diff options
author | Thomas <> | 2021-03-24 12:16:25 +0100 |
---|---|---|
committer | Thomas <> | 2021-03-24 12:16:25 +0100 |
commit | 835a395f3ecb7477b5b67e9da9bf3af58c86473a (patch) | |
tree | 916fa7705879063f6b83517d80197c37dc53caf8 /moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl | |
parent | a972fba0402eca3c5fcfcd1eef1979808fd716a1 (diff) | |
parent | 666d8c9f8cec7573e60a14ab039c0874f6a9ec53 (diff) | |
download | moa-sig-835a395f3ecb7477b5b67e9da9bf3af58c86473a.tar.gz moa-sig-835a395f3ecb7477b5b67e9da9bf3af58c86473a.tar.bz2 moa-sig-835a395f3ecb7477b5b67e9da9bf3af58c86473a.zip |
Merge branch 'master' of gitlab.iaik.tugraz.at:egiz/moa-sig
# Conflicts:
# moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
# moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
Diffstat (limited to 'moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl')
35 files changed, 1181 insertions, 1066 deletions
diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java index bce179d..65c6ccc 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java @@ -1,134 +1,151 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.api.ASiCFormat; -import at.gv.egiz.asic.impl.handler.*; -import at.gv.egovernment.moa.spss.MOAApplicationException; -import at.gv.egovernment.moa.spss.MOAException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; +import java.util.HashMap; import java.util.Iterator; import java.util.List; +import java.util.Map; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.api.ASiC; +import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.api.ASiCFormat; +import at.gv.egiz.asic.impl.handler.AllDataHandler; +import at.gv.egiz.asic.impl.handler.MetaInfHandler; +import at.gv.egiz.asic.impl.handler.MimefileHandler; +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class ASiCBaseFormatFactory implements ASiCContainer { - private static final Logger logger = LoggerFactory.getLogger(ASiCBaseFormatFactory.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCBaseFormatFactory.class); - protected boolean cadesSigned = false; - protected boolean xadesSigned = false; - protected boolean timestamped = false; + protected boolean cadesSigned = false; + protected boolean xadesSigned = false; + protected boolean timestamped = false; - protected String mimeType = null; + protected String mimeType = null; - protected List<ASiCEntry> signatureEntries = new ArrayList<ASiCEntry>(); - protected List<ASiCEntry> dataEntries = new ArrayList<ASiCEntry>(); - protected List<ASiCEntry> informationEntries = new ArrayList<ASiCEntry>(); + protected List<ASiCEntry> signatureEntries = new ArrayList<>(); + protected Map<String, ASiCEntry> dataEntries = new HashMap<>(); + protected List<ASiCEntry> informationEntries = new ArrayList<>(); - protected List<EntryHandler> handlers = new ArrayList<EntryHandler>(); + protected List<EntryHandler> handlers = new ArrayList<>(); - @Override - public void addDataEntry(ASiCEntry entry) { - this.dataEntries.add(entry); - } + @Override + public void addDataEntry(ASiCEntry entry) throws MOAApplicationException { + // check if entry with a specific name already exists + if (!dataEntries.containsKey(entry.getEntryName())) { + this.dataEntries.put(entry.getEntryName(), entry); - @Override - public void addSignatureEntry(ASiCEntry entry) { - this.signatureEntries.add(entry); + } else { + logger.warn("ASiC container already contains a DataEntry with name: " + entry.getEntryName() + + " ASiC container is INVALID"); + throw new MOAApplicationException("asic.0017", new Object[] { entry.getEntryName() }); } + } - @Override - public void addInformationEntry(ASiCEntry entry) { - this.informationEntries.add(entry); - } + @Override + public void addSignatureEntry(ASiCEntry entry) { + this.signatureEntries.add(entry); + } - public ASiCBaseFormatFactory() { - handlers.add(new MimefileHandler()); - handlers.add(new MetaInfHandler()); - handlers.add(new AllDataHandler()); - } - - public abstract ASiCFormat factoryFormat(); + @Override + public void addInformationEntry(ASiCEntry entry) { + this.informationEntries.add(entry); + } - protected abstract void validate() throws MOAException; + public ASiCBaseFormatFactory() { + handlers.add(new MimefileHandler()); + handlers.add(new MetaInfHandler()); + handlers.add(new AllDataHandler()); + } - public ASiC createASiC(InputStream is) throws MOAException { + public abstract