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType; +import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; +import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value; +import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName; +import at.gv.egiz.idlink.ans1.CitizenPublicKey; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.idlink.ans1.PersonData; +import at.gv.egiz.idlink.ans1.PhysicalPersonData; +import at.gv.egiz.xmldsig.KeyTypeNotSupportedException; +import at.gv.egiz.xmldsig.KeyValueFactory; + +public class CompressedIdentityLinkFactory { + + /** + * The instance returned by {@link #getInstance()}. + */ + private static CompressedIdentityLinkFactory instance; + + /** + * The JAXBContext. + */ + private static JAXBContext jaxbContext; + + /** + * The KeyValueFactory. + */ + private static KeyValueFactory keyValueFactory; + + /** + * Get an instance of this CompressedIdentityLinkFactory. + * + * @return an instance of this CompressedIdentityLinkFactory + */ + public synchronized static CompressedIdentityLinkFactory getInstance() { + if (instance == null) { + instance = new CompressedIdentityLinkFactory(); + } + return instance; + } + + /** + * Private constructor. + */ + private CompressedIdentityLinkFactory() { + + keyValueFactory = new KeyValueFactory(); + + StringBuffer packageNames = new StringBuffer(); + packageNames.append(at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory.class.getPackage().getName()); + packageNames.append(":"); + packageNames.append(org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName()); + packageNames.append(":"); + packageNames.append(org.w3._2001._04.xmldsig_more_.ObjectFactory.class.getPackage().getName()); + packageNames.append(":"); + packageNames.append(at.buergerkarte.namespaces.personenbindung._20020506_.ObjectFactory.class.getPackage().getName()); + + try { + jaxbContext = JAXBContext.newInstance(packageNames.toString()); + } catch (JAXBException e) { + // we should not get an JAXBException initializing the JAXBContext + throw new RuntimeException(e); + } + + } + + public IdentityLink createIdLink(CompressedIdentityLinkType compressedIdentityLinkType) { + + // IssuerTemplate + String issuerTemplate = compressedIdentityLinkType.getIssuerTemplate(); + + // AssertionId + String assertionID = compressedIdentityLinkType.getAssertionID(); + + // IssueInstant + String issueInstant = compressedIdentityLinkType.getIssueInstant(); + + AbstractPersonType personDataType = compressedIdentityLinkType.getPersonData(); + + String baseId = null; + + List identifications = personDataType.getIdentification(); + for (IdentificationType identificationType : identifications) { + String type = identificationType.getType(); + if ("urn:publicid:gv.at:baseid".equals(type)) { + baseId = identificationType.getValue().getValue(); + } + } + + String givenName = null; + String familyName = null; + String dateOfBirth = null; + + if (personDataType instanceof PhysicalPersonType) { + PhysicalPersonType physicalPersonType = (PhysicalPersonType) personDataType; + PersonNameType name = physicalPersonType.getName(); + List givenNames = name.getGivenName(); + if (!givenNames.isEmpty()) { + givenName = givenNames.get(0); + } + List familyNames = name.getFamilyName(); + if (!familyNames.isEmpty()) { + familyName = familyNames.get(0).getValue(); + } + dateOfBirth = physicalPersonType.getDateOfBirth(); + } + + PhysicalPersonData physicalPersonData = new PhysicalPersonData(baseId, givenName, familyName, dateOfBirth); + PersonData personData = new PersonData(physicalPersonData); + + int numKeys = compressedIdentityLinkType.getCitizenPublicKey().size(); + CitizenPublicKey[] citizenPublicKeys = new CitizenPublicKey[numKeys]; + for (int i = 0; i < numKeys;) { + citizenPublicKeys[i] = new CitizenPublicKey(++i); + } + + byte[] signatureValue = compressedIdentityLinkType.getSignatureValue(); + byte[] referenceDigest = compressedIdentityLinkType.getReferenceDigest(); + byte[] referenceManifestDigest = compressedIdentityLinkType.getReferenceManifestDigest(); + byte[] manifestReferenceDigest = compressedIdentityLinkType.getManifestReferenceDigest(); + + IdentityLink idLink = new IdentityLink(issuerTemplate, assertionID, issueInstant, personData, citizenPublicKeys, signatureValue); + idLink.setReferenceDigest(referenceDigest); + idLink.setReferenceManifestDigest(referenceManifestDigest); + idLink.setManifestReferenceDigest(manifestReferenceDigest); + + return