Package org.certificateservices.messages.dss1.core

Class DSS1CoreMessageParser

    • Field Detail

      • SAML_1_1_NAMESPACE

        public static final java.lang.String SAML_1_1_NAMESPACE
        See Also:
        Constant Field Values

      • BASE_JAXB_CONTEXT

        protected static final java.lang.String BASE_JAXB_CONTEXT
        See Also:
        Constant Field Values

      • ASSERTION_XSD_SCHEMA_1_1_RESOURCE_LOCATION

        protected static final java.lang.String ASSERTION_XSD_SCHEMA_1_1_RESOURCE_LOCATION
        See Also:
        Constant Field Values

      • DSS_XSD_SCHEMA_1_0_RESOURCE_LOCATION

        protected static final java.lang.String DSS_XSD_SCHEMA_1_0_RESOURCE_LOCATION
        See Also:
        Constant Field Values

    • Constructor Detail

      • DSS1CoreMessageParser

        public DSS1CoreMessageParser()

    • Method Detail

      • getDefaultSchemaLocations

        public java.lang.String[] getDefaultSchemaLocations()
                                             throws org.xml.sax.SAXException
        Specified by:
        getDefaultSchemaLocations in class BaseSAMLMessageParser
        Returns:
        an array of schema locations used by the parser. The string value should point to resources available using getResourceAsStream()
        Throws:
        org.xml.sax.SAXException

      • lookupSchemaForElement

        protected java.lang.String lookupSchemaForElement​(java.lang.String type,
                                                  java.lang.String namespaceURI,
                                                  java.lang.String publicId,
                                                  java.lang.String systemId,
                                                  java.lang.String baseURI)
        Description copied from class: BaseSAMLMessageParser
        Method to find Schema for a specific element related to the custom schema locations. The implementation only need to find it's related XSD, the basic datatypes and XML itself are not needed.
        Specified by:
        lookupSchemaForElement in class BaseSAMLMessageParser
        Parameters:
        type - The type of the resource being resolved. For XML [XML 1.0] resources (i.e. entities), applications must use the value "http://www.w3.org/TR/REC-xml". For XML Schema [XML Schema Part 1], applications must use the value "http://www.w3.org/2001/XMLSchema". Other types of resources are outside the scope of this specification and therefore should recommend an absolute URI in order to use this method.
        namespaceURI - The namespace of the resource being resolved, e.g. the target namespace of the XML Schema [XML Schema Part 1] when resolving XML Schema resources.
        publicId - The public identifier of the external entity being referenced, or null if no public identifier was supplied or if the resource is not an entity.
        systemId - The system identifier, a URI reference [IETF RFC 2396], of the external resource being referenced, or null if no system identifier was supplied.
        baseURI - The absolute base URI of the resource being parsed, or null if there is no base URI.
        Returns:
        the resource as stream path to related schema XSD, or null if no matching found.

      • genSignRequest

        public SignRequest genSignRequest​(java.lang.String requestID,
                                  java.lang.String profile,
                                  java.util.List<java.lang.Object> optionalInputs,
                                  InputDocuments inputDocuments)
        Method to generate a SignRequest
        Parameters:
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        optionalInputs - Any additional inputs to the request. (Optional, use null to not set).
        inputDocuments - The input documents which the processing will be applied to. (Optional, use null to not set).
        Returns:
        a newly created SignRequest.

      • genSignRequest

        public byte[] genSignRequest​(ContextMessageSecurityProvider.Context context,
                             java.lang.String requestID,
                             java.lang.String profile,
                             java.util.List<java.lang.Object> optionalInputs,
                             InputDocuments inputDocuments,
                             boolean sign)
                      throws MessageProcessingException,
                             MessageContentException
        Method to generate a marshalled SignRequest that is optionally signed.
        Parameters:
        context - message security related context. Use null if no signature should be used.
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        optionalInputs - Any additional inputs to the request. (Optional, use null to not set).
        inputDocuments - The input documents which the processing will be applied to. (Optional, use null to not set).
        sign - if message should contains signature.
        Returns:
        a marshalled an optionally signed message.
        Throws:
        MessageProcessingException - if internal error occurred generating the message.
        MessageContentException - if bad message format was detected.