ASiCFormat factoryFormat(); - ZipCommentReaderStream commentReaderStream = new ZipCommentReaderStream(is); + protected abstract void validate() throws MOAException; - ZipInputStream zipInputStream = new ZipInputStream(commentReaderStream); + public ASiC createASiC(InputStream is) throws MOAException { - try { - for (ZipEntry entry = zipInputStream.getNextEntry(); entry != null; entry = zipInputStream.getNextEntry()) { - String entryName = entry.getName(); + final ZipCommentReaderStream commentReaderStream = new ZipCommentReaderStream(is); - Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); - while (handlerIterator.hasNext()) { - EntryHandler entryHandler = handlerIterator.next(); + final ZipInputStream zipInputStream = new ZipInputStream(commentReaderStream); - if (entryHandler.handle(entryName, zipInputStream, this)) { - break; - } - } - } - } catch(IOException e) { - logger.info("Failed to read from ASiC Container", e); - throw new MOAApplicationException("asic.0007", null); - } + try { + for (ZipEntry entry = zipInputStream.getNextEntry(); entry != null; entry = zipInputStream + .getNextEntry()) { + final String entryName = entry.getName(); + final Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); + while (handlerIterator.hasNext()) { + final EntryHandler entryHandler = handlerIterator.next(); - if(this.mimeType == null) { - String mimeTypeComment = commentReaderStream.getFileComment(); - if(mimeTypeComment != null) { - this.mimeType = mimeTypeComment; - } + if (entryHandler.handle(entryName, zipInputStream, this)) { + break; + } } - - this.validate(); - - // unpack and retrieve all available information on ASiC signature - return new ASiCImpl(this.factoryFormat(), this.xadesSigned, this.cadesSigned, this.signatureEntries, dataEntries, this.informationEntries); + } + } catch (final IOException e) { + logger.info("Failed to read from ASiC Container", e); + throw new MOAApplicationException("asic.0007", null); } - @Override - public void setMimeType(String mimeType) { - this.mimeType = mimeType; + if (this.mimeType == null) { + final String mimeTypeComment = commentReaderStream.getFileComment(); + if (mimeTypeComment != null) { + this.mimeType = mimeTypeComment; + } } - public void setIsXAdES() throws MOAException { - if(this.cadesSigned) { - throw new MOAApplicationException("asic.0010", null); - } - this.xadesSigned = true; - } + this.validate(); - public void setIsCAdES() throws MOAException { - if(this.xadesSigned) { - throw new MOAApplicationException("asic.0010", null); - } - this.cadesSigned = true; - } + // unpack and retrieve all available information on ASiC signature + return new ASiCImpl(this.factoryFormat(), this.xadesSigned, this.cadesSigned, this.signatureEntries, + dataEntries.values(), this.informationEntries); + } - public void setIsTimestamped() throws MOAException { - throw new MOAApplicationException("asic.0013", null); - } + @Override + public void setMimeType(String mimeType) { + this.mimeType = mimeType; + } - @Override - public void setIsEvidenceERS() throws MOAException { - throw new MOAApplicationException("asic.0011", null); + @Override + public void setIsXAdES() throws MOAException { + if (this.cadesSigned) { + throw new MOAApplicationException("asic.0010", null); } + this.xadesSigned = true; + } - @Override - public void setIsEvidenceXML() throws MOAException { - throw new MOAApplicationException("asic.0012", null); + @Override + public void setIsCAdES() throws MOAException { + if (this.xadesSigned) { + throw new MOAApplicationException("asic.0010", null); } + this.cadesSigned = true; + } + + @Override + public void setIsTimestamped() throws MOAException { + throw new MOAApplicationException("asic.0013", null); + } + + @Override + public void setIsEvidenceERS() throws MOAException { + throw new MOAApplicationException("asic.0011", null); + } + + @Override + public void setIsEvidenceXML() throws MOAException { + throw new MOAApplicationException("asic.0012", null); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java index 73d1566..26f2924 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java @@ -1,6 +1,7 @@ package at.gv.egiz.asic.impl; import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; /** @@ -8,15 +9,22 @@ import at.gv.egovernment.moa.spss.MOAException; */ public interface ASiCContainer { - public void setMimeType(String mimeType); - public void