summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv
diff options
context:
space:
mode:
authorChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-08-06 11:23:09 +0200
committerChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-08-06 11:23:09 +0200
commit01dbd709e7ed34ec7b6bc5fb02f2d5a3399dd35e (patch)
treed550b9da3fa9d078de315e386565220e0c6fdf0a /eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv
parent34e3848720e95afe415206b1d0d1ceeef773dd1e (diff)
downloadEAAF-Components-01dbd709e7ed34ec7b6bc5fb02f2d5a3399dd35e.tar.gz
EAAF-Components-01dbd709e7ed34ec7b6bc5fb02f2d5a3399dd35e.tar.bz2
EAAF-Components-01dbd709e7ed34ec7b6bc5fb02f2d5a3399dd35e.zip
verifyXML: parametrize xpath pointing to Signature location
- Add two methods to public interface of ISignatureVerificationService, where caller can specify xpath. - Ignore intellj project files.
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv')
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java37
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java32
2 files changed, 59 insertions, 10 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
index 420fe5dc..a3243635 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java
@@ -11,7 +11,7 @@ public interface ISignatureVerificationService {
/**
* Verify a CAdES or CMS signature
* <br><br>
- * <i>This method only validates the first CMS or CAdES signature of more than one signature exists</i>
+ * <i>This method only validates the first CMS or CAdES signature if more than one signature exists</i>
*
* @param signature Enveloped CMS or CAdES signature
* @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
@@ -26,7 +26,7 @@ public interface ISignatureVerificationService {
/**
* Verify a XML or XAdES signature
* <br><br>
- * <i>This method only validates the first XML or XAdES signature of more than one signature exists</i>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
*
* @param signature Serialized XML or XAdES signature
* @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
@@ -39,7 +39,7 @@ public interface ISignatureVerificationService {
/**
* Verify a XML or XAdES signature
* <br><br>
- * <i>This method only validates the first XML or XAdES signature of more than one signature exists</i>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
*
* @param signature Serialized XML or XAdES signature
* @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
@@ -50,4 +50,35 @@ public interface ISignatureVerificationService {
IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
List<String> verifyTransformsInfoProfileID) throws MOASigServiceException;
+
+ /**
+ * Verify a XML or XAdES signature
+ * <br><br>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @param signatureLocationXpath Xpath that points to location of Signature element
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MOASigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
+ String signatureLocationXpath) throws MOASigServiceException;
+
+ /**
+ * Verify a XML or XAdES signature
+ * <br><br>
+ * <i>This method only validates the first XML or XAdES signature if more than one signature exists</i>
+ *
+ * @param signature Serialized XML or XAdES signature
+ * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration
+ * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used for signature-verification
+ * @param signatureLocationXpath Xpath that points to location of Signature element
+ * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found
+ * @throws MOASigServiceException on signatue-verification error
+ */
+ IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID,
+ List<String> verifyTransformsInfoProfileID,
+ String signatureLocationXpath) throws MOASigServiceException;
+
} \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
index 02f5f12a..e09bc8b4 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -42,7 +42,8 @@ public class SignatureVerificationService extends AbstractSignatureService imple
private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
private static final String MOA_NS_URI = Constants.MOA_NS_URI;
private static final String DSIG = Constants.DSIG_PREFIX + ":";
-
+ private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
+
private at.gv.egovernment.moa.spss.api.SignatureVerificationService svs;
/* (non-Javadoc)
@@ -110,18 +111,34 @@ public class SignatureVerificationService extends AbstractSignatureService imple
*/
@Override
public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {
- return verifyXMLSignature(signature, trustProfileID, null);
+ return verifyXMLSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION);
}
-
+
/* (non-Javadoc)
* @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.util.List)
*/
@Override
- public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MOASigServiceException {
+ public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MOASigServiceException {
+ return verifyXMLSignature(signature, trustProfileID, verifyTransformsInfoProfileID, DEFAULT_XPATH_SIGNATURE_LOCATION);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.lang.String)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, String signatureLocationXpath) throws MOASigServiceException {
+ return verifyXMLSignature(signature, trustProfileID, null, signatureLocationXpath);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.util.List, java.lang.String)
+ */
+ @Override
+ public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceException {
try {
//build signature-verification request
- final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID);
+ final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID, xpathSignatureLocation);
//send signature-verification to MOA-Sig
final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest);
@@ -179,10 +196,11 @@ public class SignatureVerificationService extends AbstractSignatureService imple
* @param signature Serialized XML signature
* @param trustProfileID MOA-Sig Trust-Profile
* @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles used for validation
+ * @param xpathSignatureLocation Xpath that points to location of Signature element
* @return
* @throws MOASigServiceBuilderException
*/
- private Element buildVerifyXMLRequest(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID) throws MOASigServiceBuilderException {
+ private Element buildVerifyXMLRequest(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceBuilderException {
try {
//build empty document
final Document requestDoc_ = getNewDocumentBuilder();
@@ -217,7 +235,7 @@ public class SignatureVerificationService extends AbstractSignatureService imple
// specify the signature location
final Element verifySignatureLocationElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
- final Node signatureLocation = requestDoc_.createTextNode("//" + DSIG + "Signature");
+ final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation);
verifySignatureLocationElem.appendChild(signatureLocation);
// signature manifest params