summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2019-05-17 12:36:23 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2019-05-17 12:36:23 +0200
commit7070adf32df6534edfaf4e4217eb426158eb561d (patch)
tree7174116a6b6a1eb6e039d41b581ba04debd26760
parent99c8b69b8f5ad797b92b2a6be8f1b913ed975b71 (diff)
downloadEAAF-Components-7070adf32df6534edfaf4e4217eb426158eb561d.tar.gz
EAAF-Components-7070adf32df6534edfaf4e4217eb426158eb561d.tar.bz2
EAAF-Components-7070adf32df6534edfaf4e4217eb426158eb561d.zip
add EAAF module for MOA-Sig integration
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/pom.xml230
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jarbin0 -> 210098 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jarbin0 -> 364020 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jarbin0 -> 802825 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom9
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom9
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom9
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jarbin0 -> 459859 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jarbin0 -> 129818 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jarbin0 -> 135880 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jarbin0 -> 596757 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jarbin0 -> 90630 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jarbin0 -> 4769 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jarbin0 -> 201276 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jarbin0 -> 1301058 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jarbin0 -> 34853 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jarbin0 -> 523822 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jarbin0 -> 627259 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jarbin0 -> 128987 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jarbin0 -> 40481 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jarbin0 -> 39377 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jarbin0 -> 325736 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jarbin0 -> 440160 bytes
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java53
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java5
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java69
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java37
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java11
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java26
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java14
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java27
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java348
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java130
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java9
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java93
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java180
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider1
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml17
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties4
-rw-r--r--eaaf_modules/pom.xml7
-rw-r--r--pom.xml132
42 files changed, 1430 insertions, 4 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/pom.xml b/eaaf_modules/eaaf_module_moa-sig/pom.xml
new file mode 100644
index 00000000..98a7ddaf
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/pom.xml
@@ -0,0 +1,230 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_modules</artifactId>
+ <version>1.x</version>
+ </parent>
+ <artifactId>eaaf_module_moa-sig</artifactId>
+ <version>${egiz.eaaf.version}</version>
+
+ <name>MOA-Sig signature verification module</name>
+
+ <licenses>
+ <license>
+ <name>European Union Public License, version 1.2 (EUPL-1.2)</name>
+ <url>https://opensource.org/licenses/EUPL-1.2</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
+
+ <developers>
+ <developer>
+ <name>Thomas Lenz</name>
+ <email>thomas.lenz@egiz.gv.at</email>
+ <organization>eGovernment Innovation Center (EGIZ)</organization>
+ <organizationUrl>https://www.egiz.gv.at</organizationUrl>
+ </developer>
+ </developers>
+
+ <repositories>
+ <repository>
+ <id>MOA</id>
+ <name>MOA Dependencies</name>
+ <releases>
+ <enabled>true</enabled>
+ <checksumPolicy>ignore</checksumPolicy>
+ </releases>
+ <layout>default</layout>
+ <url>file://${basedir}/repository</url>
+ </repository>
+ </repositories>
+
+ <dependencies>
+ <dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>egiz-spring-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_api</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.spss.server</groupId>
+ <artifactId>moa-sig-lib</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>*</artifactId>
+ <groupId>axis</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>MOA.spss</groupId>
+ <artifactId>common</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>MOA.spss</groupId>
+ <artifactId>tsl_lib</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_cms</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_cpades</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_cpxlevel</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_eccelerate</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_eccelerate_addon</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_eccelerate_cms</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_jce_full</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_jsse</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_moa</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_pki_module</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_sva</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_tsp</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_util</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_xades</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_xsect</artifactId>
+ </dependency>
+
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ <scope>test</scope>
+ </dependency>
+
+
+ </dependencies>
+
+ <build>
+ <resources>
+ <resource>
+ <directory>src/main/resources</directory>
+ </resource>
+ </resources>
+
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>3.8.0</version>
+ <configuration>
+ <source>${java.version}</source>
+ <target>${java.version}</target>
+ </configuration>
+ </plugin>
+
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <version>3.1.1</version>
+ <configuration>
+ <archive>
+ <manifest>
+ <addClasspath>true</addClasspath>
+ <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+ <addDefaultSpecificationEntries>true</addDefaultSpecificationEntries>
+ </manifest>
+ </archive>
+ </configuration>
+ </plugin>
+
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-clean-plugin</artifactId>
+ <version>3.1.0</version>
+ <configuration>
+ <filesets>
+ <fileset>
+ <directory>test-output</directory>
+ </fileset>
+ </filesets>
+ </configuration>
+ </plugin>
+
+ <!-- enable co-existence of testng and junit -->
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>${surefire.version}</version>
+ <configuration>
+ <threadCount>1</threadCount>