idLink; + + } + + /** + * Creates a new CompressedIdentityLink element from the given + * ASN.1 representation of an idLink. + * + * @param idLink + * the ASN.1 representation of an IdentityLink + * @param certificates + * a list of {@link X509Certificate}s containing the corresponding + * public keys + * @param domainId TODO + * @return a new CompressedIdentityLink element + * + * @throws NullPointerException + * if idLink or certificates is + * null + * @throws IllegalArgumentException + * if idLink references certificates not in the range + * of the certificates list + */ + public JAXBElement createCompressedIdentityLink( + at.gv.egiz.idlink.ans1.IdentityLink idLink, + List certificates, String domainId) { + + at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory prFactory = + new at.gv.e_government.reference.namespace.persondata._20020228_.ObjectFactory(); + + at.buergerkarte.namespaces.personenbindung._20020506_.ObjectFactory pbFactory = + new at.buergerkarte.namespaces.personenbindung._20020506_.ObjectFactory(); + + org.w3._2000._09.xmldsig_.ObjectFactory dsFactory = new org.w3._2000._09.xmldsig_.ObjectFactory(); + + // PersonData + PhysicalPersonData __physicalPersonData = idLink.getPersonData() + .getPhysicalPerson(); + + Value identificationTypeValue = prFactory.createIdentificationTypeValue(); + identificationTypeValue.setValue(__physicalPersonData.getBaseId()); + IdentificationType identificationType = prFactory + .createIdentificationType(); + identificationType.setValue(identificationTypeValue); + if (domainId != null) { + identificationType.setType(domainId); + } else { + identificationType.setType("urn:publicid:gv.at:baseid"); + } + + PersonNameType personNameType = prFactory.createPersonNameType(); + FamilyName personNameTypeFamilyName = prFactory + .createPersonNameTypeFamilyName(); + personNameTypeFamilyName.setValue(__physicalPersonData.getFamilyName()); + personNameType.getFamilyName().add(personNameTypeFamilyName); + personNameType.getGivenName().add(__physicalPersonData.getGivenName()); + + PhysicalPersonType physicalPersonType = prFactory + .createPhysicalPersonType(); + physicalPersonType.getIdentification().add(identificationType); + physicalPersonType.setName(personNameType); + physicalPersonType.setDateOfBirth(__physicalPersonData.getDateOfBirth()); + + // CompressedIdentityLink + CompressedIdentityLinkType compressedIdentityLinkType = pbFactory + .createCompressedIdentityLinkType(); + compressedIdentityLinkType.setIssuerTemplate(idLink.getIssuerTemplate()); + compressedIdentityLinkType.setAssertionID(idLink.getAssertionID()); + compressedIdentityLinkType.setIssueInstant(idLink.getIssueInstant()); + compressedIdentityLinkType.setPersonData(physicalPersonType); + + // CitizenPublicKey + CitizenPublicKey[] __citizenPublicKeys = idLink.getCitizenPublicKeys(); + for (CitizenPublicKey __citizenPublicKey : __citizenPublicKeys) { + + X509Certificate certificate = certificates.get(__citizenPublicKey.getOnToken()); + PublicKey publicKey = certificate.getPublicKey(); + + JAXBElement keyValue; + try { + keyValue = keyValueFactory.createKeyValue(publicKey); + } catch (KeyTypeNotSupportedException e) { + // TODO: handle exception properly + throw new RuntimeException(e); + } + + KeyValueType keyValueType = dsFactory.createKeyValueType(); + keyValueType.getContent().add(keyValue); + + compressedIdentityLinkType.getCitizenPublicKey().add(keyValueType); + } + + compressedIdentityLinkType.setSignatureValue(idLink.getSignatureValue()); + compressedIdentityLinkType.setReferenceDigest(idLink.getReferenceDigest()); + compressedIdentityLinkType.setReferenceManifestDigest(idLink + .getReferenceManifestDigest()); + compressedIdentityLinkType.setManifestReferenceDigest(idLink + .getManifestReferenceDigest()); + JAXBElement compressedIdentityLink = pbFactory + .createCompressedIdentityLink(compressedIdentityLinkType); + + return compressedIdentityLink; + + } + + /** + * Marshall the given compressedIdentityLink into a DOM document + * with the given Nodes as parent and nextSibling + * nodes. + * + * @param compressedIdentityLink + * the CompressedIdentityLink element + * @param parent + * the parent node + * @param