addDataEntry(ASiCEntry entry); - public void addSignatureEntry(ASiCEntry entry); - public void addInformationEntry(ASiCEntry entry); + void setMimeType(String mimeType); - public void setIsXAdES() throws MOAException; - public void setIsCAdES() throws MOAException; - public void setIsEvidenceERS() throws MOAException; - public void setIsEvidenceXML() throws MOAException; - public void setIsTimestamped() throws MOAException; + void addDataEntry(ASiCEntry entry) throws MOAApplicationException; + + void addSignatureEntry(ASiCEntry entry); + + void addInformationEntry(ASiCEntry entry); + + void setIsXAdES() throws MOAException; + + void setIsCAdES() throws MOAException; + + void setIsEvidenceERS() throws MOAException; + + void setIsEvidenceXML() throws MOAException; + + void setIsTimestamped() throws MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java index f71552b..854bf81 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java @@ -1,51 +1,49 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCFormat; -import at.gv.egiz.asic.impl.handler.*; +import java.util.Collections; +import java.util.Iterator; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.io.IOException; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.Collections; -import java.util.Iterator; -import java.util.List; -import java.util.zip.ZipEntry; -import java.util.zip.ZipInputStream; +import at.gv.egiz.asic.api.ASiCFormat; +import at.gv.egiz.asic.impl.handler.ExtendedASiCCAdESHandler; +import at.gv.egiz.asic.impl.handler.ExtendedASiCXAdESHandler; +import at.gv.egiz.asic.impl.handler.ExtendedEvidenceERSRecordHandler; +import at.gv.egiz.asic.impl.handler.ExtendedEvidenceXMLRecordHandler; +import at.gv.egiz.asic.impl.handler.HandlerSorter; /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCExtendedFormatFactory extends ASiCBaseFormatFactory { - private static final Logger logger = LoggerFactory.getLogger(ASiCExtendedFormatFactory.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCExtendedFormatFactory.class); - public ASiCExtendedFormatFactory() { - super(); - handlers.add(new ExtendedASiCCAdESHandler()); - handlers.add(new ExtendedASiCXAdESHandler()); - handlers.add(new ExtendedEvidenceERSRecordHandler()); - handlers.add(new ExtendedEvidenceXMLRecordHandler()); + public ASiCExtendedFormatFactory() { + super(); + handlers.add(new ExtendedASiCCAdESHandler()); + handlers.add(new ExtendedASiCXAdESHandler()); + handlers.add(new ExtendedEvidenceERSRecordHandler()); + handlers.add(new ExtendedEvidenceXMLRecordHandler()); - Collections.sort(handlers, new HandlerSorter()); + Collections.sort(handlers, new HandlerSorter()); - logger.debug("Handler ordering for ASiCExtendedFormatFactory"); - Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); - while(handlerIterator.hasNext()) { - EntryHandler entryHandler = handlerIterator.next(); - logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); - } + logger.debug("Handler ordering for ASiCExtendedFormatFactory"); + final Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); + while (handlerIterator.hasNext()) { + final EntryHandler entryHandler = handlerIterator.next(); + logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); } + } - @Override - protected void validate() { + @Override + protected void validate() { - } + } - @Override - public ASiCFormat factoryFormat() { - return ASiCFormat.ASiCE; - } + @Override + public ASiCFormat factoryFormat() { + return ASiCFormat.ASiCE; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java index c78385a..e7cfc7e 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java @@ -1,73 +1,75 @@ package at.gv.egiz.asic.impl; +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; -import java.util.ArrayList; -import java.util.List; - /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCImpl implements ASiC { - private ASiCFormat format; - private boolean xades; - private boolean cades; + private final ASiCFormat format; + private final boolean xades; + private final boolean cades; - protected List<ASiCEntry> signatureEntries = new ArrayList<ASiCEntry>(); - protected List<ASiCEntry> dataEntries = new ArrayList<ASiCEntry>(); - protected List<ASiCEntry> informationEntries = new ArrayList<ASiCEntry>(); + protected List<ASiCEntry> signatureEntries = new ArrayList<>(); + protected Collection<ASiCEntry> dataEntries = new ArrayList<>(); + protected