diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-07-30 14:28:32 +0200 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-07-30 14:28:32 +0200 |
| commit | 2a097e3666d8617ffc9819fba7317ca52d1f16e6 (patch) | |
| tree | a8a368d13e7f6f4431820f0b5dd53663f79be29a /eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid | |
| parent | a722ad1f7e8506c58f594ac84dfdedac88a556d4 (diff) | |
| download | EAAF-Components-2a097e3666d8617ffc9819fba7317ca52d1f16e6.tar.gz EAAF-Components-2a097e3666d8617ffc9819fba7317ca52d1f16e6.tar.bz2 EAAF-Components-2a097e3666d8617ffc9819fba7317ca52d1f16e6.zip | |
change packagenames of MOA-Sig module
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid')
19 files changed, 0 insertions, 1443 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureCreationService.java deleted file mode 100644 index 66eedd79..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureCreationService.java +++ /dev/null @@ -1,5 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; - -public interface ISignatureCreationService { - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java deleted file mode 100644 index f7a33395..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java +++ /dev/null @@ -1,118 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; - -import java.util.Date; -import java.util.List; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; - -public interface ISignatureVerificationService { - - /** - * Verify a CAdES or CMS signature. <br> - * <br> - * <i>This method only validates the first CMS or CAdES signature if more than - * one signature exists</i> - * - * @param signature Enveloped CMS or CAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @return @link {@link ICmsSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - ICmsSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID) - throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID) - throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @param signingDate Signature timestamp - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - Date signingDate) throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig - * configuration - * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that - * should be used for - * signature-verification - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig - * configuration - * @param signatureLocationXpath Xpath that points to location of Signature - * element - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - String signatureLocationXpath) throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig - * configuration - * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that - * should be used for - * signature-verification - * @param signatureLocationXpath Xpath that points to location of - * Signature element - * @param signingDate Signature timestamp - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - List<String> verifyTransformsInfoProfileID, String signatureLocationXpath, Date signingDate) - throws MoaSigServiceException; - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java deleted file mode 100644 index 5e7a4564..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java +++ /dev/null @@ -1,5 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; - -public interface ICmsSignatureVerificationResponse extends IGenericSignatureVerificationResponse { - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java deleted file mode 100644 index 8ebd90be..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java +++ /dev/null @@ -1,74 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; - -import java.util.Date; - -import org.springframework.lang.Nullable; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import iaik.x509.X509Certificate; - -public interface IGenericSignatureVerificationResponse { - - /** - * Returns the signing time. - * - * @return Signing time, or null if signature contains no time information - */ - @Nullable - Date getSigningDateTime(); - - /** - * Returns the signatureCheckCode. - * - * @return int - */ - int getSignatureCheckCode(); - - /** - * Returns the certificateCheckCode. - * - * @return int - */ - int getCertificateCheckCode(); - - /** - * Returns the qualifiedCertificate. - * - * @return boolean - */ - boolean isQualifiedCertificate(); - - /** - * Returns the X509 certificate. - * - * @return X509Certificate, or null if no certificate information exists - * @throws MoaSigServiceException if X509 certificate can not be deserialized - */ - @Nullable - X509Certificate getX509Certificate() throws MoaSigServiceException; - - /** - * Returns the X509 certificate in serialized form. - * - * @return Serialized X509 certificate, or null if no certificate information - * exists - */ - @Nullable - byte[] getX509CertificateEncoded(); - - /** - * Returns the publicAuthority. - * - * @return boolean - */ - boolean isPublicAuthority(); - - /** - * Returns the publicAuthorityCode. - * - * @return String OID, or null if no OID exists - */ - @Nullable - String getPublicAuthorityCode(); - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java deleted file mode 100644 index 17d5fa59..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java +++ /dev/null @@ -1,21 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; - -import java.io.InputStream; -import java.util.Map; - -/** - * Inject additional XML schemes into MOA-Sig. - * - * @author tlenz - * - */ -public interface ISchemaRessourceProvider { - - /** - * Get a Map of additional XML schemes that should be injected into MOA-Sig. - * - * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme - * as {@link InputStream} - */ - Map<String, InputStream> getSchemas(); -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java deleted file mode 100644 index 5b766917..