From 7070adf32df6534edfaf4e4217eb426158eb561d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 17 May 2019 12:36:23 +0200 Subject: add EAAF module for MOA-Sig integration --- eaaf_modules/eaaf_module_moa-sig/pom.xml | 230 ++++++++++++++ .../MOA/spss/common/3.1.2/common-3.1.2.jar | Bin 0 -> 210098 bytes .../server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar | Bin 0 -> 364020 bytes .../MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar | Bin 0 -> 802825 bytes .../prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom | 9 + .../iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom | 9 + .../iaik/prod/iaik_util/0.23/iaik_util-0.23.pom | 9 + .../iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar | Bin 0 -> 459859 bytes .../2.5.1_moa/iaik_cpades-2.5.1_moa.jar | Bin 0 -> 129818 bytes .../0.9_moa/iaik_cpxlevel-0.9_moa.jar | Bin 0 -> 135880 bytes .../iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar | Bin 0 -> 596757 bytes .../5.01/iaik_eccelerate_addon-5.01.jar | Bin 0 -> 90630 bytes .../5.01/iaik_eccelerate_cms-5.01.jar | Bin 0 -> 4769 bytes .../prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar | Bin 0 -> 201276 bytes .../5.52_moa/iaik_jce_full-5.52_moa.jar | Bin 0 -> 1301058 bytes .../iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar | Bin 0 -> 34853 bytes .../iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar | Bin 0 -> 523822 bytes .../2.01_moa/iaik_pki_module-2.01_moa.jar | Bin 0 -> 627259 bytes .../prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar | Bin 0 -> 128987 bytes .../iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar | Bin 0 -> 40481 bytes .../prod/prod/iaik_util/0.23/iaik_util-0.23.jar | Bin 0 -> 39377 bytes .../iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar | Bin 0 -> 325736 bytes .../iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar | Bin 0 -> 440160 bytes .../moasig/api/ISignatureVerificationService.java | 53 ++++ .../data/ICMSSignatureVerificationResponse.java | 5 + .../IGenericSignatureVerificationResponse.java | 69 ++++ .../data/IXMLSignatureVerificationResponse.java | 37 +++ .../exceptions/MOASigServiceBuilderException.java | 14 + .../MOASigServiceConfigurationException.java | 11 + .../moasig/exceptions/MOASigServiceException.java | 26 ++ .../exceptions/MOASigServiceParserException.java | 14 + .../moasig/impl/MOASigSpringResourceProvider.java | 27 ++ .../moasig/impl/SignatureVerificationService.java | 348 +++++++++++++++++++++ .../data/GenericSignatureVerificationResponse.java | 130 ++++++++ .../impl/data/VerifyCMSSignatureResponse.java | 9 + .../impl/data/VerifyXMLSignatureResponse.java | 93 ++++++ .../parser/VerifyXMLSignatureResponseParser.java | 180 +++++++++++ ...iz.components.spring.api.SpringResourceProvider | 1 + .../src/main/resources/moa-sig-service.beans.xml | 17 + .../properties/status_messages_en.properties | 4 + eaaf_modules/pom.xml | 7 +- pom.xml | 132 ++++++++ 42 files changed, 1430 insertions(+), 4 deletions(-) create mode 100644 eaaf_modules/eaaf_module_moa-sig/pom.xml create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties diff --git a/eaaf_modules/eaaf_module_moa-sig/pom.xml b/eaaf_modules/eaaf_module_moa-sig/pom.xml new file mode 100644 index 00000000..98a7ddaf --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/pom.xml @@ -0,0 +1,230 @@ + + + 4.0.0 + + at.gv.egiz.eaaf + eaaf_modules + 1.x + + eaaf_module_moa-sig + ${egiz.eaaf.version} + + MOA-Sig signature verification module + + + + European Union Public License, version 1.2 (EUPL-1.2) + https://opensource.org/licenses/EUPL-1.2 + repo + + + + + + Thomas Lenz + thomas.lenz@egiz.gv.at + eGovernment Innovation Center (EGIZ) + https://www.egiz.gv.at + + + + + + MOA + MOA Dependencies + + true + ignore + + default + file://${basedir}/repository + + + + + + at.gv.egiz.components + egiz-spring-api + + + at.gv.egiz.eaaf + eaaf_core_api + + + + joda-time + joda-time + + + org.apache.commons + commons-lang3 + + + + MOA.spss.server + moa-sig-lib + + + commons-logging + commons-logging + + + * + axis + + + + + MOA.spss + common + + + MOA.spss + tsl_lib + + + iaik.prod + iaik_cms + + + iaik.prod + iaik_cpades + + + iaik.prod + iaik_cpxlevel + + + iaik.prod + iaik_eccelerate + + + iaik.prod + iaik_eccelerate_addon + + + iaik.prod + iaik_eccelerate_cms + + + iaik.prod + iaik_jce_full + + + iaik.prod + iaik_jsse + + + iaik.prod + iaik_moa + + + iaik.prod + iaik_pki_module + + + iaik.prod + iaik_sva + + + iaik.prod + iaik_tsp + + + iaik.prod + iaik_util + + + iaik.prod + iaik_xades + + + iaik.prod + iaik_xsect + + + + + junit + junit + test + + + org.springframework + spring-test + test + + + org.apache.commons + commons-lang3 + test + + + + + + + + + src/main/resources + + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.0 + + ${java.version} + ${java.version} + + + + + org.apache.maven.plugins + maven-jar-plugin + 3.1.1 + + + + true + true + true + + + + + + + org.apache.maven.plugins + maven-clean-plugin + 3.1.0 + + + + test-output + + + + + + + + maven-surefire-plugin + ${surefire.version} + + 1 + + + + org.apache.maven.surefire + surefire-junit47 + ${surefire.version} + + + + + + diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar new file mode 100644 index 00000000..243273f4 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/common/3.1.2/common-3.1.2.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar new file mode 100644 index 00000000..06be8763 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/server/moa-sig-lib/3.1.2/moa-sig-lib-3.1.2.