From 7070adf32df6534edfaf4e4217eb426158eb561d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 17 May 2019 12:36:23 +0200 Subject: add EAAF module for MOA-Sig integration --- .../moasig/api/ISignatureVerificationService.java | 53 +++++++++++++++++ .../data/ICMSSignatureVerificationResponse.java | 5 ++ .../IGenericSignatureVerificationResponse.java | 69 ++++++++++++++++++++++ .../data/IXMLSignatureVerificationResponse.java | 37 ++++++++++++ 4 files changed, 164 insertions(+) create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java (limited to 'eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api') diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java new file mode 100644 index 00000000..420fe5dc --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/ISignatureVerificationService.java @@ -0,0 +1,53 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api; + +import java.util.List; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ICMSSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; + +public interface ISignatureVerificationService { + + /** + * Verify a CAdES or CMS signature + *

+ * This method only validates the first CMS or CAdES signature of more than one signature exists + * + * @param signature Enveloped CMS or CAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return @link {@link ICMSSignatureVerificationResponse}, or null if no signature was found + * @throws MOASigServiceException on signatue-verification error + */ + ICMSSignatureVerificationResponse verifyCMSSignature(byte[] signature, String trustProfileID) + throws MOASigServiceException; + + + + /** + * Verify a XML or XAdES signature + *

+ * This method only validates the first XML or XAdES signature of more than one signature exists + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @throws MOASigServiceException on signatue-verification error + */ + IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID) + throws MOASigServiceException; + + /** + * Verify a XML or XAdES signature + *

+ * This method only validates the first XML or XAdES signature of more than one signature exists + * + * @param signature Serialized XML or XAdES signature + * @param trustProfileID Id of the Trust-Profile from MOA-Sig configuration + * @param verifyTransformsInfoProfileID {@link List} of XML Transformations that should be used for signature-verification + * @return @link {@link IXMLSignatureVerificationResponse}, or null if no signature was found + * @throws MOASigServiceException on signatue-verification error + */ + IXMLSignatureVerificationResponse verifyXMLSignature(byte[] signature, String trustProfileID, + List verifyTransformsInfoProfileID) throws MOASigServiceException; + +} \ No newline at end of file diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java new file mode 100644 index 00000000..57426751 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ICMSSignatureVerificationResponse.java @@ -0,0 +1,5 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +public interface ICMSSignatureVerificationResponse extends IGenericSignatureVerificationResponse { + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java new file mode 100644 index 00000000..00d98c86 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IGenericSignatureVerificationResponse.java @@ -0,0 +1,69 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +import iaik.x509.X509Certificate; +import java.util.Date; + +import org.springframework.lang.Nullable; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; + + +public interface IGenericSignatureVerificationResponse { + + /** + * Returns the signing time + * + * @return Signing time, or null if signature contains no time information + */ + @Nullable + Date getSigningDateTime(); + + /** + * Returns the signatureCheckCode. + * @return int + */ + int getSignatureCheckCode(); + + /** + * Returns the certificateCheckCode. + * @return int + */ + int getCertificateCheckCode(); + + /** + * Returns the qualifiedCertificate. + * @return boolean + */ + boolean isQualifiedCertificate(); + + /** + * Returns the X509 certificate. + * @return X509Certificate, or null if no certificate information exists + * @throws MOASigServiceException if X509 certificate can not be deserialized + */ + @Nullable + X509Certificate getX509Certificate() throws MOASigServiceException; + + + /** + * Returns the X509 certificate in serialized form + * + * @return Serialized X509 certificate, or null if no certificate information exists + */ + @Nullable + byte[] getX509CertificateEncoded(); + + /** + * Returns the publicAuthority. + * @return boolean + */ + boolean isPublicAuthority(); + + /** + * Returns the publicAuthorityCode. + * @return String OID, or null if no OID exists + */ + @Nullable + String getPublicAuthorityCode(); + +} diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java new file mode 100644 index 00000000..3e86fb63 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/IXMLSignatureVerificationResponse.java @@ -0,0 +1,37 @@ +package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data; + +/** + * @author tlenz + * + */ +public interface IXMLSignatureVerificationResponse extends IGenericSignatureVerificationResponse { + + + /** + * Returns the xmlDSIGManifestCheckCode. + * @return int + */ + int getXmlDSIGManifestCheckCode(); + + /** + * Returns the xmlDsigSubjectName. + * @return String + */ + String getXmlDsigSubjectName(); + + + /** + * Returns the xmlDSIGManigest. + * @return boolean + */ + boolean isXmlDSIGManigest(); + + + /** + * Returns the the resulting code of the signature manifest check. + * + * @return The code of the sigature manifest check. + */ + int getSignatureManifestCheckCode(); + +} \ No newline at end of file -- cgit v1.2.3