+ </configuration>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.surefire</groupId>
+ <artifactId>surefire-junit47</artifactId>
+ <version>${surefire.version}</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+ </plugins>
+ </build>
+</project>
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar
new file mode 100644
index 00000000..243273f4
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar
new file mode 100644
index 00000000..06be8763
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar
new file mode 100644
index 00000000..22f1f7d6
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom
new file mode 100644
index 00000000..af6c7876
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_ixsil</artifactId>
+ <version>1.2.2.5</version>
+ <description>POM was created from install:install-file</description>
+</project>
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom
new file mode 100644
index 00000000..f61afb3c
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_jsse</artifactId>
+ <version>4.4</version>
+ <description>POM was created from install:install-file</description>
+</project>
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom
new file mode 100644
index 00000000..9611eb92
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_util</artifactId>
+ <version>0.23</version>
+ <description>POM was created from install:install-file</description>
+</project>
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar
new file mode 100644
index 00000000..6aff9745
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar
new file mode 100644
index 00000000..f225f27a
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar
new file mode 100644
index 00000000..3caa1610
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar
new file mode 100644
index 00000000..0d83fc5b
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar
new file mode 100644
index 00000000..957fa5a8
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar
new file mode 100644
index 00000000..ed4e816e
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar
new file mode 100644
index 00000000..9ac61d5c
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar
new file mode 100644
index 00000000..4ce6c247
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar
new file mode 100644
index 00000000..15b32042
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar
new file mode 100644
index 00000000..edc2d0f9
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar
new file mode 100644
index 00000000..9d59aef2
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar
new file mode 100644
index 00000000..9a551784
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar
new file mode 100644
index 00000000..fbd9abd2
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar
new file mode 100644
index 00000000..1bc0cde7
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar
new file mode 100644
index 00000000..0f111e24
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar
new file mode 100644
index 00000000..95f18efc
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar
Binary files differ
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
new file mode 100644
index 00000000..420fe5dc
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
@@ -0,0 +1,53 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api;
+
+import java.util.List;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+
+public interface ISignatureVerificationService {
+
+ /**
+ * Verify a CAdES or CMS signature
+ * <br><br>
+ * <i>This method only validates the first CMS or CAdES signature of more than one signature exists</i>
+ *
+ * @param signature Enveloped CMS or CAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @return @link {@link ICMSSignatureVerificationResponse}, or null if no signature was found
+ * @throws MOASigServiceException on signatue-verification error
+ */
+ ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID)
+ throws MOASigServiceException;
+
+
+
+ /**
+ * Verify a XML or XAdES signature
+ * <br><br>
+ * <i>This method only validates the first XML or XAdES signature of more than one signature exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MOASigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID)
+ throws MOASigServiceException;
+
+ /**
+ * Verify a XML or XAdES signature
+ * <br><br>
+ * <i>This method only validates the first XML or XAdES signature of more than one signature exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used for signature-verification
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MOASigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
+ List<String> verifyTransformsInfoProfileID) throws MOASigServiceException;
+
+} \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java
new file mode 100644
index 00000000..57426751
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java
@@ -0,0 +1,5 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data;
+
+public interface ICMSSignatureVerificationResponse extends IGenericSignatureVerificationResponse {
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java
new file mode 100644
index 00000000..00d98c86
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java
@@ -0,0 +1,69 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data;
+
+import iaik.x509.X509Certificate;
+import java.util.Date;
+
+import org.springframework.lang.Nullable;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+
+
+public interface IGenericSignatureVerificationResponse {
+
+ /**
+ * Returns the signing time
+ *
+ * @return Signing time, or null if signature contains no time information
+ */
+ @Nullable
+ Date getSigningDateTime();
+
+ /**
+ * Returns the signatureCheckCode.
+ * @return int
+ */
+ int getSignatureCheckCode();
+
+ /**
+ * Returns the certificateCheckCode.
+ * @return int
+ */
+ int getCertificateCheckCode();
+
+ /**
+ * Returns the qualifiedCertificate.
+ * @return boolean
+ */
+ boolean isQualifiedCertificate();
+
+ /**
+ * Returns the X509 certificate.
+ * @return X509Certificate, or null if no certificate information exists
+ * @throws MOASigServiceException if X509 certificate can not be deserialized
+ */
+ @Nullable
+ X509Certificate getX509Certificate() throws MOASigServiceException;
+
+
+ /**
+ * Returns the X509 certificate in serialized form
+ *
+ * @return Serialized X509 certificate, or null if no certificate information exists
+ */
+ @Nullable
+ byte[] getX509CertificateEncoded();
+
+ /**
+ * Returns the publicAuthority.
+ * @return boolean
+ */
+ boolean isPublicAuthority();
+
+ /**
+ * Returns the publicAuthorityCode.
+ * @return String OID, or null if no OID exists
+ */
+ @Nullable
+ String getPublicAuthorityCode();
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java
new file mode 100644
index 00000000..3e86fb63
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java
@@ -0,0 +1,37 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data;
+
+/**
+ * @author tlenz
+ *
+ */
+public interface IXMLSignatureVerificationResponse extends IGenericSignatureVerificationResponse {
+
+
+ /**
+ * Returns the xmlDSIGManifestCheckCode.
