diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src/main/java')
26 files changed, 818 insertions, 478 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/ISignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/ISignatureCreationService.java new file mode 100644 index 00000000..dbf5846b --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/ISignatureCreationService.java @@ -0,0 +1,5 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.api; + +public interface ISignatureCreationService { + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/ISignatureVerificationService.java new file mode 100644 index 00000000..1a0df63c --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/ISignatureVerificationService.java @@ -0,0 +1,191 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.api; + +import java.util.Date; +import java.util.List; +import java.util.Map; + +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IPdfSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException; + +public interface ISignatureVerificationService { + + /** + * Verify a CAdES or CMS signature. <br> + * <br> + * <i>This method only validates the first CMS or CAdES signature if more than + * one signature exists</i> + * + * @param signature Enveloped CMS or CAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return {@link ICmsSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + ICmsSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID) + throws MoaSigServiceException; + + /** + * Verify a CAdES or CMS signature. <br> + * <br> + * <i>This method only validates the first CMS or CAdES signature if more than + * one signature exists</i> + * + * @param signature Enveloped CMS or CAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @param performExtendedValidation If <code>true</code> than MOA-Sig perform extended validation on this signature. + * @return {@link ICmsSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + ICmsSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID, + boolean performExtendedValidation) throws MoaSigServiceException; + + + /** + * Verify a PAdES or PDF signature. + * + * @param pdf PDF document + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return {@link List} of {@link IPdfSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + List<IPdfSignatureVerificationResponse> verifyPdfSignature(byte[] pdf, String trustProfileID) + throws MoaSigServiceException; + + + /** + * Verify a PAdES or PDF signature. + * + * @param pdf PDF document + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @param performExtendedValidation If <code>true</code> than MOA-Sig perform extended validation on this signature. + * @return {@link List} of {@link IPdfSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + List<IPdfSignatureVerificationResponse> verifyPdfSignature(byte[] pdf, String trustProfileID, + boolean performExtendedValidation) throws MoaSigServiceException; + + + /** + * Verify a XML or XAdES signature. <br> + * <br> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID) + throws MoaSigServiceException; + + /** + * Verify a XML or XAdES signature. <br> + * <br> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @param signingDate Signature timestamp + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + Date signingDate) throws MoaSigServiceException; + + /** + * Verify a XML or XAdES signature. <br> + * <br> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that + * should be used for + * signature-verification + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException; + + /** + * Verify a XML or XAdES signature. <br> + * <br> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param signatureLocationXpath Xpath that points to location of Signature + * element + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + String signatureLocationXpath) throws MoaSigServiceException; + + /** + * Verify a XML or XAdES signature. <br> + * <br> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that + * should be used for + * signature-verification + * @param signatureLocationXpath Xpath that points to location of + * Signature element + * @param signingDate Signature timestamp + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + List<String> verifyTransformsInfoProfileID, String signatureLocationXpath, Date signingDate) + throws MoaSigServiceException; + + + /** + * Verify a XML or XAdES signature. <br> + * <br> + * <i>This method only validates the first XML or XAdES signature if more than + * one signature exists</i> + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig + * configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that + * should be used for + * signature-verification + * @param signatureLocationXpath Xpath that points to location of + * Signature element + * @param signingDate Signature timestamp + * @param supplementContent Map that contains supplement profile content; keyed by references. Each entry + * in this map becomes a Content/Base64Content child in the SupplementProfile + * node. + * @return @link {@link IXmlSignatureVerificationResponse}, or null if no + * signature was found + * @throws MoaSigServiceException on signatue-verification error + */ + IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, + final String trustProfileID, final List<String> verifyTransformsInfoProfileID, + final String signatureLocationXpath, Date signingDate, + final Map<String, byte[]> supplementContent) throws MoaSigServiceException; +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java index 5e7a4564..f3d1dffc 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/ICmsSignatureVerificationResponse.