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar new file mode 100644 index 00000000..22f1f7d6 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/MOA/spss/tsl_lib/2.0.2/tsl_lib-2.0.2.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom new file mode 100644 index 00000000..af6c7876 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.pom @@ -0,0 +1,9 @@ + + + 4.0.0 + iaik.prod + iaik_ixsil + 1.2.2.5 + POM was created from install:install-file + diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom new file mode 100644 index 00000000..f61afb3c --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_jsse/4.4/iaik_jsse-4.4.pom @@ -0,0 +1,9 @@ + + + 4.0.0 + iaik.prod + iaik_jsse + 4.4 + POM was created from install:install-file + diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom new file mode 100644 index 00000000..9611eb92 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/iaik_util/0.23/iaik_util-0.23.pom @@ -0,0 +1,9 @@ + + + 4.0.0 + iaik.prod + iaik_util + 0.23 + POM was created from install:install-file + diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar new file mode 100644 index 00000000..6aff9745 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cms/5.1/iaik_cms-5.1.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar new file mode 100644 index 00000000..f225f27a Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpades/2.5.1_moa/iaik_cpades-2.5.1_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar new file mode 100644 index 00000000..3caa1610 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_cpxlevel/0.9_moa/iaik_cpxlevel-0.9_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar new file mode 100644 index 00000000..0d83fc5b Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate/5.01/iaik_eccelerate-5.01.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar new file mode 100644 index 00000000..957fa5a8 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_addon/5.01/iaik_eccelerate_addon-5.01.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar new file mode 100644 index 00000000..ed4e816e Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_eccelerate_cms/5.01/iaik_eccelerate_cms-5.01.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar new file mode 100644 index 00000000..9ac61d5c Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_ixsil/1.2.2.5/iaik_ixsil-1.2.2.5.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar new file mode 100644 index 00000000..4ce6c247 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jce_full/5.52_moa/iaik_jce_full-5.52_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar new file mode 100644 index 00000000..15b32042 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_jsse/4.4/iaik_jsse-4.4.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar new file mode 100644 index 00000000..edc2d0f9 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_moa/2.06/iaik_moa-2.06.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar new file mode 100644 index 00000000..9d59aef2 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_pki_module/2.01_moa/iaik_pki_module-2.01_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar new file mode 100644 index 00000000..9a551784 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_sva/1.0.3_moa/iaik_sva-1.0.3_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar new file mode 100644 index 00000000..fbd9abd2 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_tsp/2.32_eval/iaik_tsp.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar new file mode 100644 index 00000000..1bc0cde7 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_util/0.23/iaik_util-0.23.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar new file mode 100644 index 00000000..0f111e24 Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xades/2.13_moa/iaik_xades-2.13_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar new file mode 100644 index 00000000..95f18efc Binary files /dev/null and b/eaaf_modules/eaaf_module_moa-sig/repository/iaik/prod/prod/iaik_xsect/2.13_moa/iaik_xsect-2.13_moa.jar differ diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java new file mode 100644 index 00000000..420fe5dc --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java @@ -0,0 +1,53 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; + +import java.util.List; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; + +public interface ISignatureVerificationService { + + /** + * Verify a CAdES or CMS signature + *

+ * This method only validates the first CMS or CAdES signature of more than one signature exists + * + * @param signature Enveloped CMS or CAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return @link {@link ICMSSignatureVerificationResponse}, or null if no signature was found + * @throws MOASigServiceException on signatue-verification error + */ + ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) + throws MOASigServiceException; + + + + /** + * Verify a XML or XAdES signature + *

+ * This method only validates the first XML or XAdES signature of more than one signature exists + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @throws MOASigServiceException on signatue-verification error + */ + IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID) + throws MOASigServiceException; + + /** + * Verify a XML or XAdES signature + *