nextSibling + * the next sibling node (may be null) + * @param applyWorkarounds + * apply workarounds as spefiyed by + * {@link #applyWorkarounds(Element, int)} + * + * @throws JAXBException + * if an unexpected error occurs while marshalling + * @throws NullPointerException + * if compressdIdentityLink or parent is + * null + */ + public void marshallCompressedIdentityLink( + JAXBElement compressedIdentityLink, + Node parent, Node nextSibling, boolean applyWorkarounds) throws JAXBException { + + DOMResult result = new DOMResult(parent, nextSibling); + + + try { + Marshaller marshaller = jaxbContext.createMarshaller(); + + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + + marshaller.marshal(compressedIdentityLink, result); + } catch (PropertyException e) { + throw new RuntimeException(e); + } + + if (applyWorkarounds) { + Element element = (Element) ((nextSibling != null) + ? nextSibling.getPreviousSibling() + : parent.getFirstChild()); + applyWorkarounds(element, 76); + } + + } + + @SuppressWarnings("unchecked") + public CompressedIdentityLinkType unmarshallCompressedIdentityLink(Source source) throws JAXBException { + + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + + return ((JAXBElement) unmarshaller.unmarshal(source)).getValue(); + + } + + /** + * Apply some workarounds to the given CompressedIdentityLink + * element to achieve compatibility with IdentityLink + * transformation stylesheets that have been designed for a (buggy) form of + * the CompressedIdentityLink as produced by a well-known citizen card + * environment implementation. + * + *
    + *
  1. Replace the attribute node URN of the + * NamedCurve element of an ECDSAKeyValue element by + * a child text-node with the same content.
    2. + *
  2. Replace the attribute nodes Value of the X + * and Y elements of an ECDSAKeyValue element by a + * child text-node with the same content.
    3. + *
  3. Insert "\n" at base64LineLength into the Base64 + * content of the Modulus element of an RSAKeyValue + * element. + *
+ * + * @param element + * the CompressedIdentityLink element + * @param base64LineLength + * the line length of Base64 content + */ + public void applyWorkarounds(Element element, int base64LineLength) { + + Document document = element.getOwnerDocument(); + + NodeList nodeList = element.getElementsByTagNameNS( + "http://www.w3.org/2001/04/xmldsig-more#", "NamedCurve"); + for (int i = 0; i < nodeList.getLength(); i++) { + Node ecdsaNameCurve = nodeList.item(i); + Attr attrNode = ((Element) ecdsaNameCurve).getAttributeNodeNS(null, + "URN"); + ecdsaNameCurve + .appendChild(document.createTextNode(attrNode.getValue())); + ((Element) ecdsaNameCurve).removeAttributeNode(attrNode); + } + nodeList = document.getElementsByTagNameNS( + "http://www.w3.org/2001/04/xmldsig-more#", "X"); + for (int i = 0; i < nodeList.getLength(); i++) { + Node x = nodeList.item(i); + Attr attrNode = ((Element) x).getAttributeNodeNS(null, "Value"); + x.appendChild(document.createTextNode(attrNode.getValue())); + ((Element) x).removeAttributeNode(attrNode); + } + nodeList = document.getElementsByTagNameNS( + "http://www.w3.org/2001/04/xmldsig-more#", "Y"); + for (int i = 0; i < nodeList.getLength(); i++) { + Node y = nodeList.item(i); + Attr attrNode = ((Element) y).getAttributeNodeNS(null, "Value"); + y.appendChild(document.createTextNode(attrNode.getValue())); + ((Element) y).removeAttributeNode(attrNode); + } + + if (base64LineLength > 0) { + nodeList = document.getElementsByTagNameNS( + "http://www.w3.org/2000/09/xmldsig#", "Modulus"); + for (int i = 0; i < nodeList.getLength(); i++) { + Node modulus = nodeList.item(i); + String value = ((Element) modulus).getTextContent(); + BufferedReader reader = new BufferedReader(new InputStreamReader( + new ByteArrayInputStream(value.getBytes()))); + char[] buff = new char[base64LineLength]; + StringBuffer newValue = new StringBuffer(); + int found = 0; + try { + while ((found = reader.read(buff)) > 0) { + newValue.append(buff, 0, found); + if (found == base64LineLength) + newValue.append('\n'); + } + } catch (IOException e) { + // this should never happen, as we are reading from a ByteArrayInputStream + throw new RuntimeException(e); + } + ((Element) modulus).setTextContent(newValue.toString()); + } + + } + + + } + +} diff --git