aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2016-06-20 12:45:07 +0200
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2016-06-20 12:45:07 +0200
commit53ae98cdfa510650c1e015efd0d11a96ad4dc87a (patch)
tree8e7ab77a9208b541416d14bbdb15e7211ff40c5b /moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java
parentacf1b849ab835bc6797adfb91f8ab4fa88f0aff5 (diff)
downloadmoa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.tar.gz
moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.tar.bz2
moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.zip
ASiC Library added
Diffstat (limited to 'moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java')
-rw-r--r--moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java184
1 files changed, 184 insertions, 0 deletions
diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java
new file mode 100644
index 0000000..58f0185
--- /dev/null
+++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java
@@ -0,0 +1,184 @@
+package at.gv.egiz.asic.impl.verifier;
+
+import at.gv.egiz.asic.ReferenceType;
+import at.gv.egiz.asic.SignatureType;
+import at.gv.egiz.asic.XAdESSignaturesType;
+import at.gv.egiz.asic.api.ASiC;
+import at.gv.egiz.asic.api.ASiCEntry;
+import at.gv.egiz.asic.api.ASiCFormat;
+import at.gv.egiz.asic.api.ASiCVerificationResult;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOARuntimeException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
+import at.gv.egovernment.moaspss.util.URLEncoder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.*;
+import org.xml.sax.SAXException;
+
+import javax.xml.bind.*;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.*;
+import java.util.*;
+
+/**
+ * Created by Andreas Fitzek on 6/17/16.
+ */
+public class ExtendedXAdESVerifier extends XAdESVerifier {
+
+ private static final Logger logger = LoggerFactory.getLogger(ExtendedXAdESVerifier.class);
+
+ private void resetStream(InputStream is) {
+ try {
+ is.reset();
+ } catch (IOException e) {
+ throw new MOARuntimeException("Failed to reset inputStream", null, e);
+ }
+ }
+
+ @Override
+ public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException {
+ try {
+ Iterator<ASiCEntry> xadesSignatureIterator = asic.getSignaturesEntries().iterator();
+
+ while (xadesSignatureIterator.hasNext()) {
+ ASiCEntry xadesSignature = xadesSignatureIterator.next();
+
+ List<SignatureType> xmlSignatures = null;
+ //int signatureSize = 0;
+
+
+ // TODO: support not only XAdESSignaturesType object 4.4.3.2
+// XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class);
+ // signatureSize = xAdESSignaturesType.getSignature().size();
+
+ // this.resetStream(xadesSignature.getContents());
+ DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
+ dbFactory.setNamespaceAware(true);
+ //dbFactory.setValidating(true);
+ DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
+ Document doc = dBuilder.parse(xadesSignature.getContents());
+
+ this.resetStream(xadesSignature.getContents());
+
+ org.w3c.dom.Element rootElement = doc.getDocumentElement();
+
+ if ("http://www.w3.org/2000/09/xmldsig#".equals(rootElement.getNamespaceURI()) &&
+ "Signature".equals(rootElement.getTagName())) {
+ JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic");
+ JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, SignatureType.class);
+ SignatureType xmlSignature = xmlSignatureJaxb.getValue();
+ xmlSignatures = new ArrayList<SignatureType>();
+ xmlSignatures.add(xmlSignature);
+ } else if ("http://uri.etsi.org/02918/v1.2.1#".equals(rootElement.getNamespaceURI()) &&
+ "XAdESSignatures".equals(rootElement.getLocalName())) {
+ XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class);
+ xmlSignatures = xAdESSignaturesType.getSignature();
+ } else {
+ NodeList childrenNodes = rootElement.getChildNodes();
+ for(int i = 0; i < childrenNodes.getLength(); i++) {
+ Node node = childrenNodes.item(i);
+ JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic");
+ xmlSignatures = new ArrayList<SignatureType>();
+ if ("http://www.w3.org/2000/09/xmldsig#".equals(node.getNamespaceURI()) &&
+ "Signature".equals(rootElement.getTagName())) {
+ JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, SignatureType.class);
+ SignatureType xmlSignature = xmlSignatureJaxb.getValue();
+ xmlSignatures.add(xmlSignature);
+ }
+ }
+ }
+
+
+ this.resetStream(xadesSignature.getContents());
+
+ Map namespaces = new HashMap();
+
+ //namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#");
+ namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#");
+
+ for (int i = 0; i < xmlSignatures.size(); i++) {
+ //NodeList nodes = (NodeList) result;
+
+ //for(int i = 0; i < nodes.getLength(); i++) {
+ //Node node = nodes.item(i);
+ //JAXBContext jc = JAXBContext.newInstance( "at.gv.egiz.asic" );
+ //JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(node, SignatureType.class);
+ //SignatureType xmlSignature = xmlSignatureJaxb.getValue();
+ List<String> signedFiles = new ArrayList<String>();
+
+ //Iterator<ReferenceType> it = xmlSignature.getSignedInfo().getReference().iterator();
+ Iterator<ReferenceType> it = xmlSignatures.get(i).getSignedInfo().getReference().iterator();
+ while (it.hasNext()) {
+ ReferenceType refType = it.next();
+ if (!refType.getURI().startsWith("#")) {
+ signedFiles.add(refType.getURI());
+ }
+ }
+
+ Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator();
+
+ Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null);
+
+ List supplementsList = new ArrayList();
+ while (dataEntryIterator.hasNext()) {
+ ASiCEntry dataEntry = dataEntryIterator.next();
+ dataEntry.getContents().reset();
+ String entryName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8")
+ .replaceAll("\\+", "%20")
+ .replaceAll("\\%21", "!")
+ .replaceAll("\\%2F", "/")
+ //.replaceAll("\\%27", "'")
+ //.replaceAll("\\%28", "(")
+ //.replaceAll("\\%29", ")")
+ .replaceAll("\\%7E", "~");
+ logger.info("Adding Entry : {}", entryName);
+ Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), entryName);
+ XMLDataObjectAssociation association = SPSSFactoryImpl.getInstance().createXMLDataObjectAssociation(null, dataContent);
+ SupplementProfile profile = SPSSFactoryImpl.getInstance().createSupplementProfile(association);
+ supplementsList.add(profile);
+ }
+ String location = "(//ds:Signature)[" + (i + 1) + "]";
+
+ VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation(
+ location, namespaces);
+
+ VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation);
+
+ VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest(
+ date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true);
+
+ response.add(new ASiCVerificationResult(signedFiles,
+ XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest)));
+ }
+ }
+ } catch( UnsupportedEncodingException e) {
+ logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e);
+ throw new MOARuntimeException("asic.0003", null, e);
+ } catch (IOException ex) {
+ throw new MOASystemException("asic.0003", null, ex);
+ } catch (ParserConfigurationException e) {
+ throw new MOASystemException("asic.0003", null, e);
+ } catch (SAXException e) {
+ throw new MOASystemException("asic.0003", null, e);
+ } catch (JAXBException e) {
+ throw new MOASystemException("asic.0003", null, e);
+ }
+ }
+
+ @Override
+ public boolean handles(ASiC asic) {
+ return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat());
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 07:04:13 +0000