refactor MOA-Sig initialization to treat with initialization problems on some system

author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2019-11-28 09:24:08 +0100
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2019-11-28 09:24:08 +0100
commit: 34c69761dc8653ac8dbaf426880a3d3737fde0ae (patch)
tree: cbbc03cab9edddcdb91bd249e548cb0103082f6c /eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
parent: d19b97c97b0d333bcdb885516b0e0f90d28bfa41 (diff)
download: EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.gz
EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.bz2
EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.zip
1 files changed, 56 insertions, 42 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
index e09bc8b4..c77f3097 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -4,6 +4,8 @@ import java.io.ByteArrayInputStream;
 import java.security.cert.CertificateEncodingException;
 import java.util.List;
 
+import javax.annotation.PostConstruct;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.lang.Nullable;
@@ -28,6 +30,8 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
 import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
 import at.gv.egovernment.moaspss.util.Constants;
 
 
@@ -44,7 +48,8 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	private static final String DSIG = Constants.DSIG_PREFIX + ":";
 	private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
 
-	private at.gv.egovernment.moa.spss.api.SignatureVerificationService svs; 
+	private CMSSignatureVerificationInvoker cadesInvoker;
+	private XMLSignatureVerificationInvoker xadesInvocer;
 	
 	/* (non-Javadoc)
 	 * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyCMSSignature(byte[], java.lang.String)
@@ -53,8 +58,12 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	@Nullable
 	public ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {	 
 		try {
+			//setup context
+			setUpContexts(Thread.currentThread().getName());
+			
+			//verify signature
 			final VerifyCMSSignatureRequest cmsSigVerifyReq = buildVerfifyCMSRequest(signature, trustProfileID, false, false);
-			final VerifyCMSSignatureResponse cmsSigVerifyResp = svs.verifyCMSSignature(cmsSigVerifyReq );
+			final VerifyCMSSignatureResponse cmsSigVerifyResp = cadesInvoker.verifyCMSSignature(cmsSigVerifyReq );
 			return parseCMSVerificationResult(cmsSigVerifyResp);
 									
 		} catch (final MOAException e) {
@@ -69,43 +78,6 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 		  
 	}
 	 
-	private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
-		
-		if (cmsSigVerifyResp.getResponseElements() == null ||
-				cmsSigVerifyResp.getResponseElements().isEmpty()) {
-			log.info("No CMS signature FOUND. ");
-			return null;
-			
-		}
-		
-		if (cmsSigVerifyResp.getResponseElements().size() > 1)
-			log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
-		
-		final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
-		
-		final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result = 
-				new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
-	
-		//parse results into response container
-		result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
-		result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
-		
-		if (firstSig.getSignerInfo() != null) {
-			result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
-			result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
-			result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
-		
-			result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
-			result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
-			
-		} else
-			log.info("CMS or CAdES verification result contains no SignerInfo");		
-		
-		return result;
-	}
-
-
-
 	/* (non-Javadoc)
 	 * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String)
 	 */
@@ -137,12 +109,15 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	@Override
 	public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,  List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceException {
 		try {
+			//setup context
+			setUpContexts(Thread.currentThread().getName());
+			
 			//build signature-verification request
 			 final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID, xpathSignatureLocation);
 
 			//send signature-verification to MOA-Sig			  	
 			final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest);		
-		    final VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
+		    final VerifyXMLSignatureResponse vsresponse = xadesInvocer.verifyXMLSignature(vsrequest);
 		    final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
 			  			
 			// parses the <IXMLSignatureVerificationResponse>
@@ -163,6 +138,41 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 		}		
 	}
 	  
+private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
+		
+		if (cmsSigVerifyResp.getResponseElements() == null ||
+				cmsSigVerifyResp.getResponseElements().isEmpty()) {
+			log.info("No CMS signature FOUND. ");
+			return null;
+			
+		}
+		
+		if (cmsSigVerifyResp.getResponseElements().size() > 1)
+			log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
+		
+		final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
+		
+		final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result = 
+				new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
+	
+		//parse results into response container
+		result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
+		result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
+		
+		if (firstSig.getSignerInfo() != null) {
+			result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
+			result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
+			result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
+		
+			result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
+			result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
+			
+		} else
+			log.info("CMS or CAdES verification result contains no SignerInfo");		
+		
+		return result;
+	}
+	
 	/**
 	 * Build a VerifyCMS-Siganture request for MOA-Sig.
 	 * <br><br>
@@ -274,10 +284,14 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 	    
 	  }
 
-	@Override
+
+	
+	@PostConstruct
 	protected void internalInitializer() {
         log.debug("Instanzing SignatureVerificationService implementation ... ");
-		svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();		
+		//svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();		
+		cadesInvoker = CMSSignatureVerificationInvoker.getInstance();
+		xadesInvocer = XMLSignatureVerificationInvoker.getInstance();
 		log.info("MOA-Sig signature-verification service initialized");
 		
 	}
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2019-11-28 09:24:08 +0100
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2019-11-28 09:24:08 +0100
commit	34c69761dc8653ac8dbaf426880a3d3737fde0ae (patch)
tree	cbbc03cab9edddcdb91bd249e548cb0103082f6c /eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
parent	d19b97c97b0d333bcdb885516b0e0f90d28bfa41 (diff)
download	EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.gz EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.bz2 EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.zip