a/utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java b/utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java new file mode 100644 index 00000000..7886b07d --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/IdentityLinkTransformer.java @@ -0,0 +1,285 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink; + +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.xml.transform.Result; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.stream.StreamSource; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.Text; + +public class IdentityLinkTransformer { + + private class IdLTransformer { + + /** + * Is transformer in use? + */ + private boolean inUse = false; + + /** + * How often has this transformer been used? + */ + private int timesUsed = 0; + + /** + * The time this transformer has been created. + */ + private long created; + + /** + * When has this transformer been used the last time? + */ + private long lastTimeUsed; + + /** + * Average performance in milliseconds. + */ + private long time; + + /** + * Time used for initialization. + */ + private long initTime; + + /** + * The stylesheet transformer. + */ + private Transformer transformer; + + /** + * Stylesheet URL. + */ + private String stylesheetURL; + + /** + * + * @param stylesheetURL + * @throws IOException + * @throws TransformerConfigurationException + */ + public IdLTransformer(String stylesheetURL) throws IOException, TransformerConfigurationException { + + created = System.currentTimeMillis(); + + // TODO: implement stylesheet cache + this.stylesheetURL = stylesheetURL; + URL url = new URL(stylesheetURL); + + if (!"http".equalsIgnoreCase(url.getProtocol()) && !"https".equalsIgnoreCase(url.getProtocol())) { + throw new MalformedURLException("Protocol " + url.getProtocol() + " not supported for IssuerTemplate URL."); + } + StreamSource source = new StreamSource(url.openStream()); + + transformer = factory.newTransformer(source); + + initTime = System.currentTimeMillis() - created; + + } + + public void transform(Source xmlSource, Result outputTarget) throws TransformerException { + long t0 = System.currentTimeMillis(); + try { + transformer.transform(xmlSource, outputTarget); + } catch (TransformerException e) { + throw e; + } finally { + inUse = false; + long t1 = System.currentTimeMillis(); + time += (t1 - t0); + timesUsed++; + lastTimeUsed = System.currentTimeMillis(); + } + } + + /** + * @return true if this transformer is in use, or false otherwise + */ + public boolean isInUse() { + return inUse; + } + + @Override + public String toString() { + StringBuffer str = new StringBuffer(); + str.append("Transformer ").append(stylesheetURL) + .append("\n created ").append(new Date(created)).append(" used ").append( + timesUsed).append(" times, (init ").append(initTime).append("ms / ") + .append(((float) time) / timesUsed).append("ms avg) last time ").append(new Date(lastTimeUsed)); + return str.toString(); + } + + } + + /** + * The transfomer factory. + */ + private static TransformerFactory factory; + + /** + * The instance to be returned by {@link #getInstance()}. + */ + private static IdentityLinkTransformer instance; + + /** + * Returns an instance of this IdentityLinkTransfomer. + * + * @return an instance of this IdentityLinkTransformer + */ + public static IdentityLinkTransformer getInstance() { + if (instance == null) { + instance = new IdentityLinkTransformer(); + factory = TransformerFactory.newInstance(); + } + return instance; + } + + /** + * Sets the given domainIdentifier on the corresponding + * node of the given idLink. + *

This method may be used to cope with a flaw in the IssuerTemplate-Stylesheets + * used to transform a CompressedIdentitiyLink into an + * IdentityLink. Some IssuerTemplate-Stylesheets do not + * consider the pr:Type element value of the + * CompressedIdentityLink and render a pr:Type + * element value of urn:publicid:gv.at:baseid + * into the IdentityLink structure. This method allows to + * set the pr:Type element value on the given idLink + * after the transformation. + *