+ * @return int
+ */
+ int getXmlDSIGManifestCheckCode();
+
+ /**
+ * Returns the xmlDsigSubjectName.
+ * @return String
+ */
+ String getXmlDsigSubjectName();
+
+
+ /**
+ * Returns the xmlDSIGManigest.
+ * @return boolean
+ */
+ boolean isXmlDSIGManigest();
+
+
+ /**
+ * Returns the the resulting code of the signature manifest check.
+ *
+ * @return The code of the sigature manifest check.
+ */
+ int getSignatureManifestCheckCode();
+
+} \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java
new file mode 100644
index 00000000..ded3f900
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java
@@ -0,0 +1,14 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+public class MOASigServiceBuilderException extends MOASigServiceException {
+
+ private static final long serialVersionUID = 5178393157255309476L;
+
+ public MOASigServiceBuilderException(String errorId, Object[] params) {
+ super(errorId, params);
+ }
+
+ public MOASigServiceBuilderException(String errorId, Object[] params, Throwable e) {
+ super(errorId, params, e);
+ }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java
new file mode 100644
index 00000000..f3c02fe1
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java
@@ -0,0 +1,11 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+public class MOASigServiceConfigurationException extends MOASigServiceException {
+
+ private static final long serialVersionUID = -4710795384615456488L;
+
+ public MOASigServiceConfigurationException(String errorId, Object[] params, Throwable e) {
+ super(errorId, params, e);
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java
new file mode 100644
index 00000000..243b4b1d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java
@@ -0,0 +1,26 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+import at.gv.egiz.eaaf.core.exceptions.EAAFServiceException;
+
+public class MOASigServiceException extends EAAFServiceException {
+
+ private static final long serialVersionUID = -6088238428550563658L;
+ private static final String MOA_SIG_SERVICE_ID = "MOA-SIG-VERIFY";
+
+ public MOASigServiceException(String errorId, Object[] params) {
+ super(errorId, params);
+
+ }
+
+ public MOASigServiceException(String errorId, Object[] params, Throwable e) {
+ super(errorId, params, e);
+
+ }
+
+ @Override
+ protected String getServiceIdentifier() {
+ return MOA_SIG_SERVICE_ID;
+
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java
new file mode 100644
index 00000000..63a51001
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java
@@ -0,0 +1,14 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions;
+
+public class MOASigServiceParserException extends MOASigServiceException {
+
+ private static final long serialVersionUID = 5178393157255309476L;
+
+ public MOASigServiceParserException(String errorId, Object[] params) {
+ super(errorId, params);
+ }
+
+ public MOASigServiceParserException(String errorId, Object[] params, Throwable e) {
+ super(errorId, params, e);
+ }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java
new file mode 100644
index 00000000..ecda7eb1
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java
@@ -0,0 +1,27 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+public class MOASigSpringResourceProvider implements SpringResourceProvider {
+
+ @Override
+ public Resource[] getResourcesToLoad() {
+ ClassPathResource moaSigConfig = new ClassPathResource("/moa-sig-service.beans.xml", MOASigSpringResourceProvider.class);
+ return new Resource[] {moaSigConfig};
+ }
+
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ return "Signature-verification service based on MOA-Sig (MOA-SPSS)";
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
new file mode 100644
index 00000000..b2ea5cb7
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -0,0 +1,348 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+
+import java.io.ByteArrayInputStream;
+import java.security.Provider;
+import java.security.Security;
+import java.security.cert.CertificateEncodingException;
+import java.util.List;
+
+import javax.annotation.PostConstruct;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.lang.Nullable;
+import org.springframework.stereotype.Service;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceBuilderException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXMLSignatureResponseParser;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl;
+import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
+import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.Constants;
+import iaik.asn1.structures.AlgorithmID;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
+
+
+/**
+ * @author tlenz
+ *
+ */
+@Service
+public class SignatureVerificationService implements ISignatureVerificationService {
+ private static final Logger log = LoggerFactory.getLogger(SignatureVerificationService.class);
+
+ private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+
+ private at.gv.egovernment.moa.spss.api.SignatureVerificationService svs;
+
+ @PostConstruct
+ private void initialize() throws MOASigServiceConfigurationException {
+ log.info("Initializing MOA-Sig signature-verification service ... ");
+
+ log.info("Loading Java security providers.");
+ IAIK.addAsProvider();
+ ECCelerate.addAsProvider();
+
+ try {
+ LoggingContextManager.getInstance().setLoggingContext(
+ new LoggingContext("startup"));
+ log.debug("MOA-Sig library initialization process ... ");
+ Configurator.getInstance().init();
+ log.info("MOA-Sig library initialization complete ");
+
+ } catch (final MOAException e) {
+ log.error("MOA-SP initialization FAILED!", e.getWrapped());
+ throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
+ .toString() }, e);
+ }
+
+ Security.insertProviderAt(IAIK.getInstance(), 0);
+
+ final ECCelerate eccProvider = ECCelerate.getInstance();
+ if (Security.getProvider(eccProvider.getName()) != null)
+ Security.removeProvider(eccProvider.getName());
+ Security.addProvider(new ECCelerate());
+
+ fixJava8_141ProblemWithSSLAlgorithms();
+
+ if (log.isDebugEnabled()) {
+ log.debug("Loaded Security Provider:");
+ final Provider[] providerList = Security.getProviders();