+ * This method only validates the first XML or XAdES signature of more than one signature exists + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used for signature-verification + * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @throws MOASigServiceException on signatue-verification error + */ + IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, + List verifyTransformsInfoProfileID) throws MOASigServiceException; + +} \ No newline at end of file diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java new file mode 100644 index 00000000..57426751 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java @@ -0,0 +1,5 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +public interface ICMSSignatureVerificationResponse extends IGenericSignatureVerificationResponse { + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java new file mode 100644 index 00000000..00d98c86 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java @@ -0,0 +1,69 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +import iaik.x509.X509Certificate; +import java.util.Date; + +import org.springframework.lang.Nullable; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; + + +public interface IGenericSignatureVerificationResponse { + + /** + * Returns the signing time + * + * @return Signing time, or null if signature contains no time information + */ + @Nullable + Date getSigningDateTime(); + + /** + * Returns the signatureCheckCode. + * @return int + */ + int getSignatureCheckCode(); + + /** + * Returns the certificateCheckCode. + * @return int + */ + int getCertificateCheckCode(); + + /** + * Returns the qualifiedCertificate. + * @return boolean + */ + boolean isQualifiedCertificate(); + + /** + * Returns the X509 certificate. + * @return X509Certificate, or null if no certificate information exists + * @throws MOASigServiceException if X509 certificate can not be deserialized + */ + @Nullable + X509Certificate getX509Certificate() throws MOASigServiceException; + + + /** + * Returns the X509 certificate in serialized form + * + * @return Serialized X509 certificate, or null if no certificate information exists + */ + @Nullable + byte[] getX509CertificateEncoded(); + + /** + * Returns the publicAuthority. + * @return boolean + */ + boolean isPublicAuthority(); + + /** + * Returns the publicAuthorityCode. + * @return String OID, or null if no OID exists + */ + @Nullable + String getPublicAuthorityCode(); + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java new file mode 100644 index 00000000..3e86fb63 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java @@ -0,0 +1,37 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +/** + * @author tlenz + * + */ +public interface IXMLSignatureVerificationResponse extends IGenericSignatureVerificationResponse { + + + /** + * Returns the xmlDSIGManifestCheckCode. + * @return int + */ + int getXmlDSIGManifestCheckCode(); + + /** + * Returns the xmlDsigSubjectName. + * @return String + */ + String getXmlDsigSubjectName(); + + + /** + * Returns the xmlDSIGManigest. + * @return boolean + */ + boolean isXmlDSIGManigest(); + + + /** + * Returns the the resulting code of the signature manifest check. + * + * @return The code of the sigature manifest check. + */ + int getSignatureManifestCheckCode(); + +} \ No newline at end of file diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java new file mode 100644 index 00000000..ded3f900 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceBuilderException.java @@ -0,0 +1,14 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; + +public class MOASigServiceBuilderException extends MOASigServiceException { + + private static final long serialVersionUID = 5178393157255309476L; + + public MOASigServiceBuilderException(String errorId, Object[] params) { + super(errorId, params); + } + + public MOASigServiceBuilderException(String errorId, Object[] params, Throwable e) { + super(errorId, params, e); + } +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java new file mode 100644 index 00000000..f3c02fe1 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceConfigurationException.java @@ -0,0 +1,11 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; + +public class MOASigServiceConfigurationException extends MOASigServiceException { + + private static final long serialVersionUID = -4710795384615456488L; + + public MOASigServiceConfigurationException(String errorId, Object[] params, Throwable e) { + super(errorId, params, e); + } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java new file mode 100644 index 00000000..243b4b1d --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceException.java @@ -0,0 +1,26 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; + +import at.gv.egiz.eaaf.core.exceptions.EAAFServiceException; + +public class MOASigServiceException extends EAAFServiceException { + + private static final long serialVersionUID = -6088238428550563658L; + private static final String MOA_SIG_SERVICE_ID = "MOA-SIG-VERIFY"; + + public MOASigServiceException(String errorId, Object[] params) { + super(errorId, params); + + } + + public MOASigServiceException(String errorId, Object[] params, Throwable e) { + super(errorId, params, e); + + } + + @Override + protected String getServiceIdentifier() { + return MOA_SIG_SERVICE_ID; + + } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java new file mode 100644 index 00000000..63a51001 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/exceptions/MOASigServiceParserException.java @@ -0,0 +1,14 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions; + +public class MOASigServiceParserException extends MOASigServiceException { + + private static final long serialVersionUID = 5178393157255309476L; + + public MOASigServiceParserException(String errorId, Object[] params) { + super(errorId, params); + } + + public MOASigServiceParserException(String errorId, Object[] params, Throwable