Menu
▾
▴
[ebxmlms-commits] ebxmlms/src/hk/hku/cecid/phoenix/message/packaging EbxmlMessage.java,1.30,1.31 Element.java,1.3,1.4 ExtensionElementImpl.java,1.8,1.9 HeaderElement.java,1.6,1.7 PKISignatureImpl.java,1.8,1.9 Signature.java,1.7,1.8
Update of /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging
In directory sc8-pr-cvs1:/tmp/cvs-serv18267
Modified Files:
EbxmlMessage.java Element.java ExtensionElementImpl.java
HeaderElement.java PKISignatureImpl.java Signature.java
Log Message:
Bug fix: Digital Signature:
- In PKISignatureImpl.sign(), when soapPart is transformed to a DOM tree
(soapPartDocument), there is already an empty <ds:Signature> element
added into the tree. Thus, xmlsec would consider such an empty element
when computing digest for URI="". (I wonder such an empty <ds:Signature>
should be removed during transform but it is not, anyway.) Therefore,
the current solution is as follows: upon construction of Signature.
newInstance(), <ds:Signature> is not added immediate into the SOAP tree.
After xmlsec signing, domToSoap() would invoke Signature.getSOAPElement()
which really creates and inserts the <ds:Signature> at this moment.
- In PKISignatureImpl.verify(), if an EbxmlMessage is found to be file-based,
the file is used to build the DOM tree instead of the SOAP tree. This is
to eliminate the uncertainty that different SOAP prefixes may be probably
changed by JAXM during EbxmlMessage construction. To enable file-based
verification, EbxmlMessage is added with the methods,
setSOAPMessageFileOffset() and getSOAPMessageFileOffset(), to record the
offset position and length of the SOAP message in the file.
Index: EbxmlMessage.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging/EbxmlMessage.java,v
retrieving revision 1.30
retrieving revision 1.31
diff -C2 -d -r1.30 -r1.31
*** EbxmlMessage.java 11 Jul 2003 03:48:12 -0000 1.30
--- EbxmlMessage.java 16 Jul 2003 08:54:10 -0000 1.31
***************
*** 159,162 ****
--- 159,166 ----
private ArrayList payloadContainers;
+ private int soapMessageFileOffset;
+
+ private int soapMessageLength;
+
/**
* Optional file name in which the message is persisted.
***************
*** 248,251 ****
--- 252,257 ----
saveChanges();
+ soapMessageFileOffset = 0;
+ soapMessageLength = 0;
filename = null;
messageOrder = null;
***************
*** 901,906 ****
CertResolver certResolver)
throws SOAPException, SignatureException {
! Signature signature = Signature.newInstance(this);
! return signature.verify(password, keyStoreLocation, certResolver);
}
--- 907,927 ----
CertResolver certResolver)
throws SOAPException, SignatureException {
! boolean result = true;
! Iterator i = headerContainer.getSignatures();
! if (i.hasNext()) {
! while (i.hasNext()) {
! Signature sig = (Signature) i.next();
! Signature signature = Signature.newInstance
! (this, sig.soapEnvelope, sig.getSOAPElement());
! result = result && signature.verify
! (password, keyStoreLocation, certResolver);
! }
! }
! else {
! throw new SignatureException("No <" + Signature.
! NAMESPACE_PREFIX_DS + ":" + Signature.ELEMENT_SIGNATURE +
! "> element is found to be verified!");
! }
! return result;
}
***************
*** 1325,1328 ****
--- 1346,1361 ----
return null;
+ }
+
+ public void setSOAPMessageFileOffset(int offset, int length) {
+ soapMessageFileOffset = offset;
+ soapMessageLength = length;
+ }
+
+ public int[] getSOAPMessageFileOffset() {
+ int[] offset = new int[2];
+ offset[0] = soapMessageFileOffset;
+ offset[1] = soapMessageLength;
+ return offset;
}
Index: Element.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging/Element.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** Element.java 9 Apr 2003 07:48:20 -0000 1.3
--- Element.java 16 Jul 2003 08:54:10 -0000 1.4
***************
*** 88,93 ****
--- 88,95 ----
SOAPElement getSOAPElement() throws SOAPException;
+ /*
void synchronizeWithParent(SOAPElement parent, int index)
throws SOAPException;
+ */
/** Add an attribute of the given <code>name</code> and <code>value</code>
Index: ExtensionElementImpl.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging/ExtensionElementImpl.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** ExtensionElementImpl.java 10 Jun 2003 02:22:48 -0000 1.8
--- ExtensionElementImpl.java 16 Jul 2003 08:54:10 -0000 1.9
***************
*** 94,97 ****
--- 94,99 ----
protected final SOAPEnvelope soapEnvelope;
+ private final String localName;
+
/**
* An <code>ExtensionElement</code> by default has a namespace and URI
***************
*** 111,116 ****
this.soapEnvelope = soapEnvelope;
this.soapElement = soapElement;
! namespacePrefix = soapElement.getElementName().getPrefix();
! namespaceUri = soapElement.getElementName().getURI();
}
--- 113,120 ----
this.soapEnvelope = soapEnvelope;
this.soapElement = soapElement;
! Name name = soapElement.getElementName();
! localName = name.getLocalName();
! namespacePrefix = name.getPrefix();
! namespaceUri = name.getURI();
}
***************
*** 124,128 ****
throws SOAPException {
this(soapEnvelope, localName, NAMESPACE_PREFIX_EB, NAMESPACE_URI_EB,
! isHeaderElement);
}
--- 128,132 ----
throws SOAPException {
this(soapEnvelope, localName, NAMESPACE_PREFIX_EB, NAMESPACE_URI_EB,
! isHeaderElement, true);
}
***************
*** 134,139 ****
*/
ExtensionElementImpl(SOAPEnvelope soapEnvelope, String localName,
! String prefix, String uri, boolean isHeaderElement)
! throws SOAPException {
/*
soapElement = SOAPFactory.newInstance().