+ for (int i=0; i<providerList.length; i++)
+ log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
+
+ }
+
+ log.debug("Instanzing SignatureVerificationService implementation ... ");
+ svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();
+
+ log.info("MOA-Sig signature-verification service initialized");
+ }
+
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyCMSSignature(byte[], java.lang.String)
+ */
+ @Override
+ @Nullable
+ public ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {
+ try {
+ final VerifyCMSSignatureRequest cmsSigVerifyReq = buildVerfifyCMSRequest(signature, trustProfileID, false, false);
+ final VerifyCMSSignatureResponse cmsSigVerifyResp = svs.verifyCMSSignature(cmsSigVerifyReq );
+ return parseCMSVerificationResult(cmsSigVerifyResp);
+
+ } catch (final MOAException e) {
+ log.warn("CMS signature verification has an error.", e);
+ throw new MOASigServiceException("service.03", new Object[] { e.toString()}, e);
+
+ } catch (final CertificateEncodingException e) {
+ log.warn("Can NOT serialize X509 certificate from CMS/CAdES signature-verification response", e);
+ throw new MOASigServiceException("service.03", new Object[] { e.toString()}, e);
+
+ }
+
+ }
+
+ private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
+
+ if (cmsSigVerifyResp.getResponseElements() == null ||
+ cmsSigVerifyResp.getResponseElements().isEmpty()) {
+ log.info("No CMS signature FOUND. ");
+ return null;
+
+ }
+
+ if (cmsSigVerifyResp.getResponseElements().size() > 1)
+ log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
+
+ final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
+
+ final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result =
+ new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
+
+ //parse results into response container
+ result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
+ result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
+
+ if (firstSig.getSignerInfo() != null) {
+ result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
+ result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
+ result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
+
+ result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
+ result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
+
+ } else
+ log.info("CMS or CAdES verification result contains no SignerInfo");
+
+ return result;
+ }
+
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {
+ return verifyXMLSignature(signature, trustProfileID, null);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.util.List)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MOASigServiceException {
+ try {
+ //build signature-verification request
+ final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID);
+
+ //send signature-verification to MOA-Sig
+ final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest);
+ final VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
+ final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
+
+ // parses the <IXMLSignatureVerificationResponse>
+ final IXMLSignatureVerificationResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(result.getDocumentElement()).parseData();
+
+ return verifyXMLSignatureResponse;
+
+ } catch (final MOASigServiceException e) {
+ throw e;
+
+ } catch (final MOAException e) {
+ log.warn("MOA-Sig signature-verification has an internal error."
+ + " MsgCode: " + e.getMessageId()
+ + " Msg: " + e.getMessage(),
+ e);
+ throw new MOASigServiceException("service.moasig.03", new Object[]{e.getMessage()}, e);
+
+ }
+ }
+
+ /**
+ * Build a VerifyCMS-Siganture request for MOA-Sig.
+ * <br><br>
+ * This builder only generates verification-request for enveloped CMS or CAdES signatures
+ * <br>
+ * This
+ *
+ * @param signature CMS or CAdES signature
+ * @param trustProfileID trustProfileID MOA-Sig Trust-Profile
+ * @param isPdfSignature Make CAdES signature as part of an PAdES document
+ * @param performExtendedValidation To extended validation. See MOA-Sig documentation for detailed information
+ * @return
+ */
+ private VerifyCMSSignatureRequest buildVerfifyCMSRequest(byte[] signature, String trustProfileID,
+ boolean isPdfSignature, boolean performExtendedValidation) {
+ final VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest = new VerifyCMSSignatureRequestImpl();
+ verifyCMSSignatureRequest.setDateTime(null);
+ verifyCMSSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature));
+ verifyCMSSignatureRequest.setDataObject(null);
+ verifyCMSSignatureRequest.setTrustProfileId(trustProfileID);
+ verifyCMSSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES);
+ verifyCMSSignatureRequest.setPDF(isPdfSignature);
+ verifyCMSSignatureRequest.setExtended(performExtendedValidation);
+ return verifyCMSSignatureRequest;
+
+ }
+
+ /**
+ * Build a VerifyXML-Signature request for MOA-Sig
+ *
+ * @param signature Serialized XML signature
+ * @param trustProfileID MOA-Sig Trust-Profile
+ * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles used for validation
+ * @return
+ * @throws MOASigServiceBuilderException
+ */
+ private Element buildVerifyXMLRequest(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MOASigServiceBuilderException {
+ try {
+ //build empty document
+ final Document requestDoc_ = getNewDocumentBuilder();
+ final Element requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest");
+ requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI);
+ requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
+ requestDoc_.appendChild(requestElem_);
+
+
+ // build the request
+ final Element verifiySignatureInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
+ requestElem_.appendChild(verifiySignatureInfoElem);
+ final Element verifySignatureEnvironmentElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
+ verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
+ final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
+ verifySignatureEnvironmentElem.appendChild(base64ContentElem);
+
+ // insert the base64 encoded signature
+ String base64EncodedAssertion = Base64Utils.encodeToString(signature);
+ //replace all '\r' characters by no char.