e) { + super(errorId, params, e); + } +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java new file mode 100644 index 00000000..ecda7eb1 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/MOASigSpringResourceProvider.java @@ -0,0 +1,27 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +public class MOASigSpringResourceProvider implements SpringResourceProvider { + + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource moaSigConfig = new ClassPathResource("/moa-sig-service.beans.xml", MOASigSpringResourceProvider.class); + return new Resource[] {moaSigConfig}; + } + + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + return "Signature-verification service based on MOA-Sig (MOA-SPSS)"; + } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java new file mode 100644 index 00000000..b2ea5cb7 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java @@ -0,0 +1,348 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; + +import java.io.ByteArrayInputStream; +import java.security.Provider; +import java.security.Security; +import java.security.cert.CertificateEncodingException; +import java.util.List; + +import javax.annotation.PostConstruct; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.lang.Nullable; +import org.springframework.stereotype.Service; +import org.springframework.util.Base64Utils; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceBuilderException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.Configurator; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; +import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moaspss.logging.LoggingContext; +import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import at.gv.egovernment.moaspss.util.Constants; +import iaik.asn1.structures.AlgorithmID; +import iaik.security.ec.provider.ECCelerate; +import iaik.security.provider.IAIK; + + +/** + * @author tlenz + * + */ +@Service +public class SignatureVerificationService implements ISignatureVerificationService { + private static final Logger log = LoggerFactory.getLogger(SignatureVerificationService.class); + + private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; + private static final String MOA_NS_URI = Constants.MOA_NS_URI; + private static final String DSIG = Constants.DSIG_PREFIX + ":"; + + private at.gv.egovernment.moa.spss.api.SignatureVerificationService svs; + + @PostConstruct + private void initialize() throws MOASigServiceConfigurationException { + log.info("Initializing MOA-Sig signature-verification service ... "); + + log.info("Loading Java security providers."); + IAIK.addAsProvider(); + ECCelerate.addAsProvider(); + + try { + LoggingContextManager.getInstance().setLoggingContext( + new LoggingContext("startup")); + log.debug("MOA-Sig library initialization process ... "); + Configurator.getInstance().init(); + log.info("MOA-Sig library initialization complete "); + + } catch (final MOAException e) { + log.error("MOA-SP initialization FAILED!", e.getWrapped()); + throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e + .toString() }, e); + } + + Security.insertProviderAt(IAIK.getInstance(), 0); + + final ECCelerate eccProvider = ECCelerate.getInstance(); + if (Security.getProvider(eccProvider.getName()) != null) + Security.removeProvider(eccProvider.getName()); + Security.addProvider(new ECCelerate()); + + fixJava8_141ProblemWithSSLAlgorithms(); + + if (log.isDebugEnabled()) { + log.debug("Loaded Security Provider:"); + final Provider[] providerList = Security.getProviders(); + for (int i=0; i 1) + log.warn("CMS or CAdES signature contains more than one technical signatures. Only validate the first signature"); + + final VerifyCMSSignatureResponseElement firstSig = (VerifyCMSSignatureResponseElement) cmsSigVerifyResp.getResponseElements().get(0); + + final at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse result = + new at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyCMSSignatureResponse(); + + //parse results into response container + result.setSignatureCheckCode(firstSig.getSignatureCheck().getCode()); + result.setCertificateCheckCode(firstSig.getCertificateCheck().getCode()); + + if (firstSig.getSignerInfo() != null) { + result.setSigningDateTime(firstSig.getSignerInfo().getSigningTime()); + result.setX509CertificateEncoded(firstSig.getSignerInfo().getSignerCertificate().getEncoded()); + result.setQualifiedCertificate(firstSig.getSignerInfo().isQualifiedCertificate()); + + result.setPublicAuthority(firstSig.getSignerInfo().isPublicAuthority()); + result.setPublicAuthorityCode(firstSig.getSignerInfo().getPublicAuhtorityID()); + + } else + log.info("CMS or CAdES verification result contains no SignerInfo"); + + return result; + } + + + + /* (non-Javadoc) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String) + */ + @Override + public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID) throws MOASigServiceException { + return verifyXMLSignature(signature, trustProfileID, null); + + } + + /* (non-Javadoc) + * @see at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.ISignatureVerificationService#verifyXMLSignature(byte[], java.lang.String, java.util.List) + */ + @Override + public IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, List verifyTransformsInfoProfileID) throws MOASigServiceException { + try { + //build signature-verification request + final Element domVerifyXMLSignatureRequest = buildVerifyXMLRequest(signature, trustProfileID, verifyTransformsInfoProfileID); + + //send signature-verification to MOA-Sig + final VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(domVerifyXMLSignatureRequest); + final VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest); + final Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse); + + // parses the + final IXMLSignatureVerificationResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(result.getDocumentElement()).parseData(); + + return verifyXMLSignatureResponse; + + } catch (final MOASigServiceException e) { + throw e; + + } catch (final MOAException e) { + log.warn("MOA-Sig signature-verification has an internal error." + + " MsgCode: " + e.getMessageId() + + " Msg: " + e.getMessage(), + e); + throw new MOASigServiceException("service.moasig.03", new Object[]{e.getMessage()}, e); + + } + } + + /** + * Build a VerifyCMS-Siganture request for MOA-Sig. + *