+ * + * @param idLink the IdentityLink element or one of it's ancestors. + * Must not be null. + * + * @param domainIdentifier the value to be set for the pr:Type element + * + * @throws NullPointerException if idLink is null. + */ + public static void setDomainIdentifier(Node idLink, String domainIdentifier) { + + Element element; + if (idLink instanceof Element) { + element = (Element) idLink; + } else if (idLink instanceof Document) { + element = ((Document) idLink).getDocumentElement(); + } else if (idLink != null) { + Document document = idLink.getOwnerDocument(); + element = document.getDocumentElement(); + } else { + throw new NullPointerException("Parameter 'idLink' must no be null."); + } + + NodeList nodeList = element.getElementsByTagNameNS( + "http://reference.e-government.gv.at/namespace/persondata/20020228#", + "Type"); + + for (int i = 0; i < nodeList.getLength(); i++) { + if (nodeList.item(i) instanceof Element) { + Element typeElement = (Element) nodeList.item(i); + NodeList children = typeElement.getChildNodes(); + for (int j = 0; j < children.getLength(); j++) { + if (children.item(j) instanceof Text) { + ((Text) children.item(j)).setNodeValue(domainIdentifier); + } + } + } + } + + } + + /** + * The pool of Transformer. + */ + private Map> pool; + + /** + * Private constructor. + */ + private IdentityLinkTransformer() { + pool = new HashMap>(); + } + + private synchronized IdLTransformer getFreeTransfomer(String stylesheetURL) throws TransformerConfigurationException, IOException { + + IdLTransformer transformer = null; + + List transfomerList = pool.get(stylesheetURL); + if (transfomerList == null) { + transfomerList = new ArrayList(); + pool.put(stylesheetURL, transfomerList); + } + + for (IdLTransformer candTransformer : transfomerList) { + if (!candTransformer.inUse) { + transformer = candTransformer; + break; + } + } + + if (transformer == null) { + transformer = new IdLTransformer(stylesheetURL); + transfomerList.add(transformer); + } + + transformer.inUse = true; + return transformer; + + } + + public void transformIdLink(String stylesheetURL, Source source, Result result) throws IOException, TransformerException { + IdLTransformer transformer = getFreeTransfomer(stylesheetURL); + transformer.transform(source, result); + } + + public String getStatistics() { + + StringBuffer str = new StringBuffer(); + Iterator keys = pool.keySet().iterator(); + int count = 0; + while (keys.hasNext()) { + String stylesheetURL = (String) keys.next(); + str.append("Stylesheet URL: ").append(stylesheetURL); + Iterator transformer = pool.get(stylesheetURL).iterator(); + while (transformer.hasNext()) { + IdLTransformer idLTransformer = (IdLTransformer) transformer.next(); + str.append("\n ").append(idLTransformer); + count++; + } + } + str.append("\n(").append(count).append(" transformer)"); + return str.toString(); + } + +} diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java new file mode 100644 index 00000000..c32cf2b9 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/CitizenPublicKey.java @@ -0,0 +1,92 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import java.math.BigInteger; + +import iaik.asn1.*; + +/** + * This class implements the ASN.1 representation of the + * CitizenPublicKey of a compressed identity link. + * + * 
CitizenPublicKey ::= CHOICE { 
+    onToken [0] INTEGER, 
+    referenceURL [1] UTF8String, 
+    x509Data [2] SubjectPublicKeyInfo 
+}  
+
+ * + * @author mivkovic@egiz.gv.at, mcentner@egiz.gv.at + */ +public class CitizenPublicKey implements ASN1Type { + + /** + * onToken + */ + private int onToken; // INTEGER + + /** + * Creates a new CitizenPublicKey with the given + * onToken value. + * + * @param onToken + */ + public CitizenPublicKey(int onToken) { + this.onToken = onToken; + } + + /** + * Creates a new CitizenPublicKey from the given ASN.1 representation. + * + * @param obj + * @throws CodingException + */ + public CitizenPublicKey(ASN1Object obj) throws CodingException { + decode(obj); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + try { + BigInteger Value = (BigInteger)(obj.getValue()); + onToken = Value.intValue(); + } catch (Exception ex) { + throw new CodingException(ex.toString()); + } + } + + @Override + public ASN1Object toASN1Object() { + INTEGER ot = new INTEGER(onToken); + return ot; + } + + /** + * Returns the DER encoding of this CitizenPublicKey. + * + * @return the DER encoding of this CitizenPublicKey + */ + public byte[] getEncoded() { + return DerCoder.encode(toASN1Object()); + } + + public int getOnToken() { + return onToken; + } + +} \ No newline at end of file diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java new file mode 100644 index 00000000..37e4b240 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/IdentityLink.java @@ -0,0 +1,315 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import iaik.asn1.ASN1Object; +import iaik.asn1.ASN1Type; +import iaik.asn1.BIT_STRING; +import iaik.asn1.CON_SPEC; +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; +import iaik.asn1.INTEGER; +import iaik.asn1.SEQUENCE; +import iaik.asn1.UTF8String; + +/** + * This class impelments an ASN.1 representation of the compressed IdentiyLink. + * 
