diff options
author | Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at> | 2019-06-19 08:55:49 +0200 |
---|---|---|
committer | Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at> | 2019-06-19 08:55:49 +0200 |
commit | 1bad320e50f66e44fcb23f0c8d242809f8077520 (patch) | |
tree | 2c65c6f9ca55c95c2327bdd39474cfab35f73d46 /eaaf_modules/eaaf_module_moa-sig/src | |
parent | 5d306c41c0033f330413cf2b18db9f1137d51980 (diff) | |
parent | 470ac2c6234a0bac1e973fd3c1f49e1d9da41be4 (diff) | |
download | EAAF-Components-1bad320e50f66e44fcb23f0c8d242809f8077520.tar.gz EAAF-Components-1bad320e50f66e44fcb23f0c8d242809f8077520.tar.bz2 EAAF-Components-1bad320e50f66e44fcb23f0c8d242809f8077520.zip |
Merge branch 'master' into moa-sig-dependency-fixup
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src')
3 files changed, 57 insertions, 5 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java new file mode 100644 index 00000000..9548d96b --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java @@ -0,0 +1,20 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +import java.io.InputStream; +import java.util.Map; + +/** + * Inject additional XML schemes into MOA-Sig + * + * @author tlenz + * + */ +public interface ISchemaRessourceProvider { + + /** + * Get a Map of additional XML schemes that should be injected into MOA-Sig + * + * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme as {@link InputStream} + */ + public Map<String, InputStream> getSchemas(); +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java index fe99e328..d796c165 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java @@ -1,7 +1,11 @@ package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; +import java.io.IOException; +import java.io.InputStream; import java.security.Provider; import java.security.Security; +import java.util.Iterator; +import java.util.Map.Entry; import javax.annotation.PostConstruct; import javax.xml.parsers.DocumentBuilder; @@ -10,13 +14,16 @@ import javax.xml.parsers.ParserConfigurationException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.w3c.dom.Document; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.Configurator; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import at.gv.egovernment.moaspss.util.DOMUtils; import iaik.asn1.structures.AlgorithmID; import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; @@ -25,6 +32,7 @@ public abstract class AbstractSignatureService { private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class); private static boolean isMOASigInitialized = false; + @Autowired(required=false) ISchemaRessourceProvider[] schemas; @PostConstruct private synchronized void initialize() throws MOASigServiceConfigurationException { @@ -66,6 +74,30 @@ public abstract class AbstractSignatureService { } + + //Inject additional XML schemes + if (schemas != null && schemas.length > 0) { + log.debug("Infjecting additional XML schemes ... "); + for (final ISchemaRessourceProvider el : schemas) { + final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator(); + while (xmlSchemeIt.hasNext()) { + final Entry<String, InputStream> xmlDef = xmlSchemeIt.next(); + try { + DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey()); + log.info("Inject XML scheme: {}", xmlDef.getKey()); + + } catch (final IOException e) { + log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e); + + } + + } + } + + } else + log.trace("No additional XML schemes to inject. Skip this feature"); + + isMOASigInitialized = true; } else diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java index 1608490d..ca20ce0f 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java @@ -221,12 +221,12 @@ public class SignatureVerificationService extends AbstractSignatureService imple verifySignatureLocationElem.appendChild(signatureLocation); // signature manifest params - final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); - requestElem_.appendChild(signatureManifestCheckParamsElem); - signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); + if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { + final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); + requestElem_.appendChild(signatureManifestCheckParamsElem); + signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); - //verify transformations - if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { + //verify transformations final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); signatureManifestCheckParamsElem.appendChild(referenceInfoElem); for (final String element : verifyTransformsInfoProfileID) { |