summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_moa-sig
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2019-11-28 09:24:08 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2019-11-28 09:24:08 +0100
commit34c69761dc8653ac8dbaf426880a3d3737fde0ae (patch)
treecbbc03cab9edddcdb91bd249e548cb0103082f6c /eaaf_modules/eaaf_module_moa-sig
parentd19b97c97b0d333bcdb885516b0e0f90d28bfa41 (diff)
downloadEAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.gz
EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.tar.bz2
EAAF-Components-34c69761dc8653ac8dbaf426880a3d3737fde0ae.zip
refactor MOA-Sig initialization to treat with initialization problems on some system
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig')
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java144
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java108
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java13
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java98
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml9
5 files changed, 210 insertions, 162 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
index d796c165..d9778156 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
@@ -1,118 +1,23 @@
package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Iterator;
-import java.util.Map.Entry;
-
-import javax.annotation.PostConstruct;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
import org.w3c.dom.Document;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
-import at.gv.egovernment.moa.spss.MOAException;
-import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
-import at.gv.egovernment.moaspss.util.DOMUtils;
-import iaik.asn1.structures.AlgorithmID;
-import iaik.security.ec.provider.ECCelerate;
-import iaik.security.provider.IAIK;
public abstract class AbstractSignatureService {
private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class);
- private static boolean isMOASigInitialized = false;
-
- @Autowired(required=false) ISchemaRessourceProvider[] schemas;
-
- @PostConstruct
- private synchronized void initialize() throws MOASigServiceConfigurationException {
-
- if (!isMOASigInitialized) {
- log.info("Initializing MOA-Sig signature-verification service ... ");
- log.info("Loading Java security providers.");
- IAIK.addAsProvider();
- ECCelerate.addAsProvider();
-
- try {
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext("startup"));
- log.debug("MOA-Sig library initialization process ... ");
- Configurator.getInstance().init();
- log.info("MOA-Sig library initialization complete ");
-
- } catch (final MOAException e) {
- log.error("MOA-SP initialization FAILED!", e.getWrapped());
- throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
- .toString() }, e);
- }
-
- Security.insertProviderAt(IAIK.getInstance(), 0);
-
- final ECCelerate eccProvider = ECCelerate.getInstance();
- if (Security.getProvider(eccProvider.getName()) != null)
- Security.removeProvider(eccProvider.getName());
- Security.addProvider(new ECCelerate());
-
- fixJava8_141ProblemWithSSLAlgorithms();
-
- if (log.isDebugEnabled()) {
- log.debug("Loaded Security Provider:");
- final Provider[] providerList = Security.getProviders();
- for (int i=0; i<providerList.length; i++)
- log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
-
- }
-
-
- //Inject additional XML schemes
- if (schemas != null && schemas.length > 0) {
- log.debug("Infjecting additional XML schemes ... ");
- for (final ISchemaRessourceProvider el : schemas) {
- final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator();
- while (xmlSchemeIt.hasNext()) {
- final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
- try {
- DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
- log.info("Inject XML scheme: {}", xmlDef.getKey());
-
- } catch (final IOException e) {
- log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
-
- }
-
- }
- }
-
- } else
- log.trace("No additional XML schemes to inject. Skip this feature");
-
-
- isMOASigInitialized = true;
-
- } else
- log.info("MOA-Sig is already initialized. Skipping this steps ... ");
-
- internalInitializer();
-
- }
-
- /**
- * Executed in <code>@PostConstruct</code> as last step
- *
- */
- abstract protected void internalInitializer();
-
/**
* Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because
* {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe.
@@ -126,20 +31,29 @@ public abstract class AbstractSignatureService {
}
- private static void fixJava8_141ProblemWithSSLAlgorithms() {
- log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
- //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
- new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
- new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
- new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
- new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
- new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
-
- log.info("Change AlgorithmIDs finished");
- }
+ /**
+ * Set up the thread-local context information needed for calling the various
+ * <code>Invoker</code> classes.
+ *
+ * @throws ConfigurationException An error occurred setting up the
+ * configuration in the <code>TransactionContext</code>.
