List signedReferences = signedInfo.getReferences();
Iterator sr = signedReferences.listIterator();
ArrayList signedDataList = new ArrayList();
ArrayList signedReferenceList = new ArrayList();
while(sr.hasNext()){
Reference reference = (Reference)sr.next();
Data tmpObj = getData(reference,validationContext);
signedDataList.add(new DataWrapper(tmpObj));
//TODO:Should use cached data from References of already validated
//messages when sean provides on . For now get the Data again.
signedReferenceList.add(reference);
}
ArrayList optionalReqList = new ArrayList();
ArrayList requiredDataList = new ArrayList();
ArrayList requiredReferenceList = new ArrayList();
ArrayList optionalDataList = new ArrayList();
ArrayList optionalReferenceList = new ArrayList();
//It would have been better If I had optional list
//seperated
Iterator targetItr = targets.iterator();
SecurableSoapMessage secureMessage = context.getSecurableSoapMessage();
while(targetItr.hasNext()){
SignatureTarget signatureTarget = (SignatureTarget) targetItr.next();
boolean requiredTarget = signatureTarget.getEnforce();
List referenceList = null;
try{
if(requiredTarget){
referenceList = dsigUtil.generateReferenceList(Collections.singletonList(signatureTarget),secureMessage,context,true, featureBinding.isEndorsingSignature());
}else{
//dont resolve it now.
optionalReqList.add(signatureTarget);
}
}catch(Exception ex){
logger.log(Level.SEVERE,LogStringsMessages.WSS_1302_REFLIST_ERROR(),ex);
if(requiredTarget){
logger.log(Level.SEVERE, LogStringsMessages.WSS_1339_INVALID_RECEIVER_REQUIREMENTS());
throw new XWSSecurityException("Receiver requirement for SignatureTarget "+
signatureTarget.getValue()+" is not met");
}
//log
}
if(!requiredTarget){
continue;
}
if( referenceList.size() <= 0){
logger.log(Level.SEVERE, LogStringsMessages.WSS_1339_INVALID_RECEIVER_REQUIREMENTS());
throw new XWSSecurityException("Receiver requirement for SignatureTarget "+
signatureTarget.getValue()+" is not met");
}
boolean allRef = false;
//Verify all attachments are signed. || all header elements are signed
/* if(signatureTarget.getValue().startsWith("cid:*") || signatureTarget.getValue().equals(SignatureTarget.ALL_MESSAGE_HEADERS)){
allRef = true;
}*/
for(int i =0; i<referenceList.size(); i++){
Reference reference = (Reference)referenceList.get(i);
Data data = null;
try{
data = getData(reference,validationContext);
if(requiredTarget && data != null){
DataWrapper tmpObj = new DataWrapper(data);
tmpObj.setTarget(signatureTarget);
//It would still have cid:*
requiredDataList.add(tmpObj);
requiredReferenceList.add(reference);
}
}catch(Exception ex){
if(requiredTarget){
logger.log(Level.SEVERE, LogStringsMessages.WSS_1339_INVALID_RECEIVER_REQUIREMENTS());
throw new XWSSecurityException("Receiver requirement for SignatureTarget "+
signatureTarget.getValue()+" is not met");
}
}
/*if(!allRef){
break;
}*/
}
}
if(optionalReqList.size() ==0 && requiredReferenceList.size() != signedReferenceList.size()){
logger.log(Level.SEVERE, LogStringsMessages.WSS_1340_ILLEGAL_UNMATCHED_NOOF_TARGETS());
throw new XWSSecurityException("Number of Targets in the message"+
" dont match number of Targets in receiver requirements");
}
if(requiredDataList.size() == 0){
if(logger.isLoggable(Level.FINER)){
logger.log(Level.FINER,"No mandatory receiver requirements were provided");
}
return;
}
for(int i=0;i<requiredDataList.size();i++){
DataWrapper rData = (DataWrapper)requiredDataList.get(i);
boolean found = false;
for(int j=0;j< signedDataList.size();j++){
DataWrapper sData = null;
sData = (DataWrapper)signedDataList.get(j);
if(isEqual(rData,sData,(Reference)requiredReferenceList.get(i),(Reference)signedReferenceList.get(j))){
signedDataList.remove(j);
signedReferenceList.remove(j);
found = true;
break;
}
}
if(!found){
//Reference st = (Reference)requiredReferenceList.get(i);
String uri = rData.getTarget().getValue();
String type = rData.getTarget().getType();
logger.log(Level.SEVERE, LogStringsMessages.WSS_1341_ILLEGAL_UNMATCHED_TYPE_URI());
throw new XWSSecurityException("Receiver requirement for SignatureTarget "+
"having " + type+" type and value " +uri+" is not met");
}
}
if(signedDataList.size() == 0){
if(logger.isLoggable(Level.FINEST)){
logger.log(Level.FINEST,"All receiver requirements are met");
}
return;
}else{
List referenceList = null;
//Resolve All optional references if any
for(int i=0;i<optionalReqList.size();i++){
SignatureTarget signatureTarget = (SignatureTarget)optionalReqList.get(i);
try{
referenceList = null;
referenceList = dsigUtil.generateReferenceList(Collections.singletonList(signatureTarget),secureMessage,context,true, featureBinding.isEndorsingSignature());
}catch(Exception ex){
if(logger.isLoggable(Level.FINE)){
logger.log(Level.FINE,"Optional Target not found in the message ",ex);
}
}
if(referenceList == null || referenceList.size() <= 0){
continue;
}
Reference reference = (Reference)referenceList.get(0);
Data data = null;
try{
data = getData(reference,validationContext);
}catch(Exception ex){
//log
}
if(data != null){
DataWrapper tmpObj = new DataWrapper(data);
tmpObj.setTarget(signatureTarget);
optionalDataList.add(tmpObj);
optionalReferenceList.add(reference);
}
}
for(int i=0;i<signedDataList.size();i++){
DataWrapper sData = (DataWrapper)signedDataList.get(i);
DataWrapper oData = null;
boolean found = false;
for(int j=0;j< optionalDataList.size();j++){
oData = (DataWrapper)optionalDataList.get(j);
if(isEqual(oData,sData,(Reference)optionalReferenceList.get(j),(Reference)signedReferenceList.get(i))){
optionalDataList.remove(j);
optionalReferenceList.remove(j);
found = true;
break;
}
}
if(!found){
Reference st = (Reference)signedReferenceList.get(i);
logger.log(Level.SEVERE,LogStringsMessages.WSS_1341_ILLEGAL_UNMATCHED_TYPE_URI());
throw new XWSSecurityException("SignatureTarget in the message "+
"with URI " +st.getURI()+ " has not met receiver requirements");
}
}
if(logger.isLoggable(Level.FINEST)){
logger.log(Level.FINEST,"All receiver requirements are met");