+ final StringBuffer replaced = new StringBuffer();
+ for (int i = 0; i < base64EncodedAssertion.length(); i ++) {
+ final char c = base64EncodedAssertion.charAt(i);
+ if (c != '\r') {
+ replaced.append(c);
+ }
+ }
+ base64EncodedAssertion = replaced.toString();
+ final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion);
+ base64ContentElem.appendChild(base64Content);
+
+ // specify the signature location
+ final Element verifySignatureLocationElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
+ verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
+ final Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature");
+ verifySignatureLocationElem.appendChild(signatureLocation);
+
+ // signature manifest params
+ final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
+ requestElem_.appendChild(signatureManifestCheckParamsElem);
+ signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
+
+ //verify transformations
+ if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) {
+ final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
+ signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
+ for (final String element : verifyTransformsInfoProfileID) {
+ final Element verifyTransformsInfoProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID");
+ referenceInfoElem.appendChild(verifyTransformsInfoProfileIDElem);
+ verifyTransformsInfoProfileIDElem.appendChild(requestDoc_.createTextNode(element));
+
+ }
+ }
+
+ //hashinput data
+ final Element returnHashInputDataElem = requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
+ requestElem_.appendChild(returnHashInputDataElem);
+
+ //add trustProfileID
+ final Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
+ trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID));
+ requestElem_.appendChild(trustProfileIDElem);
+
+ return requestElem_;
+
+ } catch (final Throwable t) {
+ log.warn("Can NOT build VerifyXML-Signature request for MOA-Sig", t);
+ throw new MOASigServiceBuilderException("service.moasig.03", new Object[] { t.getMessage() }, t);
+
+ }
+
+ }
+
+ /**
+ * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because
+ * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe.
+ *
+ * @return {@link Document}
+ * @throws ParserConfigurationException
+ */
+ private synchronized Document getNewDocumentBuilder() throws ParserConfigurationException {
+ final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ return docBuilder.newDocument();
+
+ }
+
+ private static void fixJava8_141ProblemWithSSLAlgorithms() {
+ log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+ //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
+ new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
+ new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
+ new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
+ new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
+ new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+
+ log.info("Change AlgorithmIDs finished");
+ }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java
new file mode 100644
index 00000000..f3c724d8
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java
@@ -0,0 +1,130 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data;
+
+import java.io.Serializable;
+import java.security.cert.CertificateException;
+import iaik.x509.X509Certificate;
+import java.util.Date;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceParserException;
+
+public class GenericSignatureVerificationResponse implements IGenericSignatureVerificationResponse, Serializable {
+
+ private static final long serialVersionUID = -7751001050689401118L;
+ private static final Logger log = LoggerFactory.getLogger(GenericSignatureVerificationResponse.class);
+
+
+ /** The signing time */
+ private Date signingDateTime;
+
+ /** The signatureCheckCode to be stored */
+ private int signatureCheckCode;
+
+ /** The certificateCheckCode to be stored */
+ private int certificateCheckCode;
+
+ /** The publicAuthority to be stored */
+ private boolean publicAuthority;
+
+ /** The publicAuthorityCode to be stored */
+ private String publicAuthorityCode;
+
+ /** The qualifiedCertificate to be stored */
+ private boolean qualifiedCertificate;
+
+ private byte[] x509CertificateEncoded;
+
+ @Override
+ public Date getSigningDateTime() {
+ return this.signingDateTime;
+
+ }
+
+ @Override
+ public int getSignatureCheckCode() {
+ return this.signatureCheckCode;
+
+ }
+
+ @Override
+ public int getCertificateCheckCode() {
+ return this.certificateCheckCode;
+
+ }
+
+ @Override
+ public boolean isQualifiedCertificate() {
+ return this.qualifiedCertificate;
+
+ }
+
+ @Override
+ public X509Certificate getX509Certificate() throws MOASigServiceException {
+ if (x509CertificateEncoded != null) {
+ try {
+ return new X509Certificate(x509CertificateEncoded);
+
+ } catch (CertificateException e) {
+ log.error("Can NOT parse X509 certifcate in " + GenericSignatureVerificationResponse.class.getName(), e);
+ throw new MOASigServiceParserException("service.moasig.01", null, e);
+ }
+
+ }
+
+ return null;
+
+ }
+
+ @Override
+ public byte[] getX509CertificateEncoded() {
+ return this.getX509CertificateEncoded();
+
+ }
+
+ @Override
+ public boolean isPublicAuthority() {
+ return this.publicAuthority;
+
+ }
+
+ @Override
+ public String getPublicAuthorityCode() {
+ return this.publicAuthorityCode;
+
+ }
+
+ public void setSigningDateTime(Date signingDateTime) {
+ this.signingDateTime = signingDateTime;
+ }
+
+ public void setSignatureCheckCode(int signatureCheckCode) {
+ this.signatureCheckCode = signatureCheckCode;
+ }
+
+ public void setCertificateCheckCode(int certificateCheckCode) {
+ this.certificateCheckCode = certificateCheckCode;
+ }
+
+ public void setPublicAuthority(boolean publicAuthority) {
+ this.publicAuthority = publicAuthority;
+ }
+
+ public void setPublicAuthorityCode(String publicAuthorityCode) {
+ this.publicAuthorityCode = publicAuthorityCode;
+ }
+