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; +package at.gv.egiz.eaaf.modules.sigverify.moasig.api.data; public interface ICmsSignatureVerificationResponse extends IGenericSignatureVerificationResponse { diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java index 8ebd90be..8e8511fa 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java @@ -1,10 +1,15 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; +package at.gv.egiz.eaaf.modules.sigverify.moasig.api.data; import java.util.Date; +import java.util.List; + +import javax.annotation.Nonnull; import org.springframework.lang.Nullable; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.GenericSignatureVerificationResponse.ExtendedCertificateValidation; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.GenericSignatureVerificationResponse.ExtendedResult; import iaik.x509.X509Certificate; public interface IGenericSignatureVerificationResponse { @@ -71,4 +76,34 @@ public interface IGenericSignatureVerificationResponse { @Nullable String getPublicAuthorityCode(); + + /** + * Return the signature-algorithm that was used for signing or <code>null</code> if no result exists. + * <br> + * <p>This result requires extended validation.</p> + * + * @return + */ + @Nullable + String getSignatureAlgorithmIdentifier(); + + /** + * Return the extended certificate-validation result or <code>null</code> if no result exists. + * <br> + * <p>This result requires extended validation.</p> + * + * @return + */ + @Nullable + ExtendedCertificateValidation getExtendedCertificateValidation(); + + /** + * Return the form-validation result or an empty list if no result exists. + * <br> + * <p>This result requires extended validation.</p> + * + * @return + */ + @Nonnull + List<ExtendedResult> getFormValidationResults(); } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IPdfSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IPdfSignatureVerificationResponse.java new file mode 100644 index 00000000..1bf2d7b2 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IPdfSignatureVerificationResponse.java @@ -0,0 +1,29 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.api.data; + +import java.util.List; + +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse.CoversFullDocument; + +/** + * PDF specific signature-verification response. + * + * @author tlenz + * + */ +public interface IPdfSignatureVerificationResponse extends IGenericSignatureVerificationResponse { + + /** + * Flag if signature covers the full pdf-document. + * + * @return + */ + CoversFullDocument getSignatureCoversFullDocument(); + + /** + * PDF signing ranges as {@link List} of {@link Pair} of starting-byte and byte-length. + * + * @return + */ + List<Pair<Integer, Integer>> getByteRange(); +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java index 17d5fa59..edbbf628 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; +package at.gv.egiz.eaaf.modules.sigverify.moasig.api.data; import java.io.InputStream; import java.util.Map; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java index 5b766917..c7d0b276 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/api/data/IXmlSignatureVerificationResponse.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; +package at.gv.egiz.eaaf.modules.sigverify.moasig.api.data; /** * XML signature verification result. diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java index e32ab932..560732c3 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceBuilderException.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; +package at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions; public class MoaSigServiceBuilderException extends MoaSigServiceException { diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java index fd5f8caf..97817e01 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceConfigurationException.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; +package at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions; public class MoaSigServiceConfigurationException extends MoaSigServiceException { diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceException.java index a4fb6290..56277d7d 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceException.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceException.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; +package at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions; import at.gv.egiz.eaaf.core.exceptions.EaafServiceException; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java index a47b45e0..760e293f 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/exceptions/MoaSigServiceParserException.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; +package at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions; public class MoaSigServiceParserException extends MoaSigServiceException { diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/AbstractSignatureService.java index d2cab2ef..942cd35c 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/AbstractSignatureService.java @@ -1,4 +1,7 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; + +import java.security.Provider; +import java.security.Security; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; @@ -10,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.w3c.dom.Document; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; @@ -47,25 +49,41 @@ public abstract class AbstractSignatureService { protected final void setUpContexts(final String transactionID) throws ConfigurationException { final TransactionContextManager txMgr = TransactionContextManager.getInstance(); final LoggingContextManager logMgr = LoggingContextManager.getInstance(); - + if (txMgr.getTransactionContext() == null) { log.debug("Set not MOA-Sig transaction context"); final TransactionContext ctx = - new TransactionContext(transactionID, null, ConfigurationProvider.getInstance()); + new TransactionContext(transactionID, null, moaSigConfig.getConfigHolder().getMoaSpssConfig()); txMgr.setTransactionContext(ctx); } + //set Logging context into MOA-Sig if (logMgr.getLoggingContext() == null) { final LoggingContext ctx = new LoggingContext(transactionID); logMgr.setLoggingContext(ctx); } - new IaikConfigurator().configure(ConfigurationProvider.getInstance()); + //dump Java Security-Providers + if (log.isTraceEnabled()) { + log.trace("Set-Up verifier Bean: {}", this); + dumpSecProviders("MOA-Sig Context-Set-Up"); + + } + + new IaikConfigurator().configure(moaSigConfig.getConfigHolder().getMoaSpssConfig()); } + private static void dumpSecProviders(String message) { + log.trace("Security Providers: {}", message); + for (final Provider provider : Security.getProviders()) { + log.trace(" - {} - {}", provider.getName(), provider.getVersion()); + + } + } + /** * Tear down thread-local context information. */ diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java index 77bbc88b..dc4aa4c0 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigInitializer.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; import java.io.IOException; import java.io.InputStream; @@ -7,23 +7,23 @@ import java.security.Security; import java.util.Iterator; import java.util.Map.Entry; -import javax.annotation.Nonnull; import javax.annotation.PostConstruct; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceConfigurationException; -import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.Configurator; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceConfigurationException; +import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import at.gv.egovernment.moaspss.util.DOMUtils; import iaik.asn1.structures.AlgorithmID; import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; +import lombok.Getter; public class MoaSigInitializer { private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class); @@ -31,18 +31,12 @@ public class MoaSigInitializer { @Autowired(required = false) ISchemaRessourceProvider[] schemas; - private Configurator moaSigConfigurator; - /** * Get MOA-Sig configuration object. - * - * @return moa-sig configuration */ - @Nonnull - public Configurator getMoaSigConfigurator() { - return moaSigConfigurator; + @Getter + private StartupConfigurationHolder configHolder; - } @PostConstruct private synchronized void initialize() throws MoaSigServiceConfigurationException { @@ -55,27 +49,18 @@ public class MoaSigInitializer { try { LoggingContextManager.getInstance().setLoggingContext(new LoggingContext("startup")); log.debug("MOA-Sig library initialization process ... "); - Configurator.getInstance().init(); + configHolder = SystemInitializer.init(); log.info("MOA-Sig library initialization complete "); - Security.insertProviderAt(IAIK.getInstance(), 0); - - final ECCelerate eccProvider = ECCelerate.getInstance(); - if (Security.getProvider(eccProvider.getName()) != null) { - Security.removeProvider(eccProvider.getName()); - } - Security.addProvider(new ECCelerate()); - fixJava8_141ProblemWithSslAlgorithms(); if (log.isDebugEnabled()) { log.debug("Loaded Security Provider:"); final Provider[] providerList = Security.getProviders(); for (int i = 0; i < providerList.length; i++) { - log.debug( - i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion()); + log.debug("{}: {} Version {}", i, providerList[i].getName(), providerList[i].getVersion()); + } - } // Inject additional XML schemes @@ -99,10 +84,8 @@ public class MoaSigInitializer { } } - moaSigConfigurator = Configurator.getInstance(); - - } catch (final MOAException e) { - log.error("MOA-SP initialization FAILED!", e.getWrapped()); + } catch (final RuntimeException e) { + log.error("MOA-SP initialization FAILED!", e); throw new MoaSigServiceConfigurationException("service.moasig.04", new Object[] { e.toString() }, e); } diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java index d09b26de..b5e190d8 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigSpringResourceProvider.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java index 559af62a..0d8b7975 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureCreationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java @@ -1,4 +1,4 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; import javax.annotation.PostConstruct; @@ -6,7 +6,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureCreationService; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.ISignatureCreationService; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java index 8fc4086e..79f39e65 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java @@ -1,11 +1,17 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; import java.io.ByteArrayInputStream; import java.security.cert.CertificateEncodingException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.Iterator; import java.util.List; +import java.util.Map; import javax.annotation.PostConstruct; +import org.apache.commons.lang3.time.DateFormatUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.lang.Nullable; @@ -15,12 +21,17 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceBuilderException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.ISignatureVerificationService; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IPdfSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceBuilderException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.GenericSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse.CoversFullDocument; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; @@ -50,6 +61,8 @@ public class SignatureVerificationService extends AbstractSignatureService private static final String DSIG = Constants.DSIG_PREFIX + ":"; private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature"; + public static final String PATTERN_ISSUE_INSTANT = "yyyy-MM-dd'T'HH:mm:ssXXX"; + private CMSSignatureVerificationInvoker cadesInvoker; private XMLSignatureVerificationInvoker xadesInvocer; @@ -63,13 +76,20 @@ public class SignatureVerificationService extends AbstractSignatureService @Nullable public ICmsSignatureVerificationResponse verifyCmsSignature(final byte[] signature, final String trustProfileID) throws MoaSigServiceException { + return verifyCmsSignature(signature, trustProfileID, false); + + } + + @Override + public ICmsSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID, + boolean performExtendedValidation) throws MoaSigServiceException { try { // setup context setUpContexts(Thread.currentThread().getName()); // verify signature final VerifyCMSSignatureRequest cmsSigVerifyReq = - buildVerfifyCmsRequest(signature, trustProfileID, false, false); + buildVerfifyCmsRequest(signature, trustProfileID, false, performExtendedValidation); final