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java +++ /dev/null @@ -1,39 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; - -/** - * XML signature verification result. - * - * @author tlenz - * - */ -public interface IXmlSignatureVerificationResponse extends IGenericSignatureVerificationResponse { - - /** - * Returns the xmlDSIGManifestCheckCode. - * - * @return int - */ - int getXmlDsigManifestCheckCode(); - - /** - * Returns the xmlDsigSubjectName. - * - * @return String - */ - String getXmlDsigSubjectName(); - - /** - * Returns the xmlDSIGManigest. - * - * @return boolean - */ - boolean isXmlDsigManigest(); - - /** - * Returns the the resulting code of the signature manifest check. - * - * @return The code of the sigature manifest check. - */ - int getSignatureManifestCheckCode(); - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java deleted file mode 100644 index e32ab932..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java +++ /dev/null @@ -1,14 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; - -public class MoaSigServiceBuilderException extends MoaSigServiceException { - - private static final long serialVersionUID = 5178393157255309476L; - - public MoaSigServiceBuilderException(final String errorId, final Object[] params) { - super(errorId, params); - } - - public MoaSigServiceBuilderException(final String errorId, final Object[] params, final Throwable e) { - super(errorId, params, e); - } -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java deleted file mode 100644 index fd5f8caf..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java +++ /dev/null @@ -1,11 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; - -public class MoaSigServiceConfigurationException extends MoaSigServiceException { - - private static final long serialVersionUID = -4710795384615456488L; - - public MoaSigServiceConfigurationException(final String errorId, final Object[] params, final Throwable e) { - super(errorId, params, e); - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java deleted file mode 100644 index a4fb6290..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java +++ /dev/null @@ -1,26 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; - -import at.gv.egiz.eaaf.core.exceptions.EaafServiceException; - -public class MoaSigServiceException extends EaafServiceException { - - private static final long serialVersionUID = -6088238428550563658L; - private static final String MOA_SIG_SERVICE_ID = "MOA-SIG-VERIFY"; - - public MoaSigServiceException(final String errorId, final Object[] params) { - super(errorId, params); - - } - - public MoaSigServiceException(final String errorId, final Object[] params, final Throwable e) { - super(errorId, params, e); - - } - - @Override - protected String getServiceIdentifier() { - return MOA_SIG_SERVICE_ID; - - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java deleted file mode 100644 index a47b45e0..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java +++ /dev/null @@ -1,14 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; - -public class MoaSigServiceParserException extends MoaSigServiceException { - - private static final long serialVersionUID = 5178393157255309476L; - - public MoaSigServiceParserException(final String errorId, final Object[] params) { - super(errorId, params); - } - - public MoaSigServiceParserException(final String errorId, final Object[] params, final Throwable e) { - super(errorId, params, e); - } -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java deleted file mode 100644 index d2cab2ef..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java +++ /dev/null @@ -1,79 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.w3c.dom.Document; - -import at.gv.egovernment.moa.spss.server.config.ConfigurationException; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; -import at.gv.egovernment.moaspss.logging.LoggingContext; -import at.gv.egovernment.moaspss.logging.LoggingContextManager; - -public abstract class AbstractSignatureService { - private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class); - - @Autowired(required = true) - MoaSigInitializer moaSigConfig; - - /** - * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, - * because {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not - * thread-safe. - * - * @return {@link Document} - * @throws ParserConfigurationException In case of an error - */ - protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException { - final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); - return docBuilder.newDocument(); - - } - - /** - * Set up the thread-local context information needed for calling the various - * <code>Invoker</code> classes. - * - * @throws ConfigurationException An error occurred setting up the configuration - * in the <code>TransactionContext</code>. - */ - protected final void setUpContexts(final String transactionID) throws ConfigurationException { - final TransactionContextManager txMgr = TransactionContextManager.getInstance(); - final LoggingContextManager logMgr = LoggingContextManager.getInstance(); - - if (txMgr.getTransactionContext() == null) { - log.debug("Set not MOA-Sig transaction context"); - final TransactionContext ctx = - new TransactionContext(transactionID, null, ConfigurationProvider.getInstance()); - txMgr.setTransactionContext(ctx); - - } - - if (logMgr.getLoggingContext() == null) { - final LoggingContext ctx = new LoggingContext(transactionID); - logMgr.setLoggingContext(ctx); - - } - - new IaikConfigurator().configure(ConfigurationProvider.getInstance()); - - } - - /** - * Tear down thread-local context information. - */ - protected void tearDownContexts() { - TransactionContextManager.getInstance().setTransactionContext(null); - LoggingContextManager.getInstance().setLoggingContext(null); - log.debug("Closing MOA-Sig transaction context"); - - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java deleted file mode 100644 index 9b7f29b8..