+ public void setQualifiedCertificate(boolean qualifiedCertificate) {
+ this.qualifiedCertificate = qualifiedCertificate;
+ }
+
+ public void setX509CertificateEncoded(byte[] x509CertificateEncoded) {
+ this.x509CertificateEncoded = x509CertificateEncoded;
+ }
+
+
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java
new file mode 100644
index 00000000..2c177c71
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java
@@ -0,0 +1,9 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse;
+
+public class VerifyCMSSignatureResponse extends GenericSignatureVerificationResponse implements ICMSSignatureVerificationResponse{
+
+ private static final long serialVersionUID = 708260904158070696L;
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java
new file mode 100644
index 00000000..0646bda7
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java
@@ -0,0 +1,93 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
+
+/**
+ *
+ *
+ * @author tlenz
+ *
+ */
+
+public class VerifyXMLSignatureResponse extends GenericSignatureVerificationResponse implements IXMLSignatureVerificationResponse {
+
+ private static final long serialVersionUID = 8386070769565711601L;
+
+/** The xmlDsigSubjectName to be stored */
+ private String xmlDsigSubjectName;
+
+ /** The xmlDSIGManifestCheckCode to be stored */
+ private int xmlDSIGManifestCheckCode;
+ /** The xmlDSIGManigest to be stored */
+ private boolean xmlDSIGManigest;
+
+ /**
+ * The result of the signature manifest check. The default value <code>-1</code>
+ * indicates that the signature manifest has not been checked.
+ */
+ private int signatureManifestCheckCode = -1;
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode()
+ */
+ @Override
+public int getXmlDSIGManifestCheckCode() {
+ return xmlDSIGManifestCheckCode;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName()
+ */
+ @Override
+public String getXmlDsigSubjectName() {
+ return xmlDsigSubjectName;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode(int)
+ */
+public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) {
+ this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang.String)
+ */
+public void setXmlDsigSubjectName(String xmlDsigSubjectName) {
+ this.xmlDsigSubjectName = xmlDsigSubjectName;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest()
+ */
+ @Override
+public boolean isXmlDSIGManigest() {
+ return xmlDSIGManigest;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean)
+ */
+public void setXmlDSIGManigest(boolean xmlDSIGManigest) {
+ this.xmlDSIGManigest = xmlDSIGManigest;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode()
+ */
+ @Override
+public int getSignatureManifestCheckCode() {
+ return signatureManifestCheckCode;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode(int)
+ */
+public void setSignatureManifestCheckCode(int signatureManifestCheckCode) {
+ this.signatureManifestCheckCode = signatureManifestCheckCode;
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java
new file mode 100644
index 00000000..e581394b
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java
@@ -0,0 +1,180 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+
+import org.joda.time.DateTime;
+import org.joda.time.format.ISODateTimeFormat;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.lang.NonNull;
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceParserException;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
+import iaik.utils.Base64InputStream;
+import iaik.x509.X509Certificate;
+
+
+public class VerifyXMLSignatureResponseParser {
+ private static final Logger log = LoggerFactory.getLogger(VerifyXMLSignatureResponseParser.class);
+
+ //
+ // XPath namespace prefix shortcuts
+ //
+ /** Xpath prefix for reaching MOA Namespaces */
+ private static final String MOA = Constants.MOA_PREFIX + ":";
+ /** Xpath prefix for reaching DSIG Namespaces */
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ /** Xpath expression to the root element */
+ private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/";
+
+ /** Xpath expression to the X509SubjectName element */
+ private static final String DSIG_SUBJECT_NAME_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
+ DSIG + "X509SubjectName";
+ /** Xpath expression to the X509Certificate element */
+ private static final String DSIG_X509_CERTIFICATE_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
+ DSIG + "X509Certificate";
+ /** Xpath expression to the PublicAuthority element */
+ private static final String PUBLIC_AUTHORITY_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
+ MOA + "PublicAuthority";
+ /** Xpath expression to the PublicAuthorityCode element */
+ private static final String PUBLIC_AUTHORITY_CODE_XPATH =
+ PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code";
+ /** Xpath expression to the QualifiedCertificate element */
+ private static final String QUALIFIED_CERTIFICATE_XPATH =
+ ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
+ MOA + "QualifiedCertificate";
+
+ /** Xpath expression to the SignatureCheckCode element */
+ private static final String SIGNATURE_CHECK_CODE_XPATH =
+ ROOT + MOA + "SignatureCheck/" + MOA + "Code";
+ /** Xpath expression to the XMLDSIGManifestCheckCode element */
+ private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH =
+ ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code";
+ /** Xpath expression to the SignatureManifestCheckCode element */
+ private static final String SIGNATURE_MANIFEST_CHECK_CODE_XPATH =
+ ROOT + MOA + "SignatureManifestCheck/" + MOA + "Code";
+ /** Xpath expression to the CertificateCheckCode element */
+ private static final String CERTIFICATE_CHECK_CODE_XPATH =
+ ROOT + MOA + "CertificateCheck/" + MOA + "Code";
+
+ private static final String SIGNING_TIME_XPATH =
+ ROOT + MOA + "SigningTime";
+
+
+ /** This is the root element of the XML-Document provided by the Security Layer Card*/
+ private Element verifyXMLSignatureResponse;
+
+ /**
+ * Constructor for VerifyXMLSignatureResponseParser.