--- 138,143 ----
*/
ExtensionElementImpl(SOAPEnvelope soapEnvelope, String localName,
! String prefix, String uri, boolean isHeaderElement,
! boolean createSOAPElement) throws SOAPException {
/*
soapElement = SOAPFactory.newInstance().
***************
*** 141,155 ****
*/
this.soapEnvelope = soapEnvelope;
! Name name = soapEnvelope.createName(localName, prefix, uri);
! if (isHeaderElement) {
! soapElement = soapEnvelope.getHeader().addHeaderElement(name);
! if (uri.equals(NAMESPACE_URI_EB)) {
! ((SOAPHeaderElement) soapElement).
! setMustUnderstand(HeaderElement.MUST_UNDERSTAND);
! ((SOAPHeaderElement) soapElement).setActor(null);
}
}
else {
! soapElement = soapEnvelope.getBody().addBodyElement(name);
}
namespacePrefix = prefix;
--- 145,165 ----
*/
this.soapEnvelope = soapEnvelope;
! this.localName = localName;
! if (createSOAPElement) {
! Name name = soapEnvelope.createName(localName, prefix, uri);
! if (isHeaderElement) {
! soapElement = soapEnvelope.getHeader().addHeaderElement(name);
! if (uri.equals(NAMESPACE_URI_EB)) {
! ((SOAPHeaderElement) soapElement).
! setMustUnderstand(HeaderElement.MUST_UNDERSTAND);
! ((SOAPHeaderElement) soapElement).setActor(null);
! }
! }
! else {
! soapElement = soapEnvelope.getBody().addBodyElement(name);
}
}
else {
! soapElement = null;
}
namespacePrefix = prefix;
***************
*** 257,263 ****
--- 267,279 ----
*/
public SOAPElement getSOAPElement() throws SOAPException {
+ if (soapElement == null) {
+ Name name = soapEnvelope.createName
+ (localName, namespacePrefix, namespaceUri);
+ soapElement = soapEnvelope.getHeader().addHeaderElement(name);
+ }
return soapElement;
}
+ /*
public void synchronizeWithParent(SOAPElement parent, int index)
throws SOAPException {
***************
*** 280,283 ****
--- 296,300 ----
+ String.valueOf(index) + "!");
}
+ */
/** Add an attribute of the given <code>name</code> and <code>value</code>
Index: HeaderElement.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging/HeaderElement.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** HeaderElement.java 18 Jun 2003 09:14:43 -0000 1.6
--- HeaderElement.java 16 Jul 2003 08:54:10 -0000 1.7
***************
*** 119,123 ****
HeaderElement(SOAPEnvelope soapEnvelope, String localName, String prefix,
String uri) throws SOAPException {
! super(soapEnvelope, localName, prefix, uri, true);
}
--- 119,123 ----
HeaderElement(SOAPEnvelope soapEnvelope, String localName, String prefix,
String uri) throws SOAPException {
! super(soapEnvelope, localName, prefix, uri, true, false);
}
Index: PKISignatureImpl.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging/PKISignatureImpl.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** PKISignatureImpl.java 5 May 2003 08:45:07 -0000 1.8
--- PKISignatureImpl.java 16 Jul 2003 08:54:10 -0000 1.9
***************
*** 76,81 ****
import hk.hku.cecid.phoenix.pki.SignException;
import hk.hku.cecid.phoenix.pki.VerifyException;
! import java.io.ByteArrayInputStream;
! import java.io.ByteArrayOutputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
--- 76,80 ----
import hk.hku.cecid.phoenix.pki.SignException;
import hk.hku.cecid.phoenix.pki.VerifyException;
! import java.io.*;
import java.security.PrivateKey;
import java.security.PublicKey;
***************
*** 114,121 ****
}
! PKISignatureImpl(SOAPEnvelope soapEnvelope, SOAPElement soapElement)
! throws SOAPException {
super(soapEnvelope, soapElement);
! this.ebxmlMessage = null;
}
--- 113,120 ----
}
! PKISignatureImpl(EbxmlMessage ebxmlMessage, SOAPEnvelope soapEnvelope,
! SOAPElement soapElement) throws SOAPException {
super(soapEnvelope, soapElement);
! this.ebxmlMessage = ebxmlMessage;
}
***************
*** 236,246 ****
throws SignatureException {
try {
- final SOAPPart soapPart = ebxmlMessage.getSOAPMessage().
