From 84a55fe8bec3924102bd2217f7e39e7a698f2829 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 5 Jun 2018 10:46:09 +0200
Subject: update moa-sig to 3.1.2 to get signing time in XML signature
 verification result

---
 .../auth/invoke/SignatureVerificationInvoker.java  | 77 ++++++++++------------
 .../parser/VerifyXMLSignatureResponseParser.java   | 20 ++++--
 2 files changed, 52 insertions(+), 45 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at/gv')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
index d5ca89656..d2d39e9e6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
@@ -52,10 +52,7 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.id.auth.exception.ServiceException;
-import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
-import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
@@ -64,7 +61,6 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
 import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
@@ -93,22 +89,22 @@ public class SignatureVerificationInvoker {
   }
   
   private SignatureVerificationInvoker() {	  
-    try {
-    	AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
-		ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
+//    try {
+//    	AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
+//		ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
 		
-		if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
-			
-			
-		} else {
+//		if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
+//			
+//			
+//		} else {
 			svs = SignatureVerificationService.getInstance();
 			
-		}
+//		}
 		
-	} catch (ConfigurationException e) {
-		// TODO Auto-generated catch block
-		e.printStackTrace();
-	}
+//	} catch (ConfigurationException e) {
+//		// TODO Auto-generated catch block
+//		e.printStackTrace();
+//	}
 	  
   }
   
@@ -144,35 +140,34 @@ public class SignatureVerificationInvoker {
   protected Element doCall(QName serviceName, Element request) throws ServiceException {
 	  ConnectionParameterInterface authConnParam = null;
     try {      
-      AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
-      authConnParam = authConfigProvider.getMoaSpConnectionParameter();
-      //If the ConnectionParameter do NOT exist, we try to get the api to work....
-      if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
-    	  
-    	  throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
-//        Service service = ServiceFactory.newInstance().createService(serviceName);
-//        Call call = service.createCall();
-//        SOAPBodyElement body = new SOAPBodyElement(request);
-//        SOAPBodyElement[] params = new SOAPBodyElement[] { body };
-//        Vector responses;
-//        SOAPBodyElement response;
+//      AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
+//      authConnParam = authConfigProvider.getMoaSpConnectionParameter();
+//      //If the ConnectionParameter do NOT exist, we try to get the api to work....
+//      if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
 //    	  
-//        Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
-//        call.setTargetEndpointAddress(authConnParam.getUrl());
-//        responses = (Vector) call.invoke(serviceName, params);
-//        Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
-//        response = (SOAPBodyElement) responses.get(0);
-//        return response.getAsDOM();
-      }
-      else {
-        VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);
-		
+//    	  throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
+////        Service service = ServiceFactory.newInstance().createService(serviceName);
+////        Call call = service.createCall();
+////        SOAPBodyElement body = new SOAPBodyElement(request);
+////        SOAPBodyElement[] params = new SOAPBodyElement[] { body };
+////        Vector responses;
+////        SOAPBodyElement response;
+////    	  
+////        Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
+////        call.setTargetEndpointAddress(authConnParam.getUrl());
+////        responses = (Vector) call.invoke(serviceName, params);
+////        Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
+////        response = (SOAPBodyElement) responses.get(0);
+////        return response.getAsDOM();
+//      }
+//      else {
+        VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);		
         VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
-        Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse);
-
+        Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
+       
         //Logger.setHierarchy("moa.id.auth");
         return result.getDocumentElement();
-      }
+//      }
     }
     catch (Exception ex) {
       if (authConnParam != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
index b54a43fff..0fba2d3f6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
@@ -46,12 +46,11 @@
 
 package at.gv.egovernment.moa.id.auth.parser;
 
-import iaik.utils.Base64InputStream;
-import iaik.x509.X509Certificate;
-
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 
+import org.joda.time.DateTime;
+import org.joda.time.format.ISODateTimeFormat;
 import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
@@ -59,7 +58,10 @@ import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.XPathUtils;
+import iaik.utils.Base64InputStream;
+import iaik.x509.X509Certificate;
 
 /**
  * Parses a <code>&lt;VerifyXMLSignatureResponse&gt;</code> returned by
@@ -115,6 +117,9 @@ public class VerifyXMLSignatureResponseParser {
   private static final String CERTIFICATE_CHECK_CODE_XPATH = 
    ROOT + MOA + "CertificateCheck/" + MOA + "Code";
   
+  private static final String SIGNING_TIME_XPATH = 
+		  ROOT + MOA + "SigningTime";
+  
     
   /** This is the root element of the XML-Document provided by the Security Layer Card*/
   private Element verifyXMLSignatureResponse;
@@ -200,7 +205,14 @@ public class VerifyXMLSignatureResponseParser {
       if (signatureManifestCheckCode != null) {
         respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue());
       }
-      respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());             
+      respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
+      
+      String signingTimeElement = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNING_TIME_XPATH,"");
+      if (MiscUtil.isNotEmpty(signingTimeElement)) {
+    	  DateTime datetime = ISODateTimeFormat.dateTimeNoMillis().parseDateTime(signingTimeElement);
+    	  respData.setSigningDateTime(datetime.toDate());
+    	  
+      }
     }
     catch (Throwable t) {
       throw new ParseException("parser.01", null, t);
-- 
cgit v1.2.3