+ * This builder only generates verification-request for enveloped CMS or CAdES signatures + *
+ * This + * + * @param signature CMS or CAdES signature + * @param trustProfileID trustProfileID MOA-Sig Trust-Profile + * @param isPdfSignature Make CAdES signature as part of an PAdES document + * @param performExtendedValidation To extended validation. See MOA-Sig documentation for detailed information + * @return + */ + private VerifyCMSSignatureRequest buildVerfifyCMSRequest(byte[] signature, String trustProfileID, + boolean isPdfSignature, boolean performExtendedValidation) { + final VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest = new VerifyCMSSignatureRequestImpl(); + verifyCMSSignatureRequest.setDateTime(null); + verifyCMSSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature)); + verifyCMSSignatureRequest.setDataObject(null); + verifyCMSSignatureRequest.setTrustProfileId(trustProfileID); + verifyCMSSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES); + verifyCMSSignatureRequest.setPDF(isPdfSignature); + verifyCMSSignatureRequest.setExtended(performExtendedValidation); + return verifyCMSSignatureRequest; + + } + + /** + * Build a VerifyXML-Signature request for MOA-Sig + * + * @param signature Serialized XML signature + * @param trustProfileID MOA-Sig Trust-Profile + * @param verifyTransformsInfoProfileID {@link List} of Transformation-Profiles used for validation + * @return + * @throws MOASigServiceBuilderException + */ + private Element buildVerifyXMLRequest(byte[] signature, String trustProfileID, List verifyTransformsInfoProfileID) throws MOASigServiceBuilderException { + try { + //build empty document + final Document requestDoc_ = getNewDocumentBuilder(); + final Element requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + requestDoc_.appendChild(requestElem_); + + + // build the request + final Element verifiySignatureInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); + requestElem_.appendChild(verifiySignatureInfoElem); + final Element verifySignatureEnvironmentElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); + verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); + final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + verifySignatureEnvironmentElem.appendChild(base64ContentElem); + + // insert the base64 encoded signature + String base64EncodedAssertion = Base64Utils.encodeToString(signature); + //replace all '\r' characters by no char. + final StringBuffer replaced = new StringBuffer(); + for (int i = 0; i < base64EncodedAssertion.length(); i ++) { + final char c = base64EncodedAssertion.charAt(i); + if (c != '\r') { + replaced.append(c); + } + } + base64EncodedAssertion = replaced.toString(); + final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); + base64ContentElem.appendChild(base64Content); + + // specify the signature location + final Element verifySignatureLocationElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); + verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); + final Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature"); + verifySignatureLocationElem.appendChild(signatureLocation); + + // signature manifest params + final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); + requestElem_.appendChild(signatureManifestCheckParamsElem); + signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); + + //verify transformations + if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { + final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); + signatureManifestCheckParamsElem.appendChild(referenceInfoElem); + for (final String element : verifyTransformsInfoProfileID) { + final Element verifyTransformsInfoProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID"); + referenceInfoElem.appendChild(verifyTransformsInfoProfileIDElem); + verifyTransformsInfoProfileIDElem.appendChild(requestDoc_.createTextNode(element)); + + } + } + + //hashinput data + final Element returnHashInputDataElem = requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); + requestElem_.appendChild(returnHashInputDataElem); + + //add trustProfileID + final Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); + trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID)); + requestElem_.appendChild(trustProfileIDElem); + + return requestElem_; + + } catch (final Throwable t) { + log.warn("Can NOT build VerifyXML-Signature request for MOA-Sig", t); + throw new MOASigServiceBuilderException("service.moasig.03", new Object[] { t.getMessage() }, t); + + } + + } + + /** + * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because + * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe. + * + * @return {@link Document} + * @throws ParserConfigurationException + */ + private synchronized Document getNewDocumentBuilder() throws ParserConfigurationException { + final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + