From 7ece75cb3dc9e4d13089b35cf011168811f7e10e Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 19 Jun 2019 08:35:30 +0200
Subject: remove manifest check, if it is not necessary

---
 .../sigverify/moasig/impl/SignatureVerificationService.java    | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'eaaf_modules/eaaf_module_moa-sig/src/main')

diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
index 1608490d..ca20ce0f 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/SignatureVerificationService.java
@@ -221,12 +221,12 @@ public class SignatureVerificationService extends AbstractSignatureService imple
 			verifySignatureLocationElem.appendChild(signatureLocation);      
 	      
 			// signature manifest params
-			final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
-			requestElem_.appendChild(signatureManifestCheckParamsElem);
-			signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
+			if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) {				
+				final Element signatureManifestCheckParamsElem = requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
+				requestElem_.appendChild(signatureManifestCheckParamsElem);
+				signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
 
-			//verify transformations
-			if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) {
+				//verify transformations			
 				final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
 				signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
 				for (final String element : verifyTransformsInfoProfileID) {
-- 
cgit v1.2.3


From 470ac2c6234a0bac1e973fd3c1f49e1d9da41be4 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 19 Jun 2019 08:36:10 +0200
Subject: add interface to inject external XML schemes into MOA-Sig

---
 .../moasig/api/data/ISchemaRessourceProvider.java  | 20 ++++++++++++++
 .../moasig/impl/AbstractSignatureService.java      | 32 ++++++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java

(limited to 'eaaf_modules/eaaf_module_moa-sig/src/main')

diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java
new file mode 100644
index 00000000..9548d96b
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/api/data/ISchemaRessourceProvider.java
@@ -0,0 +1,20 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data;
+
+import java.io.InputStream;
+import java.util.Map;
+
+/**
+ * Inject additional XML schemes into MOA-Sig
+ * 
+ * @author tlenz
+ *
+ */
+public interface ISchemaRessourceProvider {
+
+	/**
+	 * Get a Map of additional XML schemes that should be injected into MOA-Sig 
+	 * 
+	 * @return A Set of {@link Entry} consist of Name of the Scheme and XML scheme as {@link InputStream}  
+	 */
+	public Map<String, InputStream> getSchemas();
+}
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
index fe99e328..d796c165 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
@@ -1,7 +1,11 @@
 package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
 
+import java.io.IOException;
+import java.io.InputStream;
 import java.security.Provider;
 import java.security.Security;
+import java.util.Iterator;
+import java.util.Map.Entry;
 
 import javax.annotation.PostConstruct;
 import javax.xml.parsers.DocumentBuilder;
@@ -10,13 +14,16 @@ import javax.xml.parsers.ParserConfigurationException;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.w3c.dom.Document;
 
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.ISchemaRessourceProvider;
 import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.api.Configurator;
 import at.gv.egovernment.moaspss.logging.LoggingContext;
 import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.DOMUtils;
 import iaik.asn1.structures.AlgorithmID;
 import iaik.security.ec.provider.ECCelerate;
 import iaik.security.provider.IAIK;
@@ -25,6 +32,7 @@ public abstract class AbstractSignatureService {
 	private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class);
 	private static boolean isMOASigInitialized = false;
 	
+	@Autowired(required=false) ISchemaRessourceProvider[] schemas;
 	
 	@PostConstruct
 	private synchronized void initialize() throws MOASigServiceConfigurationException {
@@ -66,6 +74,30 @@ public abstract class AbstractSignatureService {
 	        	
 	        }
 	        
+	        
+	        //Inject additional XML schemes
+	        if (schemas != null && schemas.length > 0) {
+	        	log.debug("Infjecting additional XML schemes ... ");
+	        	for (final ISchemaRessourceProvider el : schemas) {
+	        		final Iterator<Entry<String, InputStream>> xmlSchemeIt = el.getSchemas().entrySet().iterator();
+	        		while (xmlSchemeIt.hasNext()) {
+						final Entry<String, InputStream> xmlDef = xmlSchemeIt.next();
+						try {
+							DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey());
+							log.info("Inject XML scheme: {}", xmlDef.getKey());
+							
+						} catch (final IOException e) {
+							log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e);
+							
+						}
+						
+					}	        			        		
+	        	}
+	        	
+	        } else
+	        	log.trace("No additional XML schemes to inject. Skip this feature");
+	        
+	        
 	        isMOASigInitialized = true;
 	        
 		} else
-- 
cgit v1.2.3