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java +++ /dev/null @@ -1,130 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; - -import java.io.IOException; -import java.io.InputStream; -import java.security.Provider; -import java.security.Security; -import java.util.Iterator; -import java.util.Map.Entry; - -import javax.annotation.Nonnull; -import javax.annotation.PostConstruct; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceConfigurationException; -import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.Configurator; -import at.gv.egovernment.moaspss.logging.LoggingContext; -import at.gv.egovernment.moaspss.logging.LoggingContextManager; -import at.gv.egovernment.moaspss.util.DOMUtils; -import iaik.asn1.structures.AlgorithmID; -import iaik.security.ec.provider.ECCelerate; -import iaik.security.provider.IAIK; - -public class MoaSigInitializer { - private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class); - - @Autowired(required = false) - ISchemaRessourceProvider[] schemas; - - private Configurator moaSigConfigurator; - - /** - * Get MOA-Sig configuration object. - * - * @return moa-sig configuration - */ - @Nonnull - public Configurator getMoaSigConfigurator() { - return moaSigConfigurator; - - } - - @PostConstruct - private synchronized void initialize() throws MoaSigServiceConfigurationException { - log.info("Initializing MOA-Sig signature-verification service ... "); - - log.info("Loading Java security providers."); - IAIK.addAsProvider(); - ECCelerate.addAsProvider(); - - try { - LoggingContextManager.getInstance().setLoggingContext(new LoggingContext("startup")); - log.debug("MOA-Sig library initialization process ... "); - Configurator.getInstance().init(); - log.info("MOA-Sig library initialization complete "); - - //Security.insertProviderAt(IAIK.getInstance(), 0); - - //final ECCelerate eccProvider = ECCelerate.getInstance(); - //if (Security.getProvider(eccProvider.getName()) != null) { - // Security.removeProvider(eccProvider.getName()); - //} - //Security.addProvider(new ECCelerate()); - - fixJava8_141ProblemWithSslAlgorithms(); - - if (log.isDebugEnabled()) { - log.debug("Loaded Security Provider:"); - final Provider[] providerList = Security.getProviders(); - for (int i = 0; i < providerList.length; i++) { - log.debug( - i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion()); - } - - } - - // Inject additional XML schemes - if (schemas != null && schemas.length > 0) { - log.debug("Infjecting additional XML schemes ... "); - for (final ISchemaRessourceProvider el : schemas) { - final Iterator<Entry<String, InputStream>> xmlSchemeIt = - el.getSchemas().entrySet().iterator(); - while (xmlSchemeIt.hasNext()) { - final Entry<String, InputStream> xmlDef = xmlSchemeIt.next(); - try { - DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey()); - log.info("Inject XML scheme: {}", xmlDef.getKey()); - - } catch (final IOException e) { - log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e); - - } - - } - } - } - - moaSigConfigurator = Configurator.getInstance(); - - } catch (final MOAException e) { - log.error("MOA-SP initialization FAILED!", e.getWrapped()); - throw new MoaSigServiceConfigurationException("service.moasig.04", - new Object[] { e.toString() }, e); - } - - } - - private static void fixJava8_141ProblemWithSslAlgorithms() { - log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); - // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] - // { "MD5withRSA", - // "MD5/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", - new String[] { "SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", - new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", - new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", - new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", - new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); - - log.info("Change AlgorithmIDs finished"); - } -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java deleted file mode 100644 index d09b26de..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java +++ /dev/null @@ -1,28 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; - -import org.springframework.core.io.ClassPathResource; -import org.springframework.core.io.Resource; - -import at.gv.egiz.components.spring.api.SpringResourceProvider; - -public class MoaSigSpringResourceProvider implements SpringResourceProvider { - - @Override - public Resource[] getResourcesToLoad() { - final ClassPathResource moaSigConfig = - new ClassPathResource("/moa-sig-service.beans.xml", MoaSigSpringResourceProvider.class); - return new Resource[] { moaSigConfig }; - } - - @Override - public String[] getPackagesToScan() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getName() { - return "Signature-verification service based on MOA-Sig (MOA-SPSS)"; - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java deleted file mode 100644 index 559af62a..