ASiC Library added

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2016-06-20 12:45:07 +0200
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2016-06-20 12:45:07 +0200
commit: 53ae98cdfa510650c1e015efd0d11a96ad4dc87a (patch)
tree: 8e7ab77a9208b541416d14bbdb15e7211ff40c5b /moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java
parent: acf1b849ab835bc6797adfb91f8ab4fa88f0aff5 (diff)
download: moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.tar.gz
moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.tar.bz2
moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.zip
1 files changed, 128 insertions, 0 deletions
diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java
new file mode 100644
index 0000000..a71462c
--- /dev/null
+++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java
@@ -0,0 +1,128 @@
+package at.gv.egiz.asic.impl.verifier;
+
+import at.gv.egiz.asic.ReferenceType;
+import at.gv.egiz.asic.XAdESSignaturesType;
+import at.gv.egiz.asic.api.ASiC;
+import at.gv.egiz.asic.api.ASiCEntry;
+import at.gv.egiz.asic.api.ASiCFormat;
+import at.gv.egiz.asic.api.ASiCVerificationResult;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOARuntimeException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
+import at.gv.egovernment.moaspss.util.URLEncoder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.xml.bind.JAXB;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.util.*;
+
+/**
+ * Created by Andreas Fitzek on 6/17/16.
+ */
+public class SimpleXAdESVerifier extends XAdESVerifier {
+
+    private static final Logger logger = LoggerFactory.getLogger(SimpleXAdESVerifier.class);
+
+
+    @Override
+    public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException {
+        // XAdES
+        try {
+            ASiCEntry xadesSignature = asic.getSignaturesEntries().get(0);
+
+            XAdESSignaturesType xAdESSignaturesType = null;
+            try {
+                xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class);
+            } catch (Throwable ex) {
+                logger.warn("Failed to process xml signature: ex");
+                throw new MOAApplicationException("asic.0003", null, ex);
+            }
+
+            if (xAdESSignaturesType == null) {
+                throw new MOAApplicationException("asic.0003", null);
+            }
+
+            int signatureSize = xAdESSignaturesType.getSignature().size();
+
+            try {
+                xadesSignature.getContents().reset();
+            } catch (IOException e) {
+                throw new MOARuntimeException("asic.0003", null, e);
+            }
+            Map namespaces = new HashMap();
+
+            namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#");
+            namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#");
+
+            for (int i = 0; i < signatureSize; i++) {
+
+                List<String> signedFiles = new ArrayList<String>();
+
+                Iterator<ReferenceType> it = xAdESSignaturesType.getSignature().get(i).getSignedInfo().getReference().iterator();
+                while (it.hasNext()) {
+                    ReferenceType refType = it.next();
+                    if (!refType.getURI().startsWith("#")) {
+                        signedFiles.add(refType.getURI());
+                    }
+                }
+
+                boolean addAll = signedFiles.isEmpty() && asic.getDataEntries().size() == 1;
+
+                Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator();
+
+                Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null);
+                List supplementsList = new ArrayList();
+                while (dataEntryIterator.hasNext()) {
+                    ASiCEntry dataEntry = dataEntryIterator.next();
+                    String uriName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8")
+                            .replaceAll("\\+", "%20")
+                            .replaceAll("\\%21", "!")
+                            .replaceAll("\\%27", "'")
+                            //.replaceAll("\\%28", "(")
+                            //.replaceAll("\\%29", ")")
+                            .replaceAll("\\%7E", "~");
+
+                    Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), uriName);
+                    XMLDataObjectAssociation association = SPSSFactoryImpl.getInstance().createXMLDataObjectAssociation(null, dataContent);
+                    SupplementProfile profile = SPSSFactoryImpl.getInstance().createSupplementProfile(association);
+                    supplementsList.add(profile);
+
+                    if (addAll) {
+                        signedFiles.add(dataEntry.getEntryName());
+                    }
+                }
+                String location = "(//ds:Signature)[" + (i + 1) + "]";
+
+                VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation(
+                        location, namespaces);
+
+                VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation);
+
+                VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest(
+                        date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true);
+
+                response.add(new ASiCVerificationResult(signedFiles,
+                        XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest)));
+            }
+        } catch(UnsupportedEncodingException e) {
+            logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e);
+            throw new MOARuntimeException("asic.0003", null, e);
+        }
+    }
+
+    @Override
+    public boolean handles(ASiC asic) {
+        return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat());
+    }
+}
+\ No newline at end of file
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2016-06-20 12:45:07 +0200
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2016-06-20 12:45:07 +0200
commit	53ae98cdfa510650c1e015efd0d11a96ad4dc87a (patch)
tree	8e7ab77a9208b541416d14bbdb15e7211ff40c5b /moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java
parent	acf1b849ab835bc6797adfb91f8ab4fa88f0aff5 (diff)
download	moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.tar.gz moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.tar.bz2 moa-sig-53ae98cdfa510650c1e015efd0d11a96ad4dc87a.zip