List<ASiCEntry> informationEntries = new ArrayList<>(); - public ASiCImpl(ASiCFormat format, boolean xades, boolean cades, List<ASiCEntry> signatureEntries, List<ASiCEntry> dataEntries, List<ASiCEntry> informationEntries) { - this.format = format; - this.xades = xades; - this.cades = cades; - this.signatureEntries = signatureEntries; - this.dataEntries = dataEntries; - this.informationEntries = informationEntries; - } + public ASiCImpl(ASiCFormat format, boolean xades, boolean cades, List<ASiCEntry> signatureEntries, + Collection<ASiCEntry> collection, List<ASiCEntry> informationEntries) { + this.format = format; + this.xades = xades; + this.cades = cades; + this.signatureEntries = signatureEntries; + this.dataEntries = collection; + this.informationEntries = informationEntries; + } - @Override - public ASiCFormat getFormat() { - return format; - } + @Override + public ASiCFormat getFormat() { + return format; + } - @Override - public boolean isXAdES() { - return xades; - } + @Override + public boolean isXAdES() { + return xades; + } - @Override - public boolean isCAdES() { - return cades; - } + @Override + public boolean isCAdES() { + return cades; + } - @Override - public List<ASiCEntry> getSignaturesEntries() { - return signatureEntries; - } + @Override + public List<ASiCEntry> getSignaturesEntries() { + return signatureEntries; + } - @Override - public List<ASiCEntry> getDataEntries() { - return dataEntries; - } + @Override + public Collection<ASiCEntry> getDataEntries() { + return dataEntries; + } - @Override - public List<ASiCEntry> getInformationEntries() { - return informationEntries; - } + @Override + public List<ASiCEntry> getInformationEntries() { + return informationEntries; + } - @Override - public String toString() { - return "ASiCImpl{" + - "format=" + format + - ", xades=" + xades + - ", cades=" + cades + - ", signatureEntries=" + signatureEntries + - ", dataEntries=" + dataEntries + - ", informationEntries=" + informationEntries + - '}'; - } + @Override + public String toString() { + return "ASiCImpl{" + + "format=" + format + + ", xades=" + xades + + ", cades=" + cades + + ", signatureEntries=" + signatureEntries + + ", dataEntries=" + dataEntries + + ", informationEntries=" + informationEntries + + '}'; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java index 51392da..1ae32ed 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java @@ -1,87 +1,62 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.ASiCManifestType; -import at.gv.egiz.asic.DataObjectReferenceType; -import at.gv.egiz.asic.ReferenceType; -import at.gv.egiz.asic.XAdESSignaturesType; -import at.gv.egiz.asic.api.*; +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.api.ASiC; +import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.api.ASiCVerifier; import at.gv.egiz.asic.impl.verifier.ExtendedCAdESVerifier; import at.gv.egiz.asic.impl.verifier.ExtendedXAdESVerifier; import at.gv.egiz.asic.impl.verifier.SimpleCAdESVerifier; import at.gv.egiz.asic.impl.verifier.SimpleXAdESVerifier; -import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.MOARuntimeException; import at.gv.egovernment.moa.spss.MOASystemException; -import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.*; -import at.gv.egovernment.moa.spss.api.common.*; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; -import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import at.gv.egovernment.moa.spss.server.invoke.VerifyCMSSignatureResponseBuilder; -import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; -import iaik.server.cmspdfverify.CertificateValidationResult; -import org.apache.commons.codec.binary.Hex; -import org.apache.commons.io.IOUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.xml.bind.DataBindingException; -import javax.xml.bind.JAXB; -import javax.xml.crypto.dsig.Reference; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.DigestInputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.cert.X509Certificate; -import java.util.*; /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCMOAVerifier implements ASiCVerifier { - private static final Logger logger = LoggerFactory.getLogger(ASiCMOAVerifier.