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java +++ /dev/null @@ -1,32 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; - -import javax.annotation.PostConstruct; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Service; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureCreationService; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker; -import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker; - -@Service(value = "moaSigCreateService") -public class SignatureCreationService extends AbstractSignatureService - implements ISignatureCreationService { - private static final Logger log = LoggerFactory.getLogger(SignatureCreationService.class); - - private XMLSignatureCreationInvoker xadesInvoker; - private CMSSignatureCreationInvoker cadesInvoker; - - @PostConstruct - protected void internalInitializer() { - log.debug("Instanzing SignatureCreationService implementation ... "); - xadesInvoker = XMLSignatureCreationInvoker.getInstance(); - cadesInvoker = CMSSignatureCreationInvoker.getInstance(); - log.trace("XML_impl: {} , CMS_imp: {}", - xadesInvoker.getClass().getName(), cadesInvoker.getClass().getName()); - log.info("MOA-Sig signature-creation service initialized"); - - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java deleted file mode 100644 index be27383c..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java +++ /dev/null @@ -1,377 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; - -import java.io.ByteArrayInputStream; -import java.security.cert.CertificateEncodingException; -import java.util.Date; -import java.util.List; - -import javax.annotation.PostConstruct; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceBuilderException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser; -import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; -import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl; -import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; -import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; -import at.gv.egovernment.moaspss.util.Constants; - -import org.apache.commons.lang3.time.DateFormatUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.lang.Nullable; -import org.springframework.stereotype.Service; -import org.springframework.util.Base64Utils; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -/** - * MOA-Sig based signature verification implementation. - * - * @author tlenz - * - */ -@Service(value = "moaSigVerifyService") -public class SignatureVerificationService extends AbstractSignatureService - implements ISignatureVerificationService { - private static final Logger log = LoggerFactory.getLogger(SignatureVerificationService.class); - - private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; - private static final String MOA_NS_URI = Constants.MOA_NS_URI; - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature"; - - public static final String PATTERN_ISSUE_INSTANT = "yyyy-MM-dd'T'HH:mm:ssXXX"; - - private CMSSignatureVerificationInvoker cadesInvoker; - private XMLSignatureVerificationInvoker xadesInvocer; - - /* - * (non-Javadoc) - * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. - * ISignatureVerificationService# verifyCMSSignature(byte[], java.lang.String) - */ - @Override - @Nullable - public ICmsSignatureVerificationResponse verifyCmsSignature(final byte[] signature, - final String trustProfileID) throws MoaSigServiceException { - try { - // setup context - setUpContexts(Thread.currentThread().getName()); - - // verify signature - final VerifyCMSSignatureRequest cmsSigVerifyReq = - buildVerfifyCmsRequest(signature, trustProfileID, false, false); - final VerifyCMSSignatureResponse cmsSigVerifyResp = - cadesInvoker.verifyCMSSignature(cmsSigVerifyReq); - return parseCmsVerificationResult(cmsSigVerifyResp); - - } catch (final MOAException e) { - log.warn("CMS signature verification has an error.", e); - throw new MoaSigServiceException("service.03", new Object[] { e.toString() }, e); - - } catch (final CertificateEncodingException e) { - log.warn("Can NOT serialize X509 certificate from CMS/CAdES signature-verification response", - e); - throw new MoaSigServiceException("service.03", new Object[] { e.toString() }, e); - - } finally { - tearDownContexts(); - - } - - } - - /* - * (non-Javadoc) - * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. - * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String) - */ - @Override - public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, - final String trustProfileID) throws MoaSigServiceException { - return verifyXmlSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION, null); - - } - - /* - * (non-Javadoc) - * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. - * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String, - * java.util.List) - */ - @Override - public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, - final String trustProfileID, final List<String> verifyTransformsInfoProfileID) - throws MoaSigServiceException { - return verifyXmlSignature(signature, trustProfileID, verifyTransformsInfoProfileID, - DEFAULT_XPATH_SIGNATURE_LOCATION, null); - } - - /* - * (non-Javadoc) - * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. - * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String, - * java.lang.String) - */ - @Override - public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, - final String trustProfileID, final String signatureLocationXpath) - throws MoaSigServiceException { - return verifyXmlSignature(signature, trustProfileID, null, signatureLocationXpath, null); - } - - @Override - public IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - Date signingDate) throws MoaSigServiceException { - return verifyXmlSignature(signature, trustProfileID, null, - DEFAULT_XPATH_SIGNATURE_LOCATION, signingDate); - } - - @Override - public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, - final String trustProfileID, final List<String> verifyTransformsInfoProfileID, - final String xpathSignatureLocation, Date signingDate) throws MoaSigServiceException { - try { - // setup