refactor MOA-Sig initialization to treat with initialization problems on some system

author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2019-11-28 09:24:08 +0100
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2019-11-28 09:24:08 +0100
commit: 34c69761dc8653ac8dbaf426880a3d3737fde0ae (patch)
tree: cbbc03cab9edddcdb91bd249e548cb0103082f6c
parent: d19b97c97b0d333bcdb885516b0e0f90d28bfa41 (diff)
download: EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.gz
EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.bz2
EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.zip
5 files changed, 210 insertions, 162 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
index d796c165..d9778156 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
@@ -1,118 +1,23 @@
 package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Iterator;
-import java.util.Map.Entry;
-
-import javax.annotation.PostConstruct;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.w3c.dom.Document;
 
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
-import at.gv.egovernment.moa.spss.MOAException;
-import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moaspss.logging.LoggingContext;
 import at.gv.egovernment.moaspss.logging.LoggingContextManager;
-import at.gv.egovernment.moaspss.util.DOMUtils;
-import iaik.asn1.structures.AlgorithmID;
-import iaik.security.ec.provider.ECCelerate;
-import iaik.security.provider.IAIK;
 
 public abstract class AbstractSignatureService {
 	private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class);
-	private static boolean isMOASigInitialized = false;
-	
-	@Autowired(required=false) ISchemaRessourceProvider[] schemas;
-	
-	@PostConstruct
-	private synchronized void initialize() throws MOASigServiceConfigurationException {
-		
-		if (!isMOASigInitialized) {		
-			log.info("Initializing MOA-Sig signature-verification service ... ");
 			
-	        log.info("Loading Java security providers.");
-	        IAIK.addAsProvider();                
-	        ECCelerate.addAsProvider();
-			                
-	        try {
-	        	LoggingContextManager.getInstance().setLoggingContext(
-	                    new LoggingContext("startup"));
-	        	log.debug("MOA-Sig library initialization process ... ");
-	        	Configurator.getInstance().init();        	
-	        	log.info("MOA-Sig library initialization complete ");
-	        	                       
-	         } catch (final MOAException e) {
-	        	 log.error("MOA-SP initialization FAILED!", e.getWrapped()); 
-	             throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
-	                      .toString() }, e);
-			}
-	        
-	        Security.insertProviderAt(IAIK.getInstance(), 0);
-	        
-	        final ECCelerate eccProvider = ECCelerate.getInstance();
-	        if (Security.getProvider(eccProvider.getName()) != null)
-	        	Security.removeProvider(eccProvider.getName());	        	
-	        Security.addProvider(new ECCelerate());
-	        
-	        fixJava8_141ProblemWithSSLAlgorithms();
-			
-	        if (log.isDebugEnabled()) {
-	        	log.debug("Loaded Security Provider:");
-	        	final Provider[] providerList = Security.getProviders();
-	        	for (int i=0; i<providerList.length; i++)
-	        		log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());        		
-	        	
-	        }
-	        
-	        
-	        //Inject additional XML schemes
-	        if (schemas != null && schemas.length > 0) {
-	        	log.debug("Infjecting additional XML schemes ... ");
-	        	for (final ISchemaRessourceProvider el : schemas) {
-	        		final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator();
-	        		while (xmlSchemeIt.hasNext()) {
-						final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
-						try {
-							DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
-							log.info("Inject XML scheme: {}", xmlDef.getKey());
-							
-						} catch (final IOException e) {
-							log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
-							
-						}
-						
-					}	        			        		
-	        	}
-	        	
-	        } else
-	        	log.trace("No additional XML schemes to inject. Skip this feature");
-	        
-	        
-	        isMOASigInitialized = true;
-	        
-		} else
-			log.info("MOA-Sig is already initialized. Skipping this steps ... ");
-        
-        internalInitializer();
-        		
-	}
-	
-	/**
-	 * Executed in <code>@PostConstruct</code> as last step
-	 * 
-	 */
-	abstract protected void internalInitializer(); 
-	
 	/**
 	 * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because 
 	 * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe.
@@ -126,20 +31,29 @@ public abstract class AbstractSignatureService {
 		