VerifyCMSSignatureResponse cmsSigVerifyResp = cadesInvoker.verifyCMSSignature(cmsSigVerifyReq); return parseCmsVerificationResult(cmsSigVerifyResp); @@ -87,9 +107,43 @@ public class SignatureVerificationService extends AbstractSignatureService tearDownContexts(); } - } + + @Override + public List<IPdfSignatureVerificationResponse> verifyPdfSignature(byte[] pdf, String trustProfileID) + throws MoaSigServiceException { + return verifyPdfSignature(pdf, trustProfileID, false); + + } + + @Override + public List<IPdfSignatureVerificationResponse> verifyPdfSignature(byte[] pdf, String trustProfileID, + boolean performExtendedValidation) throws MoaSigServiceException { + try { + // setup context + setUpContexts(Thread.currentThread().getName()); + + // verify signature + final VerifyCMSSignatureResponse cmsSigVerifyResp = cadesInvoker.verifyCMSSignature( + buildVerfifyCmsRequest(pdf, trustProfileID, true, performExtendedValidation)); + + return parsePdfVerificationResult(cmsSigVerifyResp); + + } catch (final MOAException e) { + log.warn("PDF signature verification has an error.", e); + throw new MoaSigServiceException("service.03", new Object[] { e.toString() }, e); + } catch (final CertificateEncodingException e) { + log.warn("Can NOT serialize X509 certificate from PDF/PAdES signature-verification response", + e); + throw new MoaSigServiceException("service.03", new Object[] { e.toString() }, e); + + } finally { + tearDownContexts(); + + } + } + /* * (non-Javadoc) * @@ -99,7 +153,8 @@ public class SignatureVerificationService extends AbstractSignatureService @Override public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID) throws MoaSigServiceException { - return verifyXmlSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION); + return verifyXmlSignature(signature, trustProfileID, null, DEFAULT_XPATH_SIGNATURE_LOCATION, null, + Collections.emptyMap()); } @@ -115,7 +170,7 @@ public class SignatureVerificationService extends AbstractSignatureService final String trustProfileID, final List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException { return verifyXmlSignature(signature, trustProfileID, verifyTransformsInfoProfileID, - DEFAULT_XPATH_SIGNATURE_LOCATION); + DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); } /* @@ -129,27 +184,37 @@ public class SignatureVerificationService extends AbstractSignatureService public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID, final String signatureLocationXpath) throws MoaSigServiceException { - return verifyXmlSignature(signature, trustProfileID, null, signatureLocationXpath); + return verifyXmlSignature(signature, trustProfileID, null, signatureLocationXpath, null, Collections.emptyMap()); } - /* - * (non-Javadoc) - * - * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl. - * ISignatureVerificationService# verifyXMLSignature(byte[], java.lang.String, - * java.util.List, java.lang.String) - */ + @Override + public IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, + Date signingDate) throws MoaSigServiceException { + return verifyXmlSignature(signature, trustProfileID, null, + DEFAULT_XPATH_SIGNATURE_LOCATION, signingDate, Collections.emptyMap()); + } + + @Override public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, final String trustProfileID, final List<String> verifyTransformsInfoProfileID, - final String xpathSignatureLocation) throws MoaSigServiceException { + final String xpathSignatureLocation, Date signingDate) throws MoaSigServiceException { + return verifyXmlSignature(signature, trustProfileID, verifyTransformsInfoProfileID, xpathSignatureLocation, + signingDate, Collections.emptyMap()); + } + + @Override + public IXmlSignatureVerificationResponse verifyXmlSignature(final byte[] signature, + final String trustProfileID, final List<String> verifyTransformsInfoProfileID, + final String xpathSignatureLocation, Date signingDate, final Map<String, byte[]> supplementContent) + throws MoaSigServiceException { try { // setup context setUpContexts(Thread.currentThread().getName()); // build signature-verification request final Element domVerifyXmlSignatureRequest = buildVerifyXmlRequest(signature, trustProfileID, - verifyTransformsInfoProfileID, xpathSignatureLocation); + verifyTransformsInfoProfileID, xpathSignatureLocation, signingDate, supplementContent); // send signature-verification to MOA-Sig final VerifyXMLSignatureRequest vsrequest = @@ -191,33 +256,90 @@ public class SignatureVerificationService extends AbstractSignatureService log.warn( "CMS or CAdES signature contains more than one technical signatures. Only validate the first signature"); } + + return (ICmsSignatureVerificationResponse) parseBasisSignatureInformation( + new at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse(), + (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0)); + } + + private List<IPdfSignatureVerificationResponse> parsePdfVerificationResult( + VerifyCMSSignatureResponse cmsSigVerifyResp) throws CertificateEncodingException { + + List<IPdfSignatureVerificationResponse> result = new ArrayList<>(); + if (cmsSigVerifyResp.getResponseElements() == null + || cmsSigVerifyResp.getResponseElements().isEmpty()) { + log.info("No CMS signature FOUND. "); + + } else { + Iterator<?