return docBuilder.newDocument(); + + } + + private static void fixJava8_141ProblemWithSSLAlgorithms() { + log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); + //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", + new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", + new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", + new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", + new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", + new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); + + log.info("Change AlgorithmIDs finished"); + } +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java new file mode 100644 index 00000000..f3c724d8 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/GenericSignatureVerificationResponse.java @@ -0,0 +1,130 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; + +import java.io.Serializable; +import java.security.cert.CertificateException; +import iaik.x509.X509Certificate; +import java.util.Date; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IGenericSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceParserException; + +public class GenericSignatureVerificationResponse implements IGenericSignatureVerificationResponse, Serializable { + + private static final long serialVersionUID = -7751001050689401118L; + private static final Logger log = LoggerFactory.getLogger(GenericSignatureVerificationResponse.class); + + + /** The signing time */ + private Date signingDateTime; + + /** The signatureCheckCode to be stored */ + private int signatureCheckCode; + + /** The certificateCheckCode to be stored */ + private int certificateCheckCode; + + /** The publicAuthority to be stored */ + private boolean publicAuthority; + + /** The publicAuthorityCode to be stored */ + private String publicAuthorityCode; + + /** The qualifiedCertificate to be stored */ + private boolean qualifiedCertificate; + + private byte[] x509CertificateEncoded; + + @Override + public Date getSigningDateTime() { + return this.signingDateTime; + + } + + @Override + public int getSignatureCheckCode() { + return this.signatureCheckCode; + + } + + @Override + public int getCertificateCheckCode() { + return this.certificateCheckCode; + + } + + @Override + public boolean isQualifiedCertificate() { + return this.qualifiedCertificate; + + } + + @Override + public X509Certificate getX509Certificate() throws MOASigServiceException { + if (x509CertificateEncoded != null) { + try { + return new X509Certificate(x509CertificateEncoded); + + } catch (CertificateException e) { + log.error("Can NOT parse X509 certifcate in " + GenericSignatureVerificationResponse.class.getName(), e); + throw new MOASigServiceParserException("service.moasig.01", null, e); + } + + } + + return null; + + } + + @Override + public byte[] getX509CertificateEncoded() { + return this.getX509CertificateEncoded(); + + } + + @Override + public boolean isPublicAuthority() { + return this.publicAuthority; + + } + + @Override + public String getPublicAuthorityCode() { + return this.publicAuthorityCode; + + } + + public void setSigningDateTime(Date signingDateTime) { + this.signingDateTime = signingDateTime; + } + + public void setSignatureCheckCode(int signatureCheckCode) { + this.signatureCheckCode = signatureCheckCode; + } + + public void setCertificateCheckCode(int certificateCheckCode) { + this.certificateCheckCode = certificateCheckCode; + } + + public void setPublicAuthority(boolean publicAuthority) { + this.publicAuthority = publicAuthority; + } + + public void setPublicAuthorityCode(String publicAuthorityCode) { + this.publicAuthorityCode = publicAuthorityCode; + } + + public void setQualifiedCertificate(boolean qualifiedCertificate) { + this.qualifiedCertificate = qualifiedCertificate; + } + + public void setX509CertificateEncoded(byte[] x509CertificateEncoded) { + this.x509CertificateEncoded = x509CertificateEncoded; + } + + + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java new file mode 100644 index 00000000..2c177c71 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyCMSSignatureResponse.java @@ -0,0 +1,9 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; + +public class VerifyCMSSignatureResponse extends GenericSignatureVerificationResponse implements ICMSSignatureVerificationResponse{ + + private static final long serialVersionUID = 708260904158070696L; + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java new file mode 100644 index 00000000..0646bda7 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/data/VerifyXMLSignatureResponse.java @@ -0,0 +1,93 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; + +/** + * + * + * @author tlenz + * + */ + +public class VerifyXMLSignatureResponse extends GenericSignatureVerificationResponse implements IXMLSignatureVerificationResponse { + + private static final long serialVersionUID = 8386070769565711601L; + +/** The xmlDsigSubjectName to be stored */ + private String xmlDsigSubjectName; + + /** The xmlDSIGManifestCheckCode to be stored */ + private int xmlDSIGManifestCheckCode; + /** The xmlDSIGManigest to be stored */ + private boolean xmlDSIGManigest; + + /** + * The result of the signature manifest check. The default value -1 + * indicates that the signature manifest has not been checked. + */ + private int signatureManifestCheckCode = -1; + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDSIGManifestCheckCode() + */ + @Override +public int getXmlDSIGManifestCheckCode() { + return xmlDSIGManifestCheckCode; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getXmlDsigSubjectName() + */ + @Override +public