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCMOAVerifier.class); - private List<Verifier> verifierMap = new ArrayList<Verifier>(); + private final List<Verifier> verifierMap = new ArrayList<>(); - public ASiCMOAVerifier() { - verifierMap.add(new SimpleCAdESVerifier()); - verifierMap.add(new SimpleXAdESVerifier()); - verifierMap.add(new ExtendedCAdESVerifier()); - verifierMap.add(new ExtendedXAdESVerifier()); - } + public ASiCMOAVerifier() { + verifierMap.add(new SimpleCAdESVerifier()); + verifierMap.add(new SimpleXAdESVerifier()); + verifierMap.add(new ExtendedCAdESVerifier()); + verifierMap.add(new ExtendedXAdESVerifier()); + } - @Override - public List<ASiCVerificationResult> verify(ASiC asic, String trustProfileID, Date date) throws MOAException { - List<ASiCVerificationResult> response = new ArrayList<ASiCVerificationResult>(); - boolean handled = false; + @Override + public List<ASiCVerificationResult> verify(ASiC asic, String trustProfileID, Date date) + throws MOAException { + final List<ASiCVerificationResult> response = new ArrayList<>(); + boolean handled = false; - Iterator<Verifier> verifierIterator = verifierMap.iterator(); + final Iterator<Verifier> verifierIterator = verifierMap.iterator(); - while (verifierIterator.hasNext()) { - Verifier verifier = verifierIterator.next(); - if (verifier.handles(asic)) { - verifier.verify(asic, trustProfileID, date, response); - handled = true; - break; - } - } - - if (!handled) { - logger.warn("Cannot handle ASiC: {}", asic); - throw new MOASystemException("asic.0016", null); - } + while (verifierIterator.hasNext()) { + final Verifier verifier = verifierIterator.next(); + if (verifier.handles(asic)) { + verifier.verify(asic, trustProfileID, date, response); + handled = true; + break; + } + } - return response; + if (!handled) { + logger.warn("Cannot handle ASiC: {}", asic); + throw new MOASystemException("asic.0016", null); } + return response; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java index 90b3081..f478f93 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java @@ -1,54 +1,59 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiCFormat; -import at.gv.egiz.asic.impl.handler.*; -import at.gv.egovernment.moa.spss.MOAApplicationException; +import java.util.Collections; +import java.util.Iterator; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.util.Collections; -import java.util.Iterator; +import at.gv.egiz.asic.api.ASiCFormat; +import at.gv.egiz.asic.impl.handler.HandlerSorter; +import at.gv.egiz.asic.impl.handler.SimpleASiCCAdESHandler; +import at.gv.egiz.asic.impl.handler.SimpleASiCXAdESHandler; +import at.gv.egiz.asic.impl.handler.SimpleEvidenceERSRecordHandler; +import at.gv.egiz.asic.impl.handler.SimpleEvidenceXMLRecordHandler; +import at.gv.egovernment.moa.spss.MOAApplicationException; /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCSimpleFormatFactory extends ASiCBaseFormatFactory { - private static final Logger logger = LoggerFactory.getLogger(ASiCSimpleFormatFactory.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCSimpleFormatFactory.class); - public ASiCSimpleFormatFactory() { - super(); + public ASiCSimpleFormatFactory() { + super(); - handlers.add(new SimpleASiCCAdESHandler()); - handlers.add(new SimpleASiCXAdESHandler()); - handlers.add(new SimpleEvidenceXMLRecordHandler()); - handlers.add(new SimpleEvidenceERSRecordHandler()); + handlers.add(new SimpleASiCCAdESHandler()); + handlers.add(new SimpleASiCXAdESHandler()); + handlers.add(new SimpleEvidenceXMLRecordHandler()); + handlers.add(new SimpleEvidenceERSRecordHandler()); - Collections.sort(handlers, new HandlerSorter()); + Collections.sort(handlers, new HandlerSorter()); - logger.debug("Handler ordering for ASiCSimpleFormatFactory"); - Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); - while(handlerIterator.hasNext()) { - EntryHandler entryHandler = handlerIterator.next(); - logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); - } + logger.debug("Handler ordering for ASiCSimpleFormatFactory"); + final Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); + while (handlerIterator.hasNext()) { + final EntryHandler entryHandler = handlerIterator.next(); + logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); } + } - @Override - protected void validate() throws MOAApplicationException { - if(this.dataEntries.size() != 1) { - logger.warn("There can only be one data entry for ASiC signatures in simple format"); - throw new MOAApplicationException("asic.0014", null); - } - - if(this.signatureEntries.size() != 1) { - logger.warn("There can only be one signature