> it = cmsSigVerifyResp.getResponseElements().iterator(); + while (it.hasNext()) { + VerifyCMSSignatureResponseElement el = (VerifyCMSSignatureResponseElement) it.next(); + VerifyPdfSignatureResponse pdfSigResult = + (VerifyPdfSignatureResponse) parseBasisSignatureInformation(new VerifyPdfSignatureResponse(), el); + + pdfSigResult.setSignatureCoversFullDocument( + el.getCoversFullDocument() != null + ? el.getCoversFullDocument() ? CoversFullDocument.YES : CoversFullDocument.NO + : CoversFullDocument.UNKNOWN); + pdfSigResult.setByteRange(convertByteRanges(el.getByteRangeOfSignature())); + result.add(pdfSigResult); + + } + } + + return result; + + } + + private List<Pair<Integer, Integer>> convertByteRanges(int[] byteRangeOfSignature) { + List<Pair<Integer, Integer>> result = new ArrayList<>(); + + if (byteRangeOfSignature != null) { + for (int i = 0; i < byteRangeOfSignature.length / 2; i++) { + result.add(Pair.newInstance( + Integer.valueOf(byteRangeOfSignature[i]), + Integer.valueOf(byteRangeOfSignature[i + 1]))); + + } + } else { + log.debug("PDF signature-verification result contains no byte-range information"); + + } + + return result; + } - final VerifyCMSSignatureResponseElement firstSig = - (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0); - - final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse result = - new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCmsSignatureResponse(); - + private GenericSignatureVerificationResponse parseBasisSignatureInformation( + GenericSignatureVerificationResponse result, VerifyCMSSignatureResponseElement resp) + throws CertificateEncodingException { // parse results into response container - result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode()); - result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode()); + result.setSignatureCheckCode(resp.getSignatureCheck().getCode()); + result.setCertificateCheckCode(resp.getCertificateCheck().getCode()); - if (firstSig.getSignerInfo() != null) { - result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime()); + if (resp.getSignerInfo() != null) { + result.setSigningDateTime(resp.getSignerInfo().getSigningTime()); result - .setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded()); - result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate()); + .setX509CertificateEncoded(resp.getSignerInfo().getSignerCertificate().getEncoded()); + result.setQualifiedCertificate(resp.getSignerInfo().isQualifiedCertificate()); - result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority()); - result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID()); + result.setPublicAuthority(resp.getSignerInfo().isPublicAuthority()); + result.setPublicAuthorityCode(resp.getSignerInfo().getPublicAuhtorityID()); } else { log.info("CMS or CAdES verification result contains no SignerInfo"); + } - + + + //TODO: add extended validation infos + result.setSignatureAlgorithmIdentifier(resp.getSignatureAlgorithm()); + result.setExtendedCertificateCheckResult(resp.getExtendedCertificateCheck()); + result.setFormValidationResults(resp.getAdESFormResults()); + return result; + } - + /** * Build a VerifyCMS-Siganture request for MOA-Sig. <br> * <br> @@ -258,15 +380,21 @@ public class SignatureVerificationService extends AbstractSignatureService * used for validation * @param xpathSignatureLocation Xpath that points to location of * Signature element + * @param sigValDate Signature timestamp + * @param supplementContent Map that contains supplement profile content; keyed by references. Each entry + * in this map becomes a Content/Base64Content child in the SupplementProfile + * node. Use this map to specify content of references that the verification + * service cannot resolve. * @return MOA-Sig verification request element * @throws MoaSigServiceBuilderException In case of an error */ private Element buildVerifyXmlRequest(final byte[] signature, final String trustProfileID, - final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation) - throws MoaSigServiceBuilderException { + final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation, + Date sigValDate, final Map<String, byte[]> supplementContent) throws MoaSigServiceBuilderException { try { // build empty document final Document requestDoc_ = getNewDocumentBuilder(); + final Element requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); @@ -275,6 +403,18 @@ public class SignatureVerificationService extends AbstractSignatureService requestDoc_.appendChild(requestElem_); // build the request + + // build set signing time + if (sigValDate != null) { + final Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime"); + requestElem_.appendChild(dateTimeElem); + final Node dateTime = requestDoc_.createTextNode( + DateFormatUtils.format(sigValDate, PATTERN_ISSUE_INSTANT)); + dateTimeElem.appendChild(dateTime); + + } + + //set other parameters final Element verifiySignatureInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); requestElem_.appendChild(verifiySignatureInfoElem); @@ -334,6 +474,25 @@ public class SignatureVerificationService extends AbstractSignatureService trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID)); requestElem_.appendChild(trustProfileIdElem); + // add supplement profile + if (!supplementContent.isEmpty()) { + + final Element supplementProfile = requestDoc_.createElementNS(MOA_NS_URI, "SupplementProfile"); + + for (Map.Entry<String, byte[]> entry: supplementContent.entrySet()) { + String reference = entry.getKey(); + byte[] contentBytes = entry.getValue(); + final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content"); + content.setAttribute("Reference", reference); + final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + b64content.setTextContent(Base64Utils.encodeToString(contentBytes)); + content.appendChild(b64content); + supplementProfile.appendChild(content); + } + + requestElem_.appendChild(supplementProfile); + } + return requestElem_; } catch (final Throwable t) { @@ -342,7 +501,6 @@ public class SignatureVerificationService extends AbstractSignatureService t); } - } @PostConstruct diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java new file mode 100644 index 00000000..6006b731 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java @@ -0,0 +1,223 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data; + +import java.io.Serializable; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.List; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; +import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; +import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; +import iaik.x509.X509Certificate; +import lombok.Builder; +import lombok.Getter; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +@Getter +@Setter +public class GenericSignatureVerificationResponse + implements IGenericSignatureVerificationResponse, Serializable { + + private static final long serialVersionUID = -7751001050689401118L; + + /** The signing time. */ + private Date signingDateTime; + + /** The signatureCheckCode to be stored. */ + private int signatureCheckCode; + + /** The certificateCheckCode to be stored. */ + private int certificateCheckCode; + + /** The publicAuthority to be stored. */ + private boolean publicAuthority; + + /** The publicAuthorityCode to be stored. */ + private String publicAuthorityCode; + + /** The qualifiedCertificate to be stored. */ + private boolean qualifiedCertificate; + + private byte[] x509CertificateEncoded; + + /** + * Identifier of the signing algorithm. + */ + private String signatureAlgorithmIdentifier; + + private ExtendedCertificateValidation extendedCertificateValidation; + + private List<ExtendedResult> formValidationResults = null; + + @Override + public Date getSigningDateTime() { + if (this.signingDateTime != null) { + return new Date(this.signingDateTime.getTime()); + } + return null; + + } + + @Override + public X509Certificate getX509Certificate() throws MoaSigServiceException { + if (x509CertificateEncoded != null) { + try { + return new X509Certificate(x509CertificateEncoded); + + } catch (final CertificateException e) { + log.error("Can NOT parse X509 certifcate in " + + GenericSignatureVerificationResponse.class.getName(), e); + throw new MoaSigServiceParserException("service.moasig.01", null, e); + } + + } + + return null; + + } + + @Override + public byte[] getX509CertificateEncoded() { + if (this.x509CertificateEncoded != null) { + return this.x509CertificateEncoded.clone(); + + } + return null; + + } + + @Override + public String getPublicAuthorityCode() { + if (StringUtils.isNotEmpty(this.publicAuthorityCode)) { + return this.publicAuthorityCode; + + } else { + return null; + + } + + } + + @Override + public List<ExtendedResult> getFormValidationResults() { + if (formValidationResults == null) { + return Collections.emptyList(); + + } else { + return formValidationResults; + + } + } + + /** + * Set signature creation timestramp. + * + * @param signingDateTime timestamp + */ + public void setSigningDateTime(final Date signingDateTime) { + if (signingDateTime != null) { + this.signingDateTime = new Date(signingDateTime.getTime()); + } + } + + /** + * Set encoded signer certificate. + * + * @param x509CertificateEncoded signer cerificate + */ + public void setX509CertificateEncoded(final byte[] x509CertificateEncoded) { + if (x509CertificateEncoded != null) { + this.x509CertificateEncoded = x509CertificateEncoded.clone(); + + } + } + + /** + * Set extended certificate-validation result. + * + * @param extendedCertificateCheck Extended result from MOA-Sig + */ + public void setExtendedCertificateCheckResult(ExtendedCertificateCheckResult extendedCertificateCheck) { + if (extendedCertificateCheck != null) { + this.extendedCertificateValidation = ExtendedCertificateValidation.builder() + .majorResult(ExtendedResult.builder() + .code(extendedCertificateCheck.getMajorCode()) + .info(extendedCertificateCheck.getMajorInfo()) + .build()) + .minorResult(ExtendedResult.builder() + .code(extendedCertificateCheck.getMinorCode()) + .info(extendedCertificateCheck.getMinorInfo()) + .build()) + .build(); + + } else { + log.debug("No extended verification-result. Skipping certificate-result extraction ... "); + + } + } + + /** + * Set form-validation result. + * + * @param formCheckResult Extended form-validation result from MOA-Sig + */ + public void setFormValidationResults(List<?> formCheckResult) { + if (formCheckResult != null) { + for (Object elObj : formCheckResult) { + if (elObj instanceof AdESFormResults) { + AdESFormResults el = (AdESFormResults)elObj; + + if (formValidationResults == null) { + formValidationResults = new ArrayList<>(); + + } + + formValidationResults.add(ExtendedResult.builder() + .code(el.getCode()) + .info(el.getName()) + .build()); + + } else { + log.warn("Skip unknown form-validation result of type: {}", elObj.getClass().getName()); + + } + } + + } else { + log.debug("No extended verification-result. Skipping form-validation result extraction ... "); + + } + + } + + @Getter + @Builder + public static class ExtendedCertificateValidation implements Serializable { + + private static final long serialVersionUID = -7800026008655393276L; + + private ExtendedResult majorResult; + private ExtendedResult minorResult; + + } + + @Getter + @Builder + public static class ExtendedResult implements Serializable { + + private static final long serialVersionUID = 8523769744476971010L; + + private int code; + private String info; + + } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java new file mode 100644 index 00000000..a812db56 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java @@ -0,0 +1,14 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data; + +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class VerifyCmsSignatureResponse extends GenericSignatureVerificationResponse + implements ICmsSignatureVerificationResponse { + + private static final long serialVersionUID = 708260904158070696L; + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyPdfSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyPdfSignatureResponse.java new file mode 100644 index 00000000..740ac55a --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyPdfSignatureResponse.java @@ -0,0 +1,30 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data; + +import java.util.List; + +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IPdfSignatureVerificationResponse; +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class VerifyPdfSignatureResponse extends VerifyCmsSignatureResponse + implements IPdfSignatureVerificationResponse { + + private static final long serialVersionUID = 1835687958341837826L; + + /** + * Flag if signature covers the full pdf-document. + */ + private CoversFullDocument signatureCoversFullDocument = CoversFullDocument.UNKNOWN; + + /** + * PDF signing ranges as {@link List} of {@link Pair} of starting-byte and byte-length. + */ + private