context - setUpContexts(Thread.currentThread().getName()); - - // build signature-verification request - final Element domVerifyXmlSignatureRequest = buildVerifyXmlRequest(signature, trustProfileID, - verifyTransformsInfoProfileID, xpathSignatureLocation, signingDate); - - // send signature-verification to MOA-Sig - final VerifyXMLSignatureRequest vsrequest = - new VerifyXMLSignatureRequestParser().parse(domVerifyXmlSignatureRequest); - final VerifyXMLSignatureResponse vsresponse = xadesInvocer.verifyXMLSignature(vsrequest); - final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse); - - // parses the <IXMLSignatureVerificationResponse> - final IXmlSignatureVerificationResponse verifyXmlSignatureResponse = - new VerifyXmlSignatureResponseParser(result.getDocumentElement()).parseData(); - - return verifyXmlSignatureResponse; - - } catch (final MoaSigServiceException e) { - throw e; - - } catch (final MOAException e) { - log.warn("MOA-Sig signature-verification has an internal error." + " MsgCode: " - + e.getMessageId() + " Msg: " + e.getMessage(), e); - throw new MoaSigServiceException("service.moasig.03", new Object[] { e.getMessage() }, e); - - } finally { - tearDownContexts(); - - } - } - - private ICmsSignatureVerificationResponse parseCmsVerificationResult( - final VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException { - - if (cmsSigVerifyResp.getResponseElements() == null - || cmsSigVerifyResp.getResponseElements().isEmpty()) { - log.info("No CMS signature FOUND. "); - return null; - - } - - if (cmsSigVerifyResp.getResponseElements().size() > 1) { - log.warn( - "CMS or CAdES signature contains more than one technical signatures. Only validate the first signature"); - } - - final VerifyCMSSignatureResponseElement firstSig = - (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0); - - final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse result = - new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse(); - - // parse results into response container - result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode()); - result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode()); - - if (firstSig.getSignerInfo() != null) { - result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime()); - result - .setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded()); - result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate()); - - result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority()); - result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID()); - - } else { - log.info("CMS or CAdES verification result contains no SignerInfo"); - } - - return result; - } - - /** - * Build a VerifyCMS-Siganture request for MOA-Sig. <br> - * <br> - * This builder only generates verification-request for enveloped CMS or CAdES - * signatures <br> - * This - * - * @param signature CMS or CAdES signature - * @param trustProfileID trustProfileID MOA-Sig Trust-Profile - * @param isPdfSignature Make CAdES signature as part of an PAdES - * document - * @param performExtendedValidation To extended validation. See MOA-Sig - * documentation for detailed information - * @return - */ - private VerifyCMSSignatureRequest buildVerfifyCmsRequest(final byte[] signature, - final String trustProfileID, final boolean isPdfSignature, - final boolean performExtendedValidation) { - final VerifyCMSSignatureRequestImpl verifyCmsSignatureRequest = - new VerifyCMSSignatureRequestImpl(); - verifyCmsSignatureRequest.setDateTime(null); - verifyCmsSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature)); - verifyCmsSignatureRequest.setDataObject(null); - verifyCmsSignatureRequest.setTrustProfileId(trustProfileID); - verifyCmsSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES); - verifyCmsSignatureRequest.setPDF(isPdfSignature); - verifyCmsSignatureRequest.setExtended(performExtendedValidation); - return verifyCmsSignatureRequest; - - } - - /** - * Build a VerifyXML-Signature request for MOA-Sig. - * - * @param signature Serialized XML signature - * @param trustProfileID MOA-Sig Trust-Profile - * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles - * used for validation - * @param xpathSignatureLocation Xpath that points to location of - * Signature element - * @param sigValDate Signature timestamp - * @return MOA-Sig verification request element - * @throws MoaSigServiceBuilderException In case of an error - */ - private Element buildVerifyXmlRequest(final byte[] signature, final String trustProfileID, - final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation, - Date sigValDate) throws MoaSigServiceBuilderException { - try { - // build empty document - final Document requestDoc_ = getNewDocumentBuilder(); - - final Element requestElem_ = - requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); - requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); - requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, - Constants.DSIG_NS_URI); - requestDoc_.appendChild(requestElem_); - - // build the request - - // build set signing time - if (sigValDate != null) { - final Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime"); - requestElem_.appendChild(dateTimeElem); - final Node dateTime = requestDoc_.createTextNode( - DateFormatUtils.format(sigValDate, PATTERN_ISSUE_INSTANT)); - dateTimeElem.appendChild(dateTime); - - } - - //set other parameters - final Element verifiySignatureInfoElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); - requestElem_.appendChild(verifiySignatureInfoElem); - final Element verifySignatureEnvironmentElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); - verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); - final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); - verifySignatureEnvironmentElem.appendChild(base64ContentElem); - - // insert the base64 encoded signature - String base64EncodedAssertion = Base64Utils.encodeToString(signature); - // replace all '\r' characters by no char. - final StringBuffer replaced = new StringBuffer(); - for (int i = 0; i < base64EncodedAssertion.length(); i++) { - final char c = base64EncodedAssertion.charAt(i); - if (c != '\r') { - replaced.append(c); - } - } - base64EncodedAssertion = replaced.toString(); - final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); - base64ContentElem.appendChild(base64Content); - - // specify the signature location - final Element verifySignatureLocationElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); - verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); - final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation); - verifySignatureLocationElem.appendChild(signatureLocation); - - // signature manifest params - if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { - final Element signatureManifestCheckParamsElem = - requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); - requestElem_.appendChild(signatureManifestCheckParamsElem); - signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); - - // verify transformations - final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); - signatureManifestCheckParamsElem.appendChild(referenceInfoElem); - for (final String element : verifyTransformsInfoProfileID) { - final Element verifyTransformsInfoProfileIdElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID"); - referenceInfoElem.appendChild(verifyTransformsInfoProfileIdElem); - verifyTransformsInfoProfileIdElem.appendChild(requestDoc_.createTextNode(element)); - - } - } - - // hashinput data - final Element returnHashInputDataElem = - requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); - requestElem_.appendChild(returnHashInputDataElem); - - // add trustProfileID - final Element trustProfileIdElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); - trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID)); - requestElem_.appendChild(trustProfileIdElem); - - return requestElem_; - - } catch (final Throwable t) { - log.warn("Can NOT build VerifyXML-Signature request for MOA-Sig", t); - throw new MoaSigServiceBuilderException("service.moasig.03", new Object[] { t.getMessage() }, - t); - - } - - } - - @PostConstruct - protected void internalInitializer() { - log.debug("Instanzing SignatureVerificationService implementation ... "); - // svs = - // at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance(); - cadesInvoker = CMSSignatureVerificationInvoker.getInstance(); - xadesInvocer = XMLSignatureVerificationInvoker.getInstance(); - log.info("MOA-Sig signature-verification service initialized"); - - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java deleted file mode 100644 index 0485f31f..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java +++ /dev/null @@ -1,152 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import java.io.Serializable; -import java.security.cert.CertificateException; -import java.util.Date; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; -import iaik.x509.X509Certificate; - -public class GenericSignatureVerificationResponse - implements IGenericSignatureVerificationResponse, Serializable { - - private static final long serialVersionUID = -7751001050689401118L; - private static final Logger log = - LoggerFactory.getLogger(GenericSignatureVerificationResponse.class); - - /** The signing time. */ - private Date signingDateTime; - - /** The signatureCheckCode to be stored. */ - private int signatureCheckCode; - - /** The certificateCheckCode to be stored. */ - private int certificateCheckCode; - - /** The publicAuthority to be stored. */ - private boolean publicAuthority; - - /** The publicAuthorityCode to be stored. */ - private String publicAuthorityCode; - - /** The qualifiedCertificate to be stored. */ - private boolean qualifiedCertificate; - - private byte[] x509CertificateEncoded; - - @Override - public Date getSigningDateTime() { - if (this.signingDateTime != null) { - return new Date(this.signingDateTime.getTime()); - } - return null; - - } - - @Override - public int getSignatureCheckCode() { - return this.signatureCheckCode; - - } - - @Override - public int getCertificateCheckCode() { - return this.certificateCheckCode; - - } - - @Override - public boolean isQualifiedCertificate() { - return this.qualifiedCertificate; - - } - - @Override - public X509Certificate getX509Certificate() throws MoaSigServiceException { - if (x509CertificateEncoded != null) { - try { - return new X509Certificate(x509CertificateEncoded); - - } catch (final CertificateException e) { - log.error("Can NOT parse X509 certifcate in " - + GenericSignatureVerificationResponse.class.getName(), e); - throw new MoaSigServiceParserException("service.moasig.01", null, e); - } - - } - - return null; - - } - - @Override - public byte[] getX509CertificateEncoded() { - if (this.x509CertificateEncoded != null) { - return this.x509CertificateEncoded.clone(); - - } - return null; - - } - - @Override - public boolean isPublicAuthority() { - return this.publicAuthority; - - } - - @Override - public String getPublicAuthorityCode() { - return this.publicAuthorityCode; - - } - - /** - * Set signature creation timestramp. - * - * @param signingDateTime timestamp - */ - public void setSigningDateTime(final Date signingDateTime) { - if (signingDateTime != null) { - this.signingDateTime = new Date(signingDateTime.getTime()); - } - } - - public void setSignatureCheckCode(final