+PersonenBindung ::= SEQUENCE { 
+    version INTEGER, 
+    issuerTemplate UTF8String, 
+    assertionID UTF8String, 
+    issueInstant UTF8String, 
+    personData PersonData, 
+    citizenPublicKey SEQUENCE SIZE (1..MAX) OF CitizenPublicKey, 
+    signatureValue BIT STRING, 
+    referenceDigest [0] BIT STRING OPTIONAL, 
+    referenceManifestDigest [1] BIT STRING OPTIONAL, 
+    manifestReferenceDigest [2] BIT STRING OPTIONAL 
+} 
+
+ * + * @author mivkovic@egiz.gv.at, mcentner@egiz.gv.at + */ +public class IdentityLink implements ASN1Type { + + private int version = 1; // INTEGER + private String issuerTemplate; // UTF8String + private String assertionID; // UTF8String + private String issueInstant; // UTF8String + private PersonData personData; // PersonData + private CitizenPublicKey[] citizenPublicKeys; // SEQUENCE SIZE (1..MAX) OF + private byte[] signatureValue; // BIT STRING + private byte[] referenceDigest; // BIT STRING OPTIONAL + private byte[] referenceManifestDigest; // BIT STRING OPTIONAL + private byte[] manifestReferenceDigest; // BIT STRING OPTIONAL + + /** + * Creates a new IdentityLink with the given + * issuerTemplate, assertionID, + * issueInstant, personData, + * citizenPublicKeys and signatureValue. + * + * @param issuerTemplate + * @param assertionID + * @param issueInstant + * @param personData + * @param citizenPublicKeys + * @param signatureValue + */ + public IdentityLink(String issuerTemplate, String assertionID, + String issueInstant, PersonData personData, + CitizenPublicKey[] citizenPublicKeys, byte[] signatureValue) { + this.issuerTemplate = issuerTemplate; + this.assertionID = assertionID; + this.issueInstant = issueInstant; + this.personData = personData; + this.citizenPublicKeys = citizenPublicKeys; + this.signatureValue = signatureValue; + } + + /** + * Create a new IdentityLink from an ASN1Object. + * + * @param identiyLink + * @throws CodingException + */ + public IdentityLink(ASN1Object identiyLink) throws CodingException { + decode(identiyLink); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + issuerTemplate = (String) ((ASN1Object) obj.getComponentAt(1)).getValue(); + assertionID = (String) ((ASN1Object) obj.getComponentAt(2)).getValue(); + issueInstant = (String) ((ASN1Object) obj.getComponentAt(3)).getValue(); + + if (((CON_SPEC) obj.getComponentAt(4)).getAsnType().getTag() == 0) + personData = new PersonData((ASN1Object) obj.getComponentAt(4).getValue()); + else { + throw new CodingException("CorporateBodyData currently not supported."); + } + + SEQUENCE publicKeySequence = (SEQUENCE) obj.getComponentAt(5); + int anz = publicKeySequence.countComponents(); + citizenPublicKeys = new CitizenPublicKey[anz]; + for (int i = 0; i < citizenPublicKeys.length; i++) { + CON_SPEC tmp = (CON_SPEC) publicKeySequence.getComponentAt(i); + if (tmp.getAsnType().getTag() == 0) { + citizenPublicKeys[i] = new CitizenPublicKey((ASN1Object) tmp.getValue()); + } else { + throw new CodingException( + "Currently only PublicKeys on token are supported."); + } + } + + signatureValue = (byte[]) ((ASN1Object) obj.getComponentAt(6)).getValue(); + + for (int i = 7; i < obj.countComponents(); i++) { + CON_SPEC tmp = (CON_SPEC) obj.getComponentAt(i); + switch (tmp.getAsnType().getTag()) { + case 0: + referenceDigest = (byte[]) ((BIT_STRING) tmp.getValue()).getValue(); + break; + case 1: + referenceManifestDigest = (byte[]) ((BIT_STRING) tmp.getValue()) + .getValue(); + break; + case 2: + manifestReferenceDigest = (byte[]) ((BIT_STRING) tmp.getValue()) + .getValue(); + break; + } + + } + + } + + @Override + public ASN1Object toASN1Object() { + SEQUENCE pb = new SEQUENCE(); + pb.addComponent(new INTEGER(version)); + pb.addComponent(new