List<Pair<Integer, Integer>> byteRange; + + + public enum CoversFullDocument { YES, NO, UNKNOWN } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java new file mode 100644 index 00000000..4021a90b --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java @@ -0,0 +1,35 @@ +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data; + +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; +import lombok.Getter; +import lombok.Setter; + +/** + * MOA-Sig signature verification response for XML based signatures. + * + * @author tlenz + * + */ + +@Getter +@Setter +public class VerifyXmlSignatureResponse extends GenericSignatureVerificationResponse + implements IXmlSignatureVerificationResponse { + + private static final long serialVersionUID = 8386070769565711601L; + + /** The xmlDsigSubjectName to be stored. */ + private String xmlDsigSubjectName; + + /** The xmlDSIGManifestCheckCode to be stored. */ + private int xmlDsigManifestCheckCode; + /** The xmlDSIGManigest to be stored. */ + private boolean xmlDsigManigest; + + /** + * The result of the signature manifest check. The default value <code>-1</code> + * indicates that the signature manifest has not been checked. + */ + private int signatureManifestCheckCode = -1; + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java index 231cb94f..746b5461 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/parser/VerifyXmlSignatureResponseParser.java @@ -1,27 +1,26 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser; +package at.gv.egiz.eaaf.modules.sigverify.moasig.impl.parser; import java.io.ByteArrayInputStream; import java.io.InputStream; import org.joda.time.DateTime; import org.joda.time.format.ISODateTimeFormat; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.lang.NonNull; import org.w3c.dom.Element; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXmlSignatureResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyXmlSignatureResponse; import at.gv.egovernment.moaspss.util.Constants; import at.gv.egovernment.moaspss.util.DOMUtils; import at.gv.egovernment.moaspss.util.XPathUtils; import iaik.utils.Base64InputStream; import iaik.x509.X509Certificate; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class VerifyXmlSignatureResponseParser { - private static final Logger log = LoggerFactory.getLogger(VerifyXmlSignatureResponseParser.class); // // XPath namespace prefix shortcuts @@ -180,7 +179,9 @@ public class VerifyXmlSignatureResponseParser { respData.setSigningDateTime(datetime.toDate()); } - + + //TODO: parse extended validation results + return respData; } catch (final Throwable t) { diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureCreationService.java deleted file mode 100644 index 66eedd79..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureCreationService.java +++ /dev/null @@ -1,5 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; - -public interface ISignatureCreationService { - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java deleted file mode 100644 index 67e9e29d..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java +++ /dev/null @@ -1,100 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; - -import java.util.List; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; - -public interface ISignatureVerificationService { - - /** - * Verify a CAdES or CMS signature. <br> - * <br> - * <i>This method only validates the first CMS or CAdES signature if more than - * one signature exists</i> - * - * @param signature Enveloped CMS or CAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @return @link {@link ICmsSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - ICmsSignatureVerificationResponse verifyCmsSignature(byte[] signature, String trustProfileID) - throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID) - throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig - * configuration - * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that - * should be used for - * signature-verification - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - List<String> verifyTransformsInfoProfileID) throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig - * configuration - * @param signatureLocationXpath Xpath that points to location of Signature - * element - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - String signatureLocationXpath) throws MoaSigServiceException; - - /** - * Verify a XML or XAdES signature. <br> - * <br> - * <i>This method only validates the first XML or XAdES signature if more than - * one signature exists</i> - * - * @param signature Serialized XML or XAdES signature - * @param trustProfileID Id of the Trust-Profile from MOA-Sig - * configuration - * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that - * should be used for - * signature-verification - * @param signatureLocationXpath Xpath that points to location of - * Signature element - * @return @link {@link IXmlSignatureVerificationResponse}, or null if no - * signature was found - * @throws MoaSigServiceException on signatue-verification error - */ - IXmlSignatureVerificationResponse verifyXmlSignature(byte[] signature, String trustProfileID, - List<String> verifyTransformsInfoProfileID, String signatureLocationXpath) - throws MoaSigServiceException; - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java deleted file mode 100644 index 0485f31f..