 	}
 	
-    private static void fixJava8_141ProblemWithSSLAlgorithms() {
-    	log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
-        //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA",  }, null, true);
-        new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", 
-        		new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
-        new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", 
-        		new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
-        new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", 
-        		new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA",  }, null, true);
-        new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", 
-        		new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA",  }, null, true);
-        new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", 
-        		new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
-        
-        log.info("Change AlgorithmIDs finished");
-    }
+	  /**
+	   * Set up the thread-local context information needed for calling the various 
+	   * <code>Invoker</code> classes.
+	   *  
+	   * @throws ConfigurationException An error occurred setting up the
+	   * configuration in the <code>TransactionContext</code>.
+	   */
+	protected final void setUpContexts( String transactionID) throws ConfigurationException {
+	    final TransactionContextManager txMgr = TransactionContextManager.getInstance();
+	    final LoggingContextManager logMgr = LoggingContextManager.getInstance();
+	    
+	    if (txMgr.getTransactionContext() == null) {
+	      final TransactionContext ctx = new TransactionContext(transactionID, null, ConfigurationProvider.getInstance());
+	      txMgr.setTransactionContext(ctx);
+	      
+	    }
+	    
+	    if (logMgr.getLoggingContext() == null) {
+	      final LoggingContext ctx = new LoggingContext(transactionID);
+	      logMgr.setLoggingContext(ctx);
+	      
+	    }
+	    
+	}
+
 }
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
new file mode 100644
index 00000000..b287357c
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
@@ -0,0 +1,108 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.Provider;
+import java.security.Security;
+import java.util.Iterator;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import iaik.asn1.structures.AlgorithmID;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
+
+public class MoaSigInitializer {
+	private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class);
+	
+	@Autowired(required=false) ISchemaRessourceProvider[] schemas;
+	
+	@PostConstruct
+	private synchronized void initialize() throws MOASigServiceConfigurationException {			
+		log.info("Initializing MOA-Sig signature-verification service ... ");
+		
+        log.info("Loading Java security providers.");
+        IAIK.addAsProvider();                
+        ECCelerate.addAsProvider();
+		                
+        try {
+        	LoggingContextManager.getInstance().setLoggingContext(
+                    new LoggingContext("startup"));
+        	log.debug("MOA-Sig library initialization process ... ");
+        	Configurator.getInstance().init();        	
+        	log.info("MOA-Sig library initialization complete ");
+        	                       
+         } catch (final MOAException e) {
+        	 log.error("MOA-SP initialization FAILED!", e.getWrapped()); 
+             throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
+                      .toString() }, e);
+		}
+        
+        Security.insertProviderAt(IAIK.getInstance(), 0);
+        
+        final ECCelerate eccProvider = ECCelerate.getInstance();
+        if (Security.getProvider(eccProvider.getName()) != null)
+        	Security.removeProvider(eccProvider.getName());	        	
+        Security.addProvider(new ECCelerate());
+        
+        fixJava8_141ProblemWithSSLAlgorithms();
+		
+        if (log.isDebugEnabled()) {
+        	log.debug("Loaded Security Provider:");
+        	final Provider[] providerList = Security.getProviders();
+        	for (int i=0; i<providerList.length; i++)
+        		log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());        		
+        	
+        }
+        
+        
+        //Inject additional XML schemes
+        if (schemas != null && schemas.length > 0) {
+        	log.debug("Infjecting additional XML schemes ... ");
+        	for (final ISchemaRessourceProvider el : schemas) {
+        		final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator();
+        		while (xmlSchemeIt.hasNext()) {
+					final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
+					try {
+						DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
+						log.info("Inject XML scheme: {}", xmlDef.getKey());
+						
+					} catch (final IOException e) {
+						log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
+						
+					}
+					
+				}	        			        		
+        	}
+        }
+	}
+	
+    private static void fixJava8_141ProblemWithSSLAlgorithms() {
+    	log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+        //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", 
+        		new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", 
+        		new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", 
+        		new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", 
+        		new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", 
+        		new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+        
+        log.info("Change AlgorithmIDs finished");
+    }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
index 0dcb0960..59e7b516 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
@@ -1,21 +1,28 @@
 package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
 
+import javax.annotation.PostConstruct;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 
 import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureCreationService;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker;
 
 @Service(value="moaSigCreateService")
 public class SignatureCreationService extends AbstractSignatureService implements ISignatureCreationService{
 	private static final Logger log = LoggerFactory.getLogger(SignatureCreationService.class);
 	
-	private at.gv.egovernment.moa.spss.api.SignatureCreationService scs = null;
+	private XMLSignatureCreationInvoker xadesInvoker;
+	private CMSSignatureCreationInvoker cadesInvoker;
+	
 	
-	@Override
+	@PostConstruct
 	protected void internalInitializer() {
         log.debug("Instanzing SignatureCreationService implementation ... ");
-		scs = at.gv.egovernment.moa.spss.api.SignatureCreationService.getInstance();		
+        xadesInvoker = XMLSignatureCreationInvoker.getInstance();
+        cadesInvoker = CMSSignatureCreationInvoker.getInstance();
 		log.info("MOA-Sig signature-creation service initialized");
 
 	}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
index e09bc8b4..c77f3097 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -4,6 +4,8 @@ import java.io.ByteArrayInputStream;
 import java.security.cert.CertificateEncodingException;
 import java.util.List;
 
+import javax.annotation.PostConstruct;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.lang.Nullable;
@@ -28,6 +30,8 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
 import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
 import at.gv.egovernment.moaspss.util.Constants;
 
 
@@ -44,7 +48,8 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	private static final String DSIG = Constants.DSIG_PREFIX + ":";
 	private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
 