+ */
+ protected final void setUpContexts( String transactionID) throws ConfigurationException {
+ final TransactionContextManager txMgr = TransactionContextManager.getInstance();
+ final LoggingContextManager logMgr = LoggingContextManager.getInstance();
+
+ if (txMgr.getTransactionContext() == null) {
+ final TransactionContext ctx = new TransactionContext(transactionID, null, ConfigurationProvider.getInstance());
+ txMgr.setTransactionContext(ctx);
+
+ }
+
+ if (logMgr.getLoggingContext() == null) {
+ final LoggingContext ctx = new LoggingContext(transactionID);
+ logMgr.setLoggingContext(ctx);
+
+ }
+
+ }
+
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
new file mode 100644
index 00000000..b287357c
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java
@@ -0,0 +1,108 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.Provider;
+import java.security.Security;
+import java.util.Iterator;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import iaik.asn1.structures.AlgorithmID;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
+
+public class MoaSigInitializer {
+ private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class);
+
+ @Autowired(required=false) ISchemaRessourceProvider[] schemas;
+
+ @PostConstruct
+ private synchronized void initialize() throws MOASigServiceConfigurationException {
+ log.info("Initializing MOA-Sig signature-verification service ... ");
+
+ log.info("Loading Java security providers.");
+ IAIK.addAsProvider();
+ ECCelerate.addAsProvider();
+
+ try {
+ LoggingContextManager.getInstance().setLoggingContext(
+ new LoggingContext("startup"));
+ log.debug("MOA-Sig library initialization process ... ");
+ Configurator.getInstance().init();
+ log.info("MOA-Sig library initialization complete ");
+
+ } catch (final MOAException e) {
+ log.error("MOA-SP initialization FAILED!", e.getWrapped());
+ throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
+ .toString() }, e);
+ }
+
+ Security.insertProviderAt(IAIK.getInstance(), 0);
+
+ final ECCelerate eccProvider = ECCelerate.getInstance();
+ if (Security.getProvider(eccProvider.getName()) != null)
+ Security.removeProvider(eccProvider.getName());
+ Security.addProvider(new ECCelerate());
+
+ fixJava8_141ProblemWithSSLAlgorithms();
+
+ if (log.isDebugEnabled()) {
+ log.debug("Loaded Security Provider:");
+ final Provider[] providerList = Security.getProviders();
+ for (int i=0; i<providerList.length; i++)
+ log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
+
+ }
+
+
+ //Inject additional XML schemes
+ if (schemas != null && schemas.length > 0) {
+ log.debug("Infjecting additional XML schemes ... ");
+ for (final ISchemaRessourceProvider el : schemas) {
+ final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator();
+ while (xmlSchemeIt.hasNext()) {
+ final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
+ try {
+ DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
+ log.info("Inject XML scheme: {}", xmlDef.getKey());
+
+ } catch (final IOException e) {
+ log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
+
+ }
+
+ }
+ }
+ }
+ }
+
+ private static void fixJava8_141ProblemWithSSLAlgorithms() {
+ log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+ //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
+ new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
+ new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
+ new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
+ new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
+ new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+
+ log.info("Change AlgorithmIDs finished");
+ }
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
index 0dcb0960..59e7b516 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java
@@ -1,21 +1,28 @@
package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+import javax.annotation.PostConstruct;
+
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureCreationService;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker;
@Service(value="moaSigCreateService")
public class SignatureCreationService extends AbstractSignatureService implements ISignatureCreationService{
private static final Logger log = LoggerFactory.getLogger(SignatureCreationService.class);
- private at.gv.egovernment.moa.spss.api.SignatureCreationService scs = null;
+ private XMLSignatureCreationInvoker xadesInvoker;
+ private CMSSignatureCreationInvoker cadesInvoker;
+
- @Override
+ @PostConstruct
protected void internalInitializer() {
log.debug("Instanzing SignatureCreationService implementation ... ");
- scs = at.gv.egovernment.moa.spss.api.SignatureCreationService.getInstance();
+ xadesInvoker = XMLSignatureCreationInvoker.getInstance();
+ cadesInvoker = CMSSignatureCreationInvoker.getInstance();
log.info("MOA-Sig signature-creation service initialized");
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
index e09bc8b4..c77f3097 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -4,6 +4,8 @@ import java.io.ByteArrayInputStream;
import java.security.cert.CertificateEncodingException;
import java.util.List;
+import javax.annotation.PostConstruct;
+
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.Nullable;
@@ -28,6 +30,8 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
import at.gv.egovernment.moaspss.util.Constants;
@@ -44,7 +48,8 @@ public class SignatureVerificationService extends AbstractSignatureService imple
private static final String DSIG = Constants.DSIG_PREFIX + ":";
private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
- private at.gv.egovernment.moa.spss.api.SignatureVerificationService svs;
+ private CMSSignatureVerificationInvoker cadesInvoker;
+ private XMLSignatureVerificationInvoker xadesInvocer;
/* (non-Javadoc)
* @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyCMSSignature(byte[], java.lang.String)
