@Override
public boolean equals(Object object) {
if (object == null || !(object instanceof Signature)) return false;
if (object == this) return true;
Signature other = (Signature) object;
return this.getContextNode().equals(other.getContextNode());
}
@Override
public int compareTo(Signature other) {
if (other == this || other == null) return 0;
return this.getContextNode().compareTo(other.getContextNode());
}
@Override
public InterceptorResult before(
Message message, ExecutionContext executionContext, ExecutionResult executionResult)
throws Xdi2MessagingException {
// look for signature on the message
ReadOnlyIterator<Signature> signatures = message.getSignatures();
if (!signatures.hasNext()) return InterceptorResult.DEFAULT;
// validate signatures
XDIAddress senderXDIAddress = message.getSenderXDIAddress();
boolean validated = false;
for (Signature signature : signatures) {
boolean validatedSignature = false;
for (SignatureValidator<Signature> signatureValidator : this.getSignatureValidators()) {
if (log.isDebugEnabled())
log.debug(
"Validating "
+ signature.getClass().getSimpleName()
+ " for "
+ senderXDIAddress
+ " via "
+ signatureValidator.getClass().getSimpleName());
try {
boolean canValidate = signatureValidator.canValidate(signature.getClass());
if (log.isDebugEnabled())
log.debug(
"Signature validator "
+ signatureValidator.getClass().getSimpleName()
+ " can validate signature "
+ signature.getClass().getSimpleName()
+ "? "
+ canValidate);
if (!canValidate) continue;
validatedSignature |= signatureValidator.validateSignature(signature, senderXDIAddress);
if (log.isDebugEnabled())
log.debug(
"Validated "
+ signature.getClass().getSimpleName()
+ " for "
+ senderXDIAddress
+ " via "
+ signatureValidator.getClass().getSimpleName()
+ ": "
+ validatedSignature);
if (validatedSignature) break;
} catch (GeneralSecurityException ex) {
throw new Xdi2MessagingException(
"Unable to validate signature for "
+ senderXDIAddress
+ " via "
+ signatureValidator.getClass().getSimpleName()
+ ": "
+ ex.getMessage(),
ex,
executionContext);
}
}
validated = validatedSignature;
if (!validated) break;
}
// signature is valid?
XdiAttribute signatureValidXdiAttribute =
XdiAttributeSingleton.fromContextNode(
message
.getContextNode()
.setDeepContextNode(XDISecurityConstants.XDI_ADD_SIGNATURE_VALID));
LiteralNode signatureValidLiteral =
signatureValidXdiAttribute.setLiteralBoolean(Boolean.valueOf(validated));
if (log.isDebugEnabled())
log.debug("Valid for " + senderXDIAddress + ": " + signatureValidLiteral.getStatement());
if (!validated) throw new Xdi2SecurityException("Invalid signature.", null, executionContext);
// done
return InterceptorResult.DEFAULT;
}