-	private at.gv.egovernment.moa.spss.api.SignatureVerificationService svs; 
+	private CMSSignatureVerificationInvoker cadesInvoker;
+	private XMLSignatureVerificationInvoker xadesInvocer;
 	
 	/* (non-Javadoc)
 	 * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyCMSSignature(byte[], java.lang.String)
@@ -53,8 +58,12 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	@Nullable
 	public ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {	 
 		try {
+			//setup context
+			setUpContexts(Thread.currentThread().getName());
+			
+			//verify signature
 			final VerifyCMSSignatureRequest cmsSigVerifyReq = buildVerfifyCMSRequest(signature, trustProfileID, false, false);
-			final VerifyCMSSignatureResponse cmsSigVerifyResp = svs.verifyCMSSignature(cmsSigVerifyReq );
+			final VerifyCMSSignatureResponse cmsSigVerifyResp = cadesInvoker.verifyCMSSignature(cmsSigVerifyReq );
 			return parseCMSVerificationResult(cmsSigVerifyResp);
 									
 		} catch (final MOAException e) {
@@ -69,43 +78,6 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 		  
 	}
 	 
-	private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
-		
-		if (cmsSigVerifyResp.getResponseElements() == null ||
-				cmsSigVerifyResp.getResponseElements().isEmpty()) {
-			log.info("No CMS signature FOUND. ");
-			return null;
-			
-		}
-		
-		if (cmsSigVerifyResp.getResponseElements().size() > 1)
-			log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
-		
-		final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
-		
-		final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result = 
-				new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
-	
-		//parse results into response container
-		result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
-		result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
-		
-		if (firstSig.getSignerInfo() != null) {
-			result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
-			result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
-			result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
-		
-			result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
-			result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
-			
-		} else
-			log.info("CMS or CAdES verification result contains no SignerInfo");		
-		
-		return result;
-	}
-
-
-
 	/* (non-Javadoc)
 	 * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String)
 	 */
@@ -137,12 +109,15 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	@Override
 	public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,  List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceException {
 		try {
+			//setup context
+			setUpContexts(Thread.currentThread().getName());
+			
 			//build signature-verification request
 			 final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID, xpathSignatureLocation);
 
 			//send signature-verification to MOA-Sig			  	
 			final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest);		
-		    final VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
+		    final VerifyXMLSignatureResponse vsresponse = xadesInvocer.verifyXMLSignature(vsrequest);
 		    final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
 			  			
 			// parses the <IXMLSignatureVerificationResponse>
@@ -163,6 +138,41 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 		}		
 	}
 	  
+private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
+		
+		if (cmsSigVerifyResp.getResponseElements() == null ||
+				cmsSigVerifyResp.getResponseElements().isEmpty()) {
+			log.info("No CMS signature FOUND. ");
+			return null;
+			
+		}
+		
+		if (cmsSigVerifyResp.getResponseElements().size() > 1)
+			log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
+		
+		final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
+		
+		final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result = 
+				new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
+	
+		//parse results into response container
+		result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
+		result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
+		
+		if (firstSig.getSignerInfo() != null) {
+			result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
+			result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
+			result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
+		
+			result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
+			result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
+			
+		} else
+			log.info("CMS or CAdES verification result contains no SignerInfo");		
+		
+		return result;
+	}
+	
 	/**
 	 * Build a VerifyCMS-Siganture request for MOA-Sig.
 	 * <br><br>
@@ -274,10 +284,14 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	    
 	  }
 
-	@Override
+
+	
+	@PostConstruct
 	protected void internalInitializer() {
         log.debug("Instanzing SignatureVerificationService implementation ... ");
-		svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();		
+		//svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();		
+		cadesInvoker = CMSSignatureVerificationInvoker.getInstance();
+		xadesInvocer = XMLSignatureVerificationInvoker.getInstance();
 		log.info("MOA-Sig signature-verification service initialized");
 		
 	}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
index 2f5408b6..60b75f3c 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
@@ -11,10 +11,15 @@
 
 	<context:annotation-config />
 
+	<bean 	id="moaSigInitializer" 
+			class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.MoaSigInitializer" />			
+	
 	<bean 	id="moaSigVerifyService" 
-			class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService" />			
+			class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService" 
+			depends-on="moaSigInitializer" />			
 	
 	<bean 	id="moaSigCreateService" 
-			class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureCreationService" />
+			class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureCreationService"
+			depends-on="moaSigInitializer" />
 																						
 </beans>
 \ No newline at end of file
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2019-11-28 09:24:08 +0100
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2019-11-28 09:24:08 +0100
commit	34c69761dc8653ac8dbaf426880a3d3737fde0ae (patch)
tree	cbbc03cab9edddcdb91bd249e548cb0103082f6c
parent	d19b97c97b0d333bcdb885516b0e0f90d28bfa41 (diff)
download	EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.gz EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.bz2 EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.zip