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java +++ /dev/null @@ -1,152 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import java.io.Serializable; -import java.security.cert.CertificateException; -import java.util.Date; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceException; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MoaSigServiceParserException; -import iaik.x509.X509Certificate; - -public class GenericSignatureVerificationResponse - implements IGenericSignatureVerificationResponse, Serializable { - - private static final long serialVersionUID = -7751001050689401118L; - private static final Logger log = - LoggerFactory.getLogger(GenericSignatureVerificationResponse.class); - - /** The signing time. */ - private Date signingDateTime; - - /** The signatureCheckCode to be stored. */ - private int signatureCheckCode; - - /** The certificateCheckCode to be stored. */ - private int certificateCheckCode; - - /** The publicAuthority to be stored. */ - private boolean publicAuthority; - - /** The publicAuthorityCode to be stored. */ - private String publicAuthorityCode; - - /** The qualifiedCertificate to be stored. */ - private boolean qualifiedCertificate; - - private byte[] x509CertificateEncoded; - - @Override - public Date getSigningDateTime() { - if (this.signingDateTime != null) { - return new Date(this.signingDateTime.getTime()); - } - return null; - - } - - @Override - public int getSignatureCheckCode() { - return this.signatureCheckCode; - - } - - @Override - public int getCertificateCheckCode() { - return this.certificateCheckCode; - - } - - @Override - public boolean isQualifiedCertificate() { - return this.qualifiedCertificate; - - } - - @Override - public X509Certificate getX509Certificate() throws MoaSigServiceException { - if (x509CertificateEncoded != null) { - try { - return new X509Certificate(x509CertificateEncoded); - - } catch (final CertificateException e) { - log.error("Can NOT parse X509 certifcate in " - + GenericSignatureVerificationResponse.class.getName(), e); - throw new MoaSigServiceParserException("service.moasig.01", null, e); - } - - } - - return null; - - } - - @Override - public byte[] getX509CertificateEncoded() { - if (this.x509CertificateEncoded != null) { - return this.x509CertificateEncoded.clone(); - - } - return null; - - } - - @Override - public boolean isPublicAuthority() { - return this.publicAuthority; - - } - - @Override - public String getPublicAuthorityCode() { - return this.publicAuthorityCode; - - } - - /** - * Set signature creation timestramp. - * - * @param signingDateTime timestamp - */ - public void setSigningDateTime(final Date signingDateTime) { - if (signingDateTime != null) { - this.signingDateTime = new Date(signingDateTime.getTime()); - } - } - - public void setSignatureCheckCode(final int signatureCheckCode) { - this.signatureCheckCode = signatureCheckCode; - } - - public void setCertificateCheckCode(final int certificateCheckCode) { - this.certificateCheckCode = certificateCheckCode; - } - - public void setPublicAuthority(final boolean publicAuthority) { - this.publicAuthority = publicAuthority; - } - - public void setPublicAuthorityCode(final String publicAuthorityCode) { - this.publicAuthorityCode = publicAuthorityCode; - } - - public void setQualifiedCertificate(final boolean qualifiedCertificate) { - this.qualifiedCertificate = qualifiedCertificate; - } - - /** - * Set encoded signer certificate. - * - * @param x509CertificateEncoded signer cerificate - */ - public void setX509CertificateEncoded(final byte[] x509CertificateEncoded) { - if (x509CertificateEncoded != null) { - this.x509CertificateEncoded = x509CertificateEncoded.clone(); - - } - } - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java deleted file mode 100644 index ed679828..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCmsSignatureResponse.java +++ /dev/null @@ -1,10 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICmsSignatureVerificationResponse; - -public class VerifyCmsSignatureResponse extends GenericSignatureVerificationResponse - implements ICmsSignatureVerificationResponse { - - private static final long serialVersionUID = 708260904158070696L; - -} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java deleted file mode 100644 index 4b0632b1..00000000 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXmlSignatureResponse.java +++ /dev/null @@ -1,115 +0,0 @@ -package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; - -/** - * MOA-Sig signature verification response for XML based signatures. - * - * @author tlenz - * - */ - -public class VerifyXmlSignatureResponse extends GenericSignatureVerificationResponse - implements IXmlSignatureVerificationResponse { - - private static final long serialVersionUID = 8386070769565711601L; - - /** The xmlDsigSubjectName to be stored. */ - private String xmlDsigSubjectName; - - /** The xmlDSIGManifestCheckCode to be stored. */ - private int xmlDsigManifestCheckCode; - /** The xmlDSIGManigest to be stored. */ - private boolean xmlDsigManigest; - - /** - * The result of the signature manifest check. The default value <code>-1</code> - * indicates that the signature manifest has not been checked. - */ - private int signatureManifestCheckCode = -1; - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * getXmlDSIGManifestCheckCode() - */ - @Override - public int getXmlDsigManifestCheckCode() { - return xmlDsigManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * getXmlDsigSubjectName() - */ - @Override - public String getXmlDsigSubjectName() { - return xmlDsigSubjectName; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setXmlDSIGManifestCheckCode( int) - */ - public void setXmlDsigManifestCheckCode(final int xmlDsigManifestCheckCode) { - this.xmlDsigManifestCheckCode = xmlDsigManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setXmlDsigSubjectName(java.lang .String) - */ - public void setXmlDsigSubjectName(final String xmlDsigSubjectName) { - this.xmlDsigSubjectName = xmlDsigSubjectName; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * isXmlDSIGManigest() - */ - @Override - public boolean isXmlDsigManigest() { - return xmlDsigManigest; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setXmlDSIGManigest(boolean) - */ - public void setXmlDsigManigest(final boolean xmlDsigManigest) { - this.xmlDsigManigest = xmlDsigManigest; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * getSignatureManifestCheckCode() - */ - @Override - public int getSignatureManifestCheckCode() { - return signatureManifestCheckCode; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse# - * setSignatureManifestCheckCode( int) - */ - public void setSignatureManifestCheckCode(final int signatureManifestCheckCode) { - this.signatureManifestCheckCode = signatureManifestCheckCode; - } - -} |