UTF8String(issuerTemplate)); + pb.addComponent(new UTF8String(assertionID)); + pb.addComponent(new UTF8String(issueInstant)); + + pb.addComponent(new CON_SPEC(0, personData.toASN1Object())); + SEQUENCE seq = new SEQUENCE(); + for (int i = 0; i < citizenPublicKeys.length; i++) { + seq.addComponent(new CON_SPEC(0, citizenPublicKeys[i].toASN1Object())); + } + pb.addComponent(seq); + pb.addComponent(new BIT_STRING(signatureValue)); + if (referenceDigest != null) + pb.addComponent(new CON_SPEC(0, new BIT_STRING(referenceDigest))); + if (referenceManifestDigest != null) + pb.addComponent(new CON_SPEC(1, new BIT_STRING(referenceManifestDigest))); + if (manifestReferenceDigest != null) + pb.addComponent(new CON_SPEC(2, new BIT_STRING(manifestReferenceDigest))); + return pb; + } + + /** + * Returns the DER encoding of this IdentityLink. + * + * @return the DER encoding of this IdentityLink + */ + public byte[] toByteArray() { + return DerCoder.encode(toASN1Object()); + } + + /** + * @return the version + */ + public int getVersion() { + return version; + } + + /** + * @param version the version to set + */ + public void setVersion(int version) { + this.version = version; + } + + /** + * @return the issuerTemplate + */ + public String getIssuerTemplate() { + return issuerTemplate; + } + + /** + * @param issuerTemplate the issuerTemplate to set + */ + public void setIssuerTemplate(String issuerTemplate) { + this.issuerTemplate = issuerTemplate; + } + + /** + * @return the assertionID + */ + public String getAssertionID() { + return assertionID; + } + + /** + * @param assertionID the assertionID to set + */ + public void setAssertionID(String assertionID) { + this.assertionID = assertionID; + } + + /** + * @return the issueInstant + */ + public String getIssueInstant() { + return issueInstant; + } + + /** + * @param issueInstant the issueInstant to set + */ + public void setIssueInstant(String issueInstant) { + this.issueInstant = issueInstant; + } + + /** + * @return the personData + */ + public PersonData getPersonData() { + return personData; + } + + /** + * @param personData the personData to set + */ + public void setPersonData(PersonData personData) { + this.personData = personData; + } + + /** + * @return the citizenPublicKeys + */ + public CitizenPublicKey[] getCitizenPublicKeys() { + return citizenPublicKeys; + } + + /** + * @param citizenPublicKeys the citizenPublicKeys to set + */ + public void setCitizenPublicKeys(CitizenPublicKey[] citizenPublicKeys) { + this.citizenPublicKeys = citizenPublicKeys; + } + + /** + * @return the signatureValue + */ + public byte[] getSignatureValue() { + return signatureValue; + } + + /** + * @param signatureValue the signatureValue to set + */ + public void setSignatureValue(byte[] signatureValue) { + this.signatureValue = signatureValue; + } + + /** + * @return the referenceDigest + */ + public byte[] getReferenceDigest() { + return referenceDigest; + } + + /** + * @param referenceDigest the referenceDigest to set + */ + public void setReferenceDigest(byte[] referenceDigest) { + this.referenceDigest = referenceDigest; + } + + /** + * @return the referenceManifestDigest + */ + public byte[] getReferenceManifestDigest() { + return referenceManifestDigest; + } + + /** + * @param referenceManifestDigest the referenceManifestDigest to set + */ + public void setReferenceManifestDigest(byte[] referenceManifestDigest) { + this.referenceManifestDigest = referenceManifestDigest; + } + + /** + * @return the manifestReferenceDigest + */ + public byte[] getManifestReferenceDigest() { + return manifestReferenceDigest; + } + + /** + * @param manifestReferenceDigest the manifestReferenceDigest to set + */ + public void setManifestReferenceDigest(byte[] manifestReferenceDigest) { + this.manifestReferenceDigest = manifestReferenceDigest; + } + +} diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java new file mode 100644 index 00000000..2a537eb3 --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/PersonData.java @@ -0,0 +1,91 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import iaik.asn1.*; + +/** + * This class represents the ASN.1 version of the PersonData + * of a compressed identity link. + * + * 
+PersonData ::= CHOICE { 
+    physcialPerson [0] PhysicalPersonData, 
+    corporateBody [1] CorporateBodyData 
+}