String getXmlDsigSubjectName() { + return xmlDsigSubjectName; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManifestCheckCode(int) + */ +public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) { + this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDsigSubjectName(java.lang.String) + */ +public void setXmlDsigSubjectName(String xmlDsigSubjectName) { + this.xmlDsigSubjectName = xmlDsigSubjectName; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#isXmlDSIGManigest() + */ + @Override +public boolean isXmlDSIGManigest() { + return xmlDSIGManigest; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setXmlDSIGManigest(boolean) + */ +public void setXmlDSIGManigest(boolean xmlDSIGManigest) { + this.xmlDSIGManigest = xmlDSIGManigest; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#getSignatureManifestCheckCode() + */ + @Override +public int getSignatureManifestCheckCode() { + return signatureManifestCheckCode; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSignatureManifestCheckCode(int) + */ +public void setSignatureManifestCheckCode(int signatureManifestCheckCode) { + this.signatureManifestCheckCode = signatureManifestCheckCode; + } + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java new file mode 100644 index 00000000..e581394b --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/parser/VerifyXMLSignatureResponseParser.java @@ -0,0 +1,180 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.parser; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; + +import org.joda.time.DateTime; +import org.joda.time.format.ISODateTimeFormat; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.lang.NonNull; +import org.w3c.dom.Element; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceParserException; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moaspss.util.Constants; +import at.gv.egovernment.moaspss.util.DOMUtils; +import at.gv.egovernment.moaspss.util.XPathUtils; +import iaik.utils.Base64InputStream; +import iaik.x509.X509Certificate; + + +public class VerifyXMLSignatureResponseParser { + private static final Logger log = LoggerFactory.getLogger(VerifyXMLSignatureResponseParser.class); + + // + // XPath namespace prefix shortcuts + // + /** Xpath prefix for reaching MOA Namespaces */ + private static final String MOA = Constants.MOA_PREFIX + ":"; + /** Xpath prefix for reaching DSIG Namespaces */ + private static final String DSIG = Constants.DSIG_PREFIX + ":"; + /** Xpath expression to the root element */ + private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/"; + + /** Xpath expression to the X509SubjectName element */ + private static final String DSIG_SUBJECT_NAME_XPATH = + ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + + DSIG + "X509SubjectName"; + /** Xpath expression to the X509Certificate element */ + private static final String DSIG_X509_CERTIFICATE_XPATH = + ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + + DSIG + "X509Certificate"; + /** Xpath expression to the PublicAuthority element */ + private static final String PUBLIC_AUTHORITY_XPATH = + ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + + MOA + "PublicAuthority"; + /** Xpath expression to the PublicAuthorityCode element */ + private static final String PUBLIC_AUTHORITY_CODE_XPATH = + PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code"; + /** Xpath expression to the QualifiedCertificate element */ + private static final String QUALIFIED_CERTIFICATE_XPATH = + ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" + + MOA + "QualifiedCertificate"; + + /** Xpath expression to the SignatureCheckCode element */ + private static final String SIGNATURE_CHECK_CODE_XPATH = + ROOT + MOA + "SignatureCheck/" + MOA + "Code"; + /** Xpath expression to the XMLDSIGManifestCheckCode element */ + private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH = + ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code"; + /** Xpath expression to the SignatureManifestCheckCode element */ + private static final String SIGNATURE_MANIFEST_CHECK_CODE_XPATH = + ROOT + MOA + "SignatureManifestCheck/" + MOA + "Code"; + /** Xpath expression to the CertificateCheckCode element */ + private static final String CERTIFICATE_CHECK_CODE_XPATH = + ROOT + MOA + "CertificateCheck/" + MOA + "Code"; + + private static final String SIGNING_TIME_XPATH = + ROOT + MOA + "SigningTime"; + + + /** This is the root element of the XML-Document provided by the Security Layer Card*/ + private Element verifyXMLSignatureResponse; + + /** + * Constructor for VerifyXMLSignatureResponseParser. + * A DOM-representation of the incoming String will be created + * @param xmlResponse <InfoboxReadResponse> as String + * @throws MOASigServiceParserException on any parsing error + */ + public VerifyXMLSignatureResponseParser(String xmlResponse) throws MOASigServiceParserException { + try { + final InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8")); + verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s); + + } catch (final Throwable t) { + log.warn("Can not parse MOA-Sig response." , t); + throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); + + } + } + + /** + * Constructor for VerifyXMLSignatureResponseParser. + * A DOM-representation of the incoming Inputstream will be created + * @param xmlResponse <InfoboxReadResponse> as InputStream + * @throws MOASigServiceParserException on any parsing error + */ + public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws MOASigServiceParserException { + try { + verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse); + + } catch (final Throwable