int signatureCheckCode) { - this.signatureCheckCode = signatureCheckCode; - } - - public void setCertificateCheckCode(final int certificateCheckCode) { - this.certificateCheckCode = certificateCheckCode; - } - - public void setPublicAuthority(final boolean publicAuthority) { - this.publicAuthority = publicAuthority; - } - - public void setPublicAuthorityCode(final String publicAuthorityCode) { - this.publicAuthorityCode = publicAuthorityCode; - } - - public void setQualifiedCertificate(final boolean qualifiedCertificate) { - this.qualifiedCertificate = qualifiedCertificate; - } - - /** - * Set encoded signer certificate. - * - * @param x509CertificateEncoded signer cerificate - */ - public void setX509CertificateEncoded(final byte[] x509CertificateEncoded) { - if (x509CertificateEncoded != null) { - this.x509CertificateEncoded = x509CertificateEncoded.clone(); - - } - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java deleted file mode 100644 index ed679828..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java +++ /dev/null @@ -1,10 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; - -public class VerifyCmsSignatureResponse extends GenericSignatureVerificationResponse - implements ICmsSignatureVerificationResponse { - - private static final long serialVersionUID = 708260904158070696L; - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java deleted file mode 100644 index 4b0632b1..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java +++ /dev/null @@ -1,115 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; - -/** - * MOA-Sig signature verification response for XML based signatures. - * - * @author tlenz - * - */ - -public class VerifyXmlSignatureResponse extends GenericSignatureVerificationResponse - implements IXmlSignatureVerificationResponse { - - private static final long serialVersionUID = 8386070769565711601L; - - /** The xmlDsigSubjectName to be stored. */ - private String xmlDsigSubjectName; - - /** The xmlDSIGManifestCheckCode to be stored. */ - private int xmlDsigManifestCheckCode; - /** The xmlDSIGManigest to be stored. */ - private boolean xmlDsigManigest; - - /** - * The result of the signature manifest check. The default value <code>-1</code> - * indicates that the signature manifest has not been checked. - */ - private int signatureManifestCheckCode = -1; - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * getXmlDSIGManifestCheckCode() - */ - @Override - public int getXmlDsigManifestCheckCode() { - return xmlDsigManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * getXmlDsigSubjectName() - */ - @Override - public String getXmlDsigSubjectName() { - return xmlDsigSubjectName; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setXmlDSIGManifestCheckCode( int) - */ - public void setXmlDsigManifestCheckCode(final int xmlDsigManifestCheckCode) { - this.xmlDsigManifestCheckCode = xmlDsigManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setXmlDsigSubjectName(java.lang .String) - */ - public void setXmlDsigSubjectName(final String xmlDsigSubjectName) { - this.xmlDsigSubjectName = xmlDsigSubjectName; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * isXmlDSIGManigest() - */ - @Override - public boolean isXmlDsigManigest() { - return xmlDsigManigest; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setXmlDSIGManigest(boolean) - */ - public void setXmlDsigManigest(final boolean xmlDsigManigest) { - this.xmlDsigManigest = xmlDsigManigest; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * getSignatureManifestCheckCode() - */ - @Override - public int getSignatureManifestCheckCode() { - return signatureManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setSignatureManifestCheckCode( int) - */ - public void setSignatureManifestCheckCode(final int signatureManifestCheckCode) { - this.signatureManifestCheckCode = signatureManifestCheckCode; - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java deleted file mode 100644 index 231cb94f..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java +++ /dev/null @@ -1,193 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; - -import org.joda.time.DateTime; -import org.joda.time.format.ISODateTimeFormat; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.lang.NonNull; -import org.w3c.dom.Element; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXmlSignatureResponse; -import at.gv.egovernment.moaspss.util.Constants; -import at.gv.egovernment.moaspss.util.DOMUtils; -import at.gv.egovernment.moaspss.util.XPathUtils; -import iaik.utils.Base64InputStream; -import iaik.x509.X509Certificate; - -public class VerifyXmlSignatureResponseParser { - private static final Logger log = LoggerFactory.getLogger(VerifyXmlSignatureResponseParser.class); - - // - // XPath namespace prefix shortcuts - // - /** Xpath prefix for reaching MOA Namespaces. */ - private static final String MOA = Constants.MOA_PREFIX + ":"; - /** Xpath prefix for reaching DSIG Namespaces. */ - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - /** Xpath expression to the root element. */ - private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/"; - - /** Xpath expression to the X509SubjectName element. */ - private static final String DSIG_SUBJECT_NAME_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + DSIG + "X509SubjectName"; - /** Xpath expression to the X509Certificate element. */ - private static final String DSIG_X509_CERTIFICATE_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + DSIG + "X509Certificate"; - /** Xpath expression to the PublicAuthority element. */ - private static final String PUBLIC_AUTHORITY_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + MOA + "PublicAuthority"; - /** Xpath