@@ -53,8 +58,12 @@ public class SignatureVerificationService extends AbstractSignatureService imple
@Nullable
public ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) throws MOASigServiceException {
try {
+ //setup context
+ setUpContexts(Thread.currentThread().getName());
+
+ //verify signature
final VerifyCMSSignatureRequest cmsSigVerifyReq = buildVerfifyCMSRequest(signature, trustProfileID, false, false);
- final VerifyCMSSignatureResponse cmsSigVerifyResp = svs.verifyCMSSignature(cmsSigVerifyReq );
+ final VerifyCMSSignatureResponse cmsSigVerifyResp = cadesInvoker.verifyCMSSignature(cmsSigVerifyReq );
return parseCMSVerificationResult(cmsSigVerifyResp);
} catch (final MOAException e) {
@@ -69,43 +78,6 @@ public class SignatureVerificationService extends AbstractSignatureService imple
}
- private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
-
- if (cmsSigVerifyResp.getResponseElements() == null ||
- cmsSigVerifyResp.getResponseElements().isEmpty()) {
- log.info("No CMS signature FOUND. ");
- return null;
-
- }
-
- if (cmsSigVerifyResp.getResponseElements().size() > 1)
- log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
-
- final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
-
- final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result =
- new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
-
- //parse results into response container
- result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
- result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
-
- if (firstSig.getSignerInfo() != null) {
- result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
- result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
- result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
-
- result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
- result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
-
- } else
- log.info("CMS or CAdES verification result contains no SignerInfo");
-
- return result;
- }
-
-
-
/* (non-Javadoc)
* @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String)
*/
@@ -137,12 +109,15 @@ public class SignatureVerificationService extends AbstractSignatureService imple
@Override
public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List<String> verifyTransformsInfoProfileID, String xpathSignatureLocation) throws MOASigServiceException {
try {
+ //setup context
+ setUpContexts(Thread.currentThread().getName());
+
//build signature-verification request
final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID, xpathSignatureLocation);
//send signature-verification to MOA-Sig
final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest);
- final VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
+ final VerifyXMLSignatureResponse vsresponse = xadesInvocer.verifyXMLSignature(vsrequest);
final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
// parses the <IXMLSignatureVerificationResponse>
@@ -163,6 +138,41 @@ public class SignatureVerificationService extends AbstractSignatureService imple
}
}
+private ICMSSignatureVerificationResponse parseCMSVerificationResult(VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException {
+
+ if (cmsSigVerifyResp.getResponseElements() == null ||
+ cmsSigVerifyResp.getResponseElements().isEmpty()) {
+ log.info("No CMS signature FOUND. ");
+ return null;
+
+ }
+
+ if (cmsSigVerifyResp.getResponseElements().size() > 1)
+ log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature");
+
+ final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0);
+
+ final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result =
+ new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse();
+
+ //parse results into response container
+ result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode());
+ result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode());
+
+ if (firstSig.getSignerInfo() != null) {
+ result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime());
+ result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded());
+ result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate());
+
+ result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority());
+ result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID());
+
+ } else
+ log.info("CMS or CAdES verification result contains no SignerInfo");
+
+ return result;
+ }
+
/**
* Build a VerifyCMS-Siganture request for MOA-Sig.
* <br><br>
@@ -274,10 +284,14 @@ public class SignatureVerificationService extends AbstractSignatureService imple
}
- @Override
+
+
+ @PostConstruct
protected void internalInitializer() {
log.debug("Instanzing SignatureVerificationService implementation ... ");
- svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();
+ //svs = at.gv.egovernment.moa.spss.api.SignatureVerificationService.getInstance();
+ cadesInvoker = CMSSignatureVerificationInvoker.getInstance();
+ xadesInvocer = XMLSignatureVerificationInvoker.getInstance();
log.info("MOA-Sig signature-verification service initialized");
}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
index 2f5408b6..60b75f3c 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml
@@ -11,10 +11,15 @@
<context:annotation-config />
+ <bean id="moaSigInitializer"
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.MoaSigInitializer" />
+
<bean id="moaSigVerifyService"
- class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService" />
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService"
+ depends-on="moaSigInitializer" />
<bean id="moaSigCreateService"
- class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureCreationService" />
+ class="at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureCreationService"
+ depends-on="moaSigInitializer" />
</beans> \ No newline at end of file