      • genSignResponse

        public SignResponse genSignResponse​(java.lang.String requestID,
                                    java.lang.String profile,
                                    Result result,
                                    java.util.List<java.lang.Object> optionalOutputs,
                                    SignatureObject signatureObject)
        Method to generate a SignResponse.
        Parameters:
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        result - A code representing the status of the request. (Required).
        optionalOutputs - Any additional outputs returned by the server. (Optional, use null to not set).
        signatureObject - The result signature or timestamp or, in the case of a signature being enveloped in an output document (see section 3.5.8), a pointer to the signature.In the case of SignaturePlacement being used this MUST contain a SignaturePtr, having the same XPath expression as in SignaturePlacement and pointing to a DocumentWithSignature using it's WhichDocument attribute. (Optional, use null to not set).
        Returns:
        a newly created SignResponse.

      • genSignResponse

        public byte[] genSignResponse​(ContextMessageSecurityProvider.Context context,
                              java.lang.String requestID,
                              java.lang.String profile,
                              Result result,
                              java.util.List<java.lang.Object> optionalOutputs,
                              SignatureObject signatureObject,
                              boolean sign)
                       throws MessageProcessingException,
                              MessageContentException
        Method to generate a marshalled SignResponse that is optionally signed.
        Parameters:
        context - message security related context. Use null if no signature should be used.
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        result - A code representing the status of the request. (Required).
        optionalOutputs - Any additional outputs returned by the server. (Optional, use null to not set).
        signatureObject - The result signature or timestamp or, in the case of a signature being enveloped in an output document (see section 3.5.8), a pointer to the signature.In the case of SignaturePlacement being used this MUST contain a SignaturePtr, having the same XPath expression as in SignaturePlacement and pointing to a DocumentWithSignature using it's WhichDocument attribute. (Optional, use null to not set).
        sign - if message should contain signature.
        Returns:
        a marshalled an optionally signed message.
        Throws:
        MessageProcessingException - if internal error occurred generating the message.
        MessageContentException - if bad message format was detected.

      • genVerifyRequest

        public VerifyRequest genVerifyRequest​(java.lang.String requestID,
                                      java.lang.String profile,
                                      java.util.List<java.lang.Object> optionalInputs,
                                      InputDocuments inputDocuments,
                                      SignatureObject signatureObject)
        Method to generate a VerifyRequest
        Parameters:
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        optionalInputs - Any additional inputs to the request. (Optional, use null to not set).
        inputDocuments - The input documents which the processing will be applied to. (Optional, use null to not set).
        signatureObject - This element contains a signature or timestamp, or else contains a SignaturePtr that points to an XML signature in one of the input documents. If this element is omitted, there must be only a single InputDocument which the server will search to find the to-be-verified signature(s). Either a SignaturePtr or a single InputDocument and no SignatureObject MUST be used whenever the to-be-verified signature is an XML signature which uses an Enveloped Signature Transform; otherwise the server would have difficulty locating the signature and applying the Enveloped Signature Transform. (Optional, use null to not set).
        Returns:
        a newly created VerifyRequest.

      • genVerifyRequest

        public byte[] genVerifyRequest​(ContextMessageSecurityProvider.Context context,
                               java.lang.String requestID,
                               java.lang.String profile,
                               java.util.List<java.lang.Object> optionalInputs,
                               InputDocuments inputDocuments,
                               SignatureObject signatureObject,
                               boolean sign)
                        throws MessageProcessingException,
                               MessageContentException
        Method to generate a marshalled VerifyRequest that is optionally signed.
        Parameters:
        context - message security related context. Use null if no signature should be used.
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        optionalInputs - Any additional inputs to the request. (Optional, use null to not set).
        inputDocuments - The input documents which the processing will be applied to. (Optional, use null to not set).
        signatureObject - This element contains a signature or timestamp, or else contains a SignaturePtr that points to an XML signature in one of the input documents. If this element is omitted, there must be only a single InputDocument which the server will search to find the to-be-verified signature(s). Either a SignaturePtr or a single InputDocument and no SignatureObject MUST be used whenever the to-be-verified signature is an XML signature which uses an Enveloped Signature Transform; otherwise the server would have difficulty locating the signature and applying the Enveloped Signature Transform. (Optional, use null to not set).
        sign - if message should contain signature.
        Returns:
        a marshalled an optionally signed message.
        Throws:
        MessageProcessingException - if internal error occurred generating the message.
        MessageContentException - if bad message format was detected.