- getSOAPPart();
- DocumentResult docResult = new DocumentResult();
- TransformerFactory.newInstance().newTransformer().
- transform(soapPart.getContent(), docResult);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
! (new XMLWriter(baos)).write(docResult.getDocument());
DocumentBuilderFactory factory = DocumentBuilderFactory.
newInstance();
--- 235,270 ----
throws SignatureException {
try {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
! String fileName = ebxmlMessage.getFileName();
! if (fileName != null) {
! FileInputStream fis = new FileInputStream(fileName);
! int skipped = ebxmlMessage.getSOAPMessageFileOffset()[0];
! byte[] buffer = new byte[skipped];
! if (skipped > 0) {
! fis.read(buffer, 0, skipped);
! }
! int length = 0;
! for (int c = fis.read() ; c != -1 &&
! length < ebxmlMessage.getSOAPMessageFileOffset()[1] ;
! c = fis.read()) {
! baos.write(c);
! length++;
! }
! if (length != ebxmlMessage.getSOAPMessageFileOffset()[1]) {
! throw new VerifyException(ebxmlMessage.
! getSOAPMessageFileOffset()[1] + " bytes should be " +
! "read from <" + fileName + "> but only " + length +
! " bytes are successfully read");
! }
! fis.close();
! }
! else {
! final SOAPPart soapPart = ebxmlMessage.getSOAPMessage().
! getSOAPPart();
! DocumentResult docResult = new DocumentResult();
! TransformerFactory.newInstance().newTransformer().
! transform(soapPart.getContent(), docResult);
! (new XMLWriter(baos)).write(docResult.getDocument());
! }
DocumentBuilderFactory factory = DocumentBuilderFactory.
newInstance();
***************
*** 249,257 ****
final Document soapPartDocument = factory.newDocumentBuilder().
parse(new ByteArrayInputStream(baos.toByteArray()));
- final String soapHeaderName = soapPart.getEnvelope().getHeader().
- getElementName().getLocalName();
- final Element soapHeader = (Element) soapPartDocument.
- getElementsByTagNameNS(NAMESPACE_URI_SOAP_ENVELOPE,
- soapHeaderName).item(0);
ApacheXMLDSigner signature = new ApacheXMLDSigner();
--- 273,276 ----
***************
*** 326,330 ****
if (!name.equals(nsPrefix + NAMESPACE_PREFIX_DS) &&
! !name.equals(XML_NS_DECL_PREFIX)) {
addedChild.addAttribute(soapEnvelope.
createName(name), value);
--- 345,349 ----
if (!name.equals(nsPrefix + NAMESPACE_PREFIX_DS) &&
! !name.startsWith(XML_NS_DECL_PREFIX)) {
addedChild.addAttribute(soapEnvelope.
createName(name), value);
Index: Signature.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/packaging/Signature.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** Signature.java 5 May 2003 08:45:07 -0000 1.7
--- Signature.java 16 Jul 2003 08:54:10 -0000 1.8
***************
*** 349,353 ****
static Signature newInstance(SOAPEnvelope soapEnvelope,
SOAPElement soapElement) throws SOAPException {
! return new PKISignatureImpl(soapEnvelope, soapElement);
}
--- 349,359 ----
static Signature newInstance(SOAPEnvelope soapEnvelope,
SOAPElement soapElement) throws SOAPException {
! return new PKISignatureImpl(null, soapEnvelope, soapElement);
! }
!
! static Signature newInstance(EbxmlMessage ebxmlMessage,
! SOAPEnvelope soapEnvelope, SOAPElement soapElement)
! throws SOAPException {
! return new PKISignatureImpl(ebxmlMessage, soapEnvelope, soapElement);
}
|
