From db52e4d66d60184d53a27ba4d6772461daacc03d Mon Sep 17 00:00:00 2001
From: tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>
Date: Fri, 22 Mar 2013 08:57:51 +0000
Subject: Maintenance update (bugfixes, new features, cleanup...) Refer to
 /dok/RELEASE_NOTES-3.3.txt for further information.

git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/pdf-as/trunk@931 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
---
 .../wag/egov/egiz/sig/connectors/MOAConnector.java | 47 +++++++++++++---------
 1 file changed, 27 insertions(+), 20 deletions(-)

(limited to 'pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java')

diff --git a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java
index ef355a0..d413a29 100644
--- a/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java
+++ b/pdf-as-lib/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/MOAConnector.java
@@ -63,7 +63,7 @@ import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
 
 /**
  * Connector to access the MOA service.
- * 
+ *
  * @deprecated
  * @author wlackner
  * @author wprinz
@@ -72,7 +72,7 @@ public class MOAConnector implements Connector
 {
   /**
    * ConnectorInformation that identifies this Connector to the system.
-   * 
+   *
    * @see at.knowcenter.wag.egov.egiz.sig.ConnectorFactory
    * @see ConnectorInformation
    */
@@ -80,7 +80,7 @@ public class MOAConnector implements Connector
 
   /**
    * The class type value.
-   * 
+   *
    * <p>
    * Just for convenience.
    * </p>
@@ -122,7 +122,7 @@ public class MOAConnector implements Connector
 
   /**
    * load the inital signature settings
-   * 
+   *
    * @see SettingsReader
    */
   private void loadSettings() throws SignatureException
@@ -148,7 +148,7 @@ public class MOAConnector implements Connector
    * SignatureObject is filled out by the parsed MOA-Response. <br>
    * If an error request is send back from MOA, an error message is generated an
    * an exception is thrown.
-   * 
+   *
    * @param sigType
    *          the type of the SignatureObject that should be returned
    * @param userName
@@ -282,7 +282,7 @@ public class MOAConnector implements Connector
    * SignatureValue, X509IssuerName, SigningTime, X509SerialNumber,
    * X509Certificate, CertDigest and DigestValues. If the X509Certificate is
    * extracted it would be stored in the certificates directory.
-   * 
+   *
    * @param xmlResponse
    *          the response string from the MOA sign-request
    * @param sigObj
@@ -393,7 +393,7 @@ public class MOAConnector implements Connector
   /**
    * This method reads the verify template from the file system and fills out
    * the template with the SignatureObject values.
-   * 
+   *
    * @param normalizedText
    *          the normalized text to veryfied
    * @param sigObject
@@ -453,12 +453,18 @@ public class MOAConnector implements Connector
       // byte[] issuer_name =
       // CodingHelper.encodeUTF8(sigObject.getSignationIssuer());
       // new String(issuer_name)
-      sig_prop_str = sig_prop_str.replaceFirst("X509IssuerNameReplace", sigObject.getSignationIssuer());
+
+      // fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll)
+      // methods are regarded, backslashes in the replacement string may cause the results to be different than
+      // if it were being treated as a literal replacement string.
+//      sig_prop_str = sig_prop_str.replaceFirst("X509IssuerNameReplace", sigObject.getSignationIssuer());
+      sig_prop_str = sig_prop_str.replace("X509IssuerNameReplace", sigObject.getSignationIssuer());
       sig_prop_str = sig_prop_str.replaceFirst("X509SerialNumberReplace", sigObject.getSignationSerialNumber());
       sig_prop_str = sig_prop_str.replaceFirst("DigestValueX509CertificateReplace", sigObject.getX509CertificateDigest());
 
       verify_req_str = verify_req_str.replaceFirst("CertAlgReplace", cert_alg);
-      verify_req_str = verify_req_str.replaceFirst("TemplateSignedPropertiesReplace", sig_prop_str);
+//      verify_req_str = verify_req_str.replaceFirst("TemplateSignedPropertiesReplace", sig_prop_str);
+      verify_req_str = verify_req_str.replace("TemplateSignedPropertiesReplace", sig_prop_str);
       byte[] sig_prop_code = CodingHelper.buildDigest(sig_prop_str.getBytes("UTF-8"), "sha1"); // added
       // the
       // ("UTF-8")
@@ -509,7 +515,7 @@ public class MOAConnector implements Connector
    * This method generates the MOA verify prozess. It checks if the given
    * SignatureObject is signed by MOA or BKU. The verify template string is
    * filled out by the corresponding method.
-   * 
+   *
    * @param normalizedText
    *          the normalized text to verify
    * @param sigObject
@@ -548,7 +554,12 @@ public class MOAConnector implements Connector
       BKUConnector bku_conn = new BKUConnector();
       verify_template_str = bku_conn.getVerifyTemplate(normalizedText, sigObject);
     }
-    verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
+
+    // fixed by dti: Issuer names may contain escapted commas ("\,"). As far as replaceFirst (and replaceAll)
+    // methods are regarded, backslashes in the replacement string may cause the results to be different than
+    // if it were being treated as a literal replacement string.
+//    verify_req_str = verify_req_str.replaceFirst("XMLContentReplace", verify_template_str);
+    verify_req_str = verify_req_str.replace("XMLContentReplace", verify_template_str);
     verify_req_str = verify_req_str.replaceFirst("TrustProfileIDReplace", trust_profile);
 
     if (logger_.isDebugEnabled())
@@ -564,10 +575,6 @@ public class MOAConnector implements Connector
     }
     catch (WebException we)
     {
-      if (logger_.isDebugEnabled())
-      {
-        we.printStackTrace();
-      }
       SignatureException se = new SignatureException(we.getErrorCode(), we);
       throw se;
     }
@@ -616,7 +623,7 @@ public class MOAConnector implements Connector
    * This method parses the verify response string and return a
    * SignatureResponse object. The SignatureResponse object is filled out by the
    * response values from the BKU-response.
-   * 
+   *
    * @param xmlResponse
    *          the response values from the MOA-verify request
    * @return SignatureResponse object
@@ -639,7 +646,7 @@ public class MOAConnector implements Connector
     Pattern cert_qualified_p = Pattern.compile("<QualifiedCertificate/>");
     Matcher cert_qualified_m = cert_qualified_p.matcher(xmlResponse);
     // [tknall] stop qualified certificate
-    
+
     Pattern sig_chk_p_s = Pattern.compile("<SignatureCheck>");
     Pattern sig_chk_p_e = Pattern.compile("</SignatureCheck>");
     Pattern man_chk_p_s = Pattern.compile("<SignatureManifestCheck>");
@@ -671,11 +678,11 @@ public class MOAConnector implements Connector
     Matcher cert_m_e = cert_p_e.matcher(xmlResponse);
 
     SignatureResponse sig_res = new SignatureResponse();
-    
+
     // [tknall] start qualified certificate
     sig_res.setQualifiedCertificate(cert_qualified_m.find());
     // [tknall] stop qualified certificate
-    
+
     // public authority
     Pattern publicAuthority_p = Pattern.compile("<PublicAuthority/>");
     Matcher publicAuthority_m = publicAuthority_p.matcher(xmlResponse);
@@ -821,7 +828,7 @@ public class MOAConnector implements Connector
    * SOAP Message send and recieve by the AXIS module. The Response SOAP message
    * of the MOA server is parsed by AXIS and the message envelope is send back
    * to the calling method.
-   * 
+   *
    * @param requestString
    *          the request string (XML) to send.
    * @param serviceMode
-- 
cgit v1.2.3