+ * A DOM-representation of the incoming String will be created
+ * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as String
+ * @throws MOASigServiceParserException on any parsing error
+ */
+ public VerifyXMLSignatureResponseParser(String xmlResponse) throws MOASigServiceParserException {
+ try {
+ final InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
+ verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s);
+
+ } catch (final Throwable t) {
+ log.warn("Can not parse MOA-Sig response." , t);
+ throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t);
+
+ }
+ }
+
+ /**
+ * Constructor for VerifyXMLSignatureResponseParser.
+ * A DOM-representation of the incoming Inputstream will be created
+ * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as InputStream
+ * @throws MOASigServiceParserException on any parsing error
+ */
+ public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws MOASigServiceParserException {
+ try {
+ verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse);
+
+ } catch (final Throwable t) {
+ log.warn("Can not parse MOA-Sig response." , t);
+ throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t);
+
+ }
+ }
+
+ /**
+ * Constructor for VerifyXMLSignatureResponseParser.
+ * The incoming Element will be used for further operations
+ * @param xmlResponse <code>&lt;InfoboxReadResponse&gt;</code> as Element
+ */
+ public VerifyXMLSignatureResponseParser(Element xmlResponse) {
+ verifyXMLSignatureResponse =xmlResponse;
+
+ }
+
+/**
+ * Parse MOA-Sig signatur-verification result into {@link IXMLSignatureVerificationResponse}
+ *
+ * @return {@link IXMLSignatureVerificationResponse}
+ * @throws MOASigServiceException on any parsing error
+ */
+ @NonNull
+ public IXMLSignatureVerificationResponse parseData() throws MOASigServiceException {
+ try {
+ final VerifyXMLSignatureResponse respData = new VerifyXMLSignatureResponse();
+ respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,""));
+ final Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH);
+ respData.setQualifiedCertificate(e!=null);
+
+ final Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue(
+ verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true);
+
+ respData.setX509CertificateEncoded(new X509Certificate(in).getEncoded());
+
+ final Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_XPATH);
+ respData.setPublicAuthority(publicAuthority != null);
+ respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,""));
+ respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue());
+
+ final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null);
+ if (xmlDsigCheckCode!=null) {
+ respData.setXmlDSIGManigest(true);
+ respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue());
+
+ } else {
+ respData.setXmlDSIGManigest(false);
+
+ }
+
+ final String signatureManifestCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_MANIFEST_CHECK_CODE_XPATH,null);
+ if (signatureManifestCheckCode != null) {
+ respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue());
+
+ }
+ respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
+
+ final String signingTimeElement = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNING_TIME_XPATH,"");
+ if (signingTimeElement != null && !signingTimeElement.isEmpty()) {
+ final DateTime datetime = ISODateTimeFormat.dateOptionalTimeParser().parseDateTime(signingTimeElement);
+ respData.setSigningDateTime(datetime.toDate());
+
+ }
+
+ return respData;
+
+ } catch (final Throwable t) {
+ log.warn("Can not parse MOA-Sig response." , t);
+ throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t);
+ }
+
+ }
+
+
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 00000000..ebc25602
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.MOASigSpringResourceProvider \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
new file mode 100644
index 00000000..17907130
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <context:annotation-config />
+
+ <bean id="moaSigService"
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService" />
+
+</beans> \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties
new file mode 100644
index 00000000..8802c35d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties
@@ -0,0 +1,4 @@
+service.moasig.01=Can not deserialize X509 certificate
+service.moasig.02=Can not parse XML signature verification response. Reason: {0}
+service.moasig.03=Signature verification operation has an internal error. Reason: {0}
+service.moasig.04=Configuration of MOA-Sig signature-verification library FAILED! Reason: {0} \ No newline at end of file
diff --git a/eaaf_modules/pom.xml b/eaaf_modules/pom.xml