      • genVerifyResponse

        public javax.xml.bind.JAXBElement<ResponseBaseType> genVerifyResponse​(java.lang.String requestID,
                                                                      java.lang.String profile,
                                                                      Result result,
                                                                      java.util.List<java.lang.Object> optionalOutputs)
        Method to generate a VerifyResponse.
        Parameters:
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        result - A code representing the status of the request. (Required).
        optionalOutputs - Any additional outputs returned by the server. (Optional, use null to not set).
        Returns:
        a newly created VerifyResponse.

      • genVerifyResponse

        public byte[] genVerifyResponse​(ContextMessageSecurityProvider.Context context,
                                java.lang.String requestID,
                                java.lang.String profile,
                                Result result,
                                java.util.List<java.lang.Object> optionalOutputs,
                                boolean sign)
                         throws MessageProcessingException,
                                MessageContentException
        Method to generate a marshalled VerifyResponse that is optionally signed.
        Parameters:
        context - message security related context. Use null if no signature should be used.
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        result - A code representing the status of the request. (Required).
        optionalOutputs - Any additional outputs returned by the server. (Optional, use null to not set).
        sign - if message should contain signature.
        Returns:
        a marshalled an optionally signed message.
        Throws:
        MessageProcessingException - if internal error occurred generating the message.
        MessageContentException - if bad message format was detected.

      • populateRequestBase

        public void populateRequestBase​(RequestBaseType requestBase,
                                java.lang.String requestID,
                                java.lang.String profile,
                                java.util.List<java.lang.Object> optionalInputs,
                                InputDocuments inputDocuments)
        Method to populate all fields in a base request object
        Parameters:
        requestBase - the object to populate.
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        optionalInputs - Any additional inputs to the request. (Optional, use null to not set).
        inputDocuments - The input documents which the processing will be applied to. (Optional, use null to not set).

      • genResult

        public Result genResult​(java.lang.String resultMajor,
                        java.lang.String resultMinor,
                        java.lang.String resultMessage,
                        java.lang.String resultMessageLang)
        Help method to generate a Result structure.
        Parameters:
        resultMajor - The most significant component of the result code. (Required)
        resultMinor - The least significant component of the result code. (Optional, use null to not set.)
        resultMessage - message which MAY be returned to an operator, logged, used for debugging, etc. (Optional, use null to not set.)
        resultMessageLang - a xml:lang attribute to a human-readable string to specify the string's language. (Required if resultMessage is set, otherwise null.
        Returns:
        a populated result structure.
        See Also:
        for applicable values for both resultMajor and resultMinor.

      • populateResponseBase

        protected void populateResponseBase​(ResponseBaseType responseBase,
                                    java.lang.String requestID,
                                    java.lang.String profile,
                                    Result result,
                                    java.util.List<java.lang.Object> optionalOutputs)
        Method to populate all fields in a base resposnse object
        Parameters:
        responseBase - the object to populate.
        requestID - This attribute is used to correlate requests with responses. When present in a request, the server MUST return it in the response. (Optional, use null to not set).
        profile - This attribute indicates a particular DSS profile. It may be used to select a profile if a server supports multiple profiles, or as a sanity-check to make sure the server implements the profile the client expects. (Optional, use null to not set).
        result - A code representing the status of the request. (Required).
        optionalOutputs - Any additional outputs returned by the server. (Optional, use null to not set).