+ * + * @author mivkovic@egiz.gv.at, mcentner@egiz.gv.at + * + */ +public class PersonData implements ASN1Type { + + /** + * physicalPerson + */ + private PhysicalPersonData physicalPerson; // PhysicalPersonData + + /** + * Creates a new PersonData with the given + * physicalPersonData. + * + * @param physicalPersonData + */ + public PersonData(PhysicalPersonData physicalPersonData) { + physicalPerson = physicalPersonData; + } + + /** + * Creates a new PersonData from its ASN.1 representation. + * + * @param obj + * @throws CodingException + */ + public PersonData(ASN1Object obj) throws CodingException { + decode(obj); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + try { + physicalPerson = new PhysicalPersonData(obj); + } catch (Exception ex) { + throw new CodingException(ex.toString()); + } + } + + @Override + public ASN1Object toASN1Object() { + return physicalPerson.toASN1Object(); + } + + /** + * Returns the DER encoded representation of this PersonData. + * + * @return the DER encoded representation of this PersonData + */ + public byte[] getEncoded() { + return DerCoder.encode(toASN1Object()); + } + + /** + * @return the physicalPerson + */ + public PhysicalPersonData getPhysicalPerson() { + return physicalPerson; + } + +} \ No newline at end of file diff --git a/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java b/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java new file mode 100644 index 00000000..a6aea97e --- /dev/null +++ b/utils/src/main/java/at/gv/egiz/idlink/ans1/PhysicalPersonData.java @@ -0,0 +1,143 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.idlink.ans1; + +import iaik.asn1.*; + +/** + * This class represents the ASN.1 version of the PhysicalPersonData + * of an compressed identity link. + * + * 
PhysicalPersonData ::= SEQUENCE { 
+    baseId UTF8String, 
+    givenName UTF8String, 
+    familyName UTF8String, 
+    dateOfBirth UTF8String
+}
+ * + * @author mivkovic@egiz.gv.at, mcentner@eigz.gv.at + */ +public class PhysicalPersonData implements ASN1Type { + + /** + * baseId + */ + private String baseId; // UTF8String + + /** + * givenName + */ + private String givenName; // UTF8String + + /** + * familyName + */ + private String familyName; // UTF8String + + /** + * dataOfBirth + */ + private String dateOfBirth; // UTF8String + + /** + * Creates a new PhysicalPersonData with the + * given baseId, givenName, familyName + * and dataOfBirth. + * + * @param baseId + * @param givenName + * @param familyName + * @param dateOfBirth + */ + public PhysicalPersonData(String baseId, String givenName, String familyName, String dateOfBirth) { + this.baseId = baseId; + this.givenName = givenName; + this.familyName = familyName; + this.dateOfBirth = dateOfBirth; + } + + /** + * Creates a new PhysicalPersonData from its ASN.1 representation. + * + * @param obj + * + * @throws CodingException + */ + public PhysicalPersonData(ASN1Object obj) throws CodingException { + decode(obj); + } + + @Override + public void decode(ASN1Object obj) throws CodingException { + try { + baseId = (String) ((ASN1Object) obj.getComponentAt(0)).getValue(); + givenName = (String) ((ASN1Object) obj.getComponentAt(1)).getValue(); + familyName = (String) ((ASN1Object) obj.getComponentAt(2)).getValue(); + dateOfBirth = (String) ((ASN1Object) obj.getComponentAt(3)).getValue(); + } catch (Exception ex) { + throw new CodingException(ex.toString()); + } + } + + @Override + public ASN1Object toASN1Object() { + SEQUENCE ppd = new SEQUENCE(); + ppd.addComponent(new UTF8String(baseId)); + ppd.addComponent(new UTF8String(givenName)); + ppd.addComponent(new UTF8String(familyName)); + ppd.addComponent(new UTF8String(dateOfBirth)); + return ppd; + } + + /** + * Returns the DER encoding of this PhysicalPersonData. + * + * @return the DER encoding of this PhysicalPersonData + */ + public byte[] toByteArray() { + return DerCoder.encode(toASN1Object()); + } + + /** + * @return the baseId + */ + public String getBaseId() { + return baseId; + } + + /** + * @return the givenName + */ + public String getGivenName() { + return givenName; + } + + /** + * @return the familyName + */ + public String getFamilyName() { + return familyName; + } + + /** + * @return the dateOfBirth + */ + public String getDateOfBirth() { + return dateOfBirth; + } + +} \ No newline at end of file -- cgit v1.2.3