index 585655b1..6f567ae8 100644
--- a/eaaf_modules/pom.xml
+++ b/eaaf_modules/pom.xml
@@ -1,8 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ --><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>at.gv.egiz</groupId>
@@ -22,6 +20,7 @@
<module>eaaf_module_pvp2_idp</module>
<module>eaaf_module_pvp2_sp</module>
<module>eaaf_module_auth_sl20</module>
- </modules>
+ <module>eaaf_module_moa-sig</module>
+ </modules>
</project> \ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 9243b7d3..e84910c3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -24,6 +24,28 @@
<at.gv.egiz.components.eventlog-api.version>0.4</at.gv.egiz.components.eventlog-api.version>
<at.gv.egiz.components.egiz-spring-api>0.2</at.gv.egiz.components.egiz-spring-api>
+ <MOA.spss.server.moa-sig-lib.version>3.1.2</MOA.spss.server.moa-sig-lib.version>
+ <MOA.spss.tsl_lib.version>2.0.2</MOA.spss.tsl_lib.version>
+
+ <!-- IAIK libs -->
+ <iaik.prod.iaik_cms.version>5.1</iaik.prod.iaik_cms.version>
+ <iaik.prod.iaik_cpades.version>2.5.1_moa</iaik.prod.iaik_cpades.version>
+ <iaik.prod.iaik_cpxlevel.version>0.9_moa</iaik.prod.iaik_cpxlevel.version>
+ <iaik.prod.iaik_eccelerate.version>5.01</iaik.prod.iaik_eccelerate.version>
+ <iaik.prod.iaik_eccelerate_addon.version>5.01</iaik.prod.iaik_eccelerate_addon.version>
+ <iaik.prod.iaik_eccelerate_cms.version>5.01</iaik.prod.iaik_eccelerate_cms.version>
+ <iaik.prod.iaik_jce_full.version>5.52_moa</iaik.prod.iaik_jce_full.version>
+ <iaik.prod.iaik_jsse.version>4.4</iaik.prod.iaik_jsse.version>
+ <iaik.prod.iaik_moa.version>2.06</iaik.prod.iaik_moa.version>
+ <iaik.prod.iaik_pki_module.version>2.01_moa</iaik.prod.iaik_pki_module.version>
+ <iaik.prod.iaik_sva.version>1.0.3_moa</iaik.prod.iaik_sva.version>
+ <iaik.prod.iaik_tsp.version>2.32_eval</iaik.prod.iaik_tsp.version>
+ <iaik.prod.iaik_util.version>0.23</iaik.prod.iaik_util.version>
+ <iaik.prod.iaik_xades.version>2.13_moa</iaik.prod.iaik_xades.version>
+ <iaik.prod.iaik_xsect.version>2.13_moa</iaik.prod.iaik_xsect.version>
+
+
+ <!-- Other third-party libs -->
<org.springframework.version>5.1.5.RELEASE</org.springframework.version>
<org.opensaml.version>2.6.6</org.opensaml.version>
<org.opensaml.xmltooling.version>1.4.6</org.opensaml.xmltooling.version>
@@ -106,6 +128,116 @@
<version>${at.gv.egiz.components.egiz-spring-api}</version>
</dependency>
+
+ <dependency>
+ <groupId>MOA.spss.server</groupId>
+ <artifactId>moa-sig-lib</artifactId>
+ <version>${MOA.spss.server.moa-sig-lib.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>*</artifactId>
+ <groupId>axis</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>MOA.spss</groupId>
+ <artifactId>common</artifactId>
+ <version>${MOA.spss.server.moa-sig-lib.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>MOA.spss</groupId>
+ <artifactId>tsl_lib</artifactId>
+ <version>${MOA.spss.tsl_lib.version}</version>
+ </dependency>
+
+
+ <!-- IAIK libs -->
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_cms</artifactId>
+ <version>${iaik.prod.iaik_cms.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_cpades</artifactId>
+ <version>${iaik.prod.iaik_cpades.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_cpxlevel</artifactId>
+ <version>${iaik.prod.iaik_cpxlevel.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_eccelerate</artifactId>
+ <version>${iaik.prod.iaik_eccelerate.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_eccelerate_addon</artifactId>
+ <version>${iaik.prod.iaik_eccelerate_addon.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_eccelerate_cms</artifactId>
+ <version>${iaik.prod.iaik_eccelerate_cms.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_jce_full</artifactId>
+ <version>${iaik.prod.iaik_jce_full.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_jsse</artifactId>
+ <version>${iaik.prod.iaik_jsse.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_moa</artifactId>
+ <version>${iaik.prod.iaik_moa.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_pki_module</artifactId>
+ <version>${iaik.prod.iaik_pki_module.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_sva</artifactId>
+ <version>${iaik.prod.iaik_sva.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_tsp</artifactId>
+ <version>${iaik.prod.iaik_tsp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_util</artifactId>
+ <version>${iaik.prod.iaik_util.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_xades</artifactId>
+ <version>${iaik.prod.iaik_xades.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_xsect</artifactId>
+ <version>${iaik.prod.iaik_xsect.version}</version>
+ </dependency>
+
+
+
+
+
+
<dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>