expression to the PublicAuthorityCode element. */ - private static final String PUBLIC_AUTHORITY_CODE_XPATH = - PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code"; - /** Xpath expression to the QualifiedCertificate element. */ - private static final String QUALIFIED_CERTIFICATE_XPATH = - ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + MOA + "QualifiedCertificate"; - - /** Xpath expression to the SignatureCheckCode element. */ - private static final String SIGNATURE_CHECK_CODE_XPATH = - ROOT + MOA + "SignatureCheck/" + MOA + "Code"; - /** Xpath expression to the XMLDSIGManifestCheckCode element. */ - private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH = - ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code"; - /** Xpath expression to the SignatureManifestCheckCode element. */ - private static final String SIGNATURE_MANIFEST_CHECK_CODE_XPATH = - ROOT + MOA + "SignatureManifestCheck/" + MOA + "Code"; - /** Xpath expression to the CertificateCheckCode element. */ - private static final String CERTIFICATE_CHECK_CODE_XPATH = - ROOT + MOA + "CertificateCheck/" + MOA + "Code"; - - private static final String SIGNING_TIME_XPATH = ROOT + MOA + "SigningTime"; - - /** - * This is the root element of the XML-Document provided by the Security Layer - * Card. - */ - private Element verifyXmlSignatureResponse; - - /** - * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the - * incoming String will be created - * - * @param xmlResponse <code><InfoboxReadResponse></code> as String - * @throws MoaSigServiceParserException on any parsing error - */ - public VerifyXmlSignatureResponseParser(final String xmlResponse) - throws MoaSigServiceParserException { - try { - final InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); - verifyXmlSignatureResponse = DOMUtils.parseXmlValidating(s); - - } catch (final Throwable t) { - log.warn("Can not parse MOA-Sig response.", t); - throw new MoaSigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); - - } - } - - /** - * Constructor for VerifyXMLSignatureResponseParser. A DOM-representation of the - * incoming Inputstream will be created - * - * @param xmlResponse <code><InfoboxReadResponse></code> as InputStream - * @throws MoaSigServiceParserException on any parsing error - */ - public VerifyXmlSignatureResponseParser(final InputStream xmlResponse) - throws MoaSigServiceParserException { - try { - verifyXmlSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse); - - } catch (final Throwable t) { - log.warn("Can not parse MOA-Sig response.", t); - throw new MoaSigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); - - } - } - - /** - * Constructor for VerifyXMLSignatureResponseParser. The incoming Element will - * be used for further operations - * - * @param xmlResponse <code><InfoboxReadResponse></code> as Element - */ - public VerifyXmlSignatureResponseParser(final Element xmlResponse) { - verifyXmlSignatureResponse = xmlResponse; - - } - - /** - * Parse MOA-Sig signatur-verification result into - * {@link IXmlSignatureVerificationResponse}. - * - * @return {@link IXmlSignatureVerificationResponse} - * @throws MoaSigServiceException on any parsing error - */ - @NonNull - public IXmlSignatureVerificationResponse parseData() throws MoaSigServiceException { - try { - final VerifyXmlSignatureResponse respData = new VerifyXmlSignatureResponse(); - respData.setXmlDsigSubjectName( - XPathUtils.getElementValue(verifyXmlSignatureResponse, DSIG_SUBJECT_NAME_XPATH, "")); - final Element e = (Element) XPathUtils.selectSingleNode(verifyXmlSignatureResponse, - QUALIFIED_CERTIFICATE_XPATH); - respData.setQualifiedCertificate(e != null); - - final Base64InputStream in = new Base64InputStream(new ByteArrayInputStream( - XPathUtils.getElementValue(verifyXmlSignatureResponse, DSIG_X509_CERTIFICATE_XPATH, "") - .getBytes("UTF-8")), - true); - - respData.setX509CertificateEncoded(new X509Certificate(in).getEncoded()); - - final Element publicAuthority = - (Element) XPathUtils.selectSingleNode(verifyXmlSignatureResponse, PUBLIC_AUTHORITY_XPATH); - respData.setPublicAuthority(publicAuthority != null); - respData.setPublicAuthorityCode( - XPathUtils.getElementValue(verifyXmlSignatureResponse, PUBLIC_AUTHORITY_CODE_XPATH, "")); - respData.setSignatureCheckCode(Integer.parseInt( - XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNATURE_CHECK_CODE_XPATH, ""))); - - final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXmlSignatureResponse, - XMLDSIG_MANIFEST_CHECK_CODE_XPATH, null); - if (xmlDsigCheckCode != null) { - respData.setXmlDsigManigest(true); - respData.setXmlDsigManifestCheckCode(Integer.parseInt(xmlDsigCheckCode)); - - } else { - respData.setXmlDsigManigest(false); - - } - - final String signatureManifestCheckCode = XPathUtils - .getElementValue(verifyXmlSignatureResponse, SIGNATURE_MANIFEST_CHECK_CODE_XPATH, null); - if (signatureManifestCheckCode != null) { - respData.setSignatureManifestCheckCode(Integer.parseInt(signatureManifestCheckCode)); - - } - respData.setCertificateCheckCode(Integer.parseInt( - XPathUtils.getElementValue(verifyXmlSignatureResponse, CERTIFICATE_CHECK_CODE_XPATH, ""))); - - final String signingTimeElement = - XPathUtils.getElementValue(verifyXmlSignatureResponse, SIGNING_TIME_XPATH, ""); - if (signingTimeElement != null && !signingTimeElement.isEmpty()) { - final DateTime datetime = - ISODateTimeFormat.dateOptionalTimeParser().parseDateTime(signingTimeElement); - respData.setSigningDateTime(datetime.toDate()); - - } - - return respData; - - } catch (final Throwable t) { - log.warn("Can not parse MOA-Sig response.", t); - throw new MoaSigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); - } - - } - -} |