t) { + log.warn("Can not parse MOA-Sig response." , t); + throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); + + } + } + + /** + * Constructor for VerifyXMLSignatureResponseParser. + * The incoming Element will be used for further operations + * @param xmlResponse <InfoboxReadResponse> as Element + */ + public VerifyXMLSignatureResponseParser(Element xmlResponse) { + verifyXMLSignatureResponse =xmlResponse; + + } + +/** + * Parse MOA-Sig signatur-verification result into {@link IXMLSignatureVerificationResponse} + * + * @return {@link IXMLSignatureVerificationResponse} + * @throws MOASigServiceException on any parsing error + */ + @NonNull + public IXMLSignatureVerificationResponse parseData() throws MOASigServiceException { + try { + final VerifyXMLSignatureResponse respData = new VerifyXMLSignatureResponse(); + respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,"")); + final Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH); + respData.setQualifiedCertificate(e!=null); + + final Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue( + verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true); + + respData.setX509CertificateEncoded(new X509Certificate(in).getEncoded()); + + final Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_XPATH); + respData.setPublicAuthority(publicAuthority != null); + respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,"")); + respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue()); + + final String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null); + if (xmlDsigCheckCode!=null) { + respData.setXmlDSIGManigest(true); + respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue()); + + } else { + respData.setXmlDSIGManigest(false); + + } + + final String signatureManifestCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_MANIFEST_CHECK_CODE_XPATH,null); + if (signatureManifestCheckCode != null) { + respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue()); + + } + respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue()); + + final String signingTimeElement = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNING_TIME_XPATH,""); + if (signingTimeElement != null && !signingTimeElement.isEmpty()) { + final DateTime datetime = ISODateTimeFormat.dateOptionalTimeParser().parseDateTime(signingTimeElement); + respData.setSigningDateTime(datetime.toDate()); + + } + + return respData; + + } catch (final Throwable t) { + log.warn("Can not parse MOA-Sig response." , t); + throw new MOASigServiceParserException("service.moasig.02", new Object[] { t.toString() }, t); + } + + } + + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 00000000..ebc25602 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.MOASigSpringResourceProvider \ No newline at end of file diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml new file mode 100644 index 00000000..17907130 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/moa-sig-service.beans.xml @@ -0,0 +1,17 @@ + + + + + + + + \ No newline at end of file diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties new file mode 100644 index 00000000..8802c35d --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/resources/properties/status_messages_en.properties @@ -0,0 +1,4 @@ +service.moasig.01=Can not deserialize X509 certificate +service.moasig.02=Can not parse XML signature verification response. Reason: {0} +service.moasig.03=Signature verification operation has an internal error. Reason: {0} +service.moasig.04=Configuration of MOA-Sig signature-verification library FAILED! Reason: {0} \ No newline at end of file diff --git a/eaaf_modules/pom.xml b/eaaf_modules/pom.xml index 585655b1..6f567ae8 100644 --- a/eaaf_modules/pom.xml +++ b/eaaf_modules/pom.xml @@ -1,8 +1,6 @@ - - + --> 4.0.0 at.gv.egiz @@ -22,6 +20,7 @@ eaaf_module_pvp2_idp eaaf_module_pvp2_sp eaaf_module_auth_sl20 - + eaaf_module_moa-sig + \ No newline at end of file diff --git a/pom.xml b/pom.xml index 9243b7d3..e84910c3 100644 --- a/pom.xml +++ b/pom.xml @@ -24,6 +24,28 @@ 0.4 0.2 + 3.1.2 + 2.0.2 + + + 5.1 + 2.5.1_moa + 0.9_moa + 5.01 + 5.01 + 5.01 + 5.52_moa + 4.4 + 2.06 + 2.01_moa + 1.0.3_moa + 2.32_eval + 0.23 + 2.13_moa + 2.13_moa + + + 5.1.5.RELEASE 2.6.6 1.4.6 @@ -106,6 +128,116 @@ ${at.gv.egiz.components.egiz-spring-api} + + + MOA.spss.server + moa-sig-lib + ${MOA.spss.server.moa-sig-lib.version} + + + commons-logging + commons-logging + + + * + axis + + + + + MOA.spss + common + ${MOA.spss.server.moa-sig-lib.version} + + + MOA.spss + tsl_lib + ${MOA.spss.tsl_lib.version} + + + + + + iaik.prod + iaik_cms + ${iaik.prod.iaik_cms.version} + + + iaik.prod + iaik_cpades + ${iaik.prod.iaik_cpades.version} + + + iaik.prod + iaik_cpxlevel + ${iaik.prod.iaik_cpxlevel.version} + + + iaik.prod + iaik_eccelerate + ${iaik.prod.iaik_eccelerate.version} + + + iaik.prod + iaik_eccelerate_addon + ${iaik.prod.iaik_eccelerate_addon.version} + + + iaik.prod + iaik_eccelerate_cms + ${iaik.prod.iaik_eccelerate_cms.version} + + + iaik.prod + iaik_jce_full + ${iaik.prod.iaik_jce_full.version} + + + iaik.prod + iaik_jsse + ${iaik.prod.iaik_jsse.version} + + + iaik.prod + iaik_moa + ${iaik.prod.iaik_moa.version} + + + iaik.prod + iaik_pki_module + ${iaik.prod.iaik_pki_module.version} + + + iaik.prod + iaik_sva + ${iaik.prod.iaik_sva.version} + + + iaik.prod + iaik_tsp + ${iaik.prod.iaik_tsp.version} + + + iaik.prod + iaik_util + ${iaik.prod.iaik_util.version} + + + iaik.prod + iaik_xades + ${iaik.prod.iaik_xades.version} + + + iaik.prod + iaik_xsect + ${iaik.prod.iaik_xsect.version} + + + + + + + com.google.code.findbugs jsr305 -- cgit v1.2.3