entry for ASiC signatures in simple format"); - throw new MOAApplicationException("asic.0015", null); - } + @Override + protected void validate() throws MOAApplicationException { + if (this.dataEntries.size() != 1) { + logger.warn("There can only be one data entry for ASiC signatures in simple format"); + throw new MOAApplicationException("asic.0014", null); } - @Override - public ASiCFormat factoryFormat() { - return ASiCFormat.ASiCS; + if (this.signatureEntries.size() != 1) { + logger.warn("There can only be one signature entry for ASiC signatures in simple format"); + throw new MOAApplicationException("asic.0015", null); } + } + + @Override + public ASiCFormat factoryFormat() { + return ASiCFormat.ASiCS; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java new file mode 100644 index 0000000..fe88a0e --- /dev/null +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java @@ -0,0 +1,38 @@ +package at.gv.egiz.asic.impl; + +public class AsicSignedFilesContainer { + + private String uri = null; + private String hashAlg = null; + + /** + * Container element with ASIC signed files information + * + * @param uri Identifier of the file + * @param hashAlg Hash algorithm that is used to hash the file + */ + public AsicSignedFilesContainer(String uri, String hashAlg) { + this.uri = uri; + this.hashAlg = hashAlg; + + } + + /** + * Get file identifier + * + * @return + */ + public String getUri() { + return uri; + } + + /** + * Get hash algorithm that is used to hash the file + * + * @return + */ + public String getHashAlg() { + return hashAlg; + } + +} diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java index 7767b33..e5e19ed 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java @@ -1,14 +1,15 @@ package at.gv.egiz.asic.impl; -import at.gv.egovernment.moa.spss.MOAException; - import java.io.IOException; import java.io.InputStream; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by afitzek on 6/15/16. */ public interface EntryHandler { - public int getPriority(); - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAException; + int getPriority(); + + boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java index 95a2450..29bba58 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java @@ -1,18 +1,18 @@ package at.gv.egiz.asic.impl; +import java.util.Date; +import java.util.List; + import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCVerificationResult; import at.gv.egovernment.moa.spss.MOAException; -import java.util.Date; -import java.util.List; - /** * Created by Andreas Fitzek on 6/17/16. */ public interface Verifier { - public boolean handles(ASiC asic); + boolean handles(ASiC asic); - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) - throws MOAException; + void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java index 93b7651..dacc76e 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java @@ -1,7 +1,5 @@ package at.gv.egiz.asic.impl; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; @@ -10,171 +8,171 @@ import java.io.InputStream; */ public class ZipCommentReaderStream extends InputStream { - private InputStream inputStream; + private final InputStream inputStream; - private int[] tempBuffer = new int[22]; + private final int[] tempBuffer = new int[22]; - private int[] commentBuffer = null; + private int[] commentBuffer = null; - private int commentBufferContentLen = 0; - private int commentBufferContentOff = 0; + private int commentBufferContentLen = 0; + private int commentBufferContentOff = 0; - private int tempBufferContentLen = 0; - private int tempBufferContentOff = 0; + private int tempBufferContentLen = 0; + private int tempBufferContentOff = 0; - private String fileComment = null; + private String fileComment = null; - private static final byte[] directoryRecord = new byte[] { (byte)0x50, (byte)0x4b, 0x05, 0x06 }; + private static final byte[] directoryRecord = new byte[] { (byte) 0x50, (byte) 0x4b, 0x05, 0x06 }; - public ZipCommentReaderStream(InputStream inputStream) { - this.inputStream = inputStream; - } - - private int readIntIntoBuffer() throws IOException { - int tValue = this.inputStream.read(); - - if(this.tempBuffer.length <= tempBufferContentOff) { - throw new IOException("Temp Buffer is out of space! @ " + tempBufferContentOff); - } + public ZipCommentReaderStream(InputStream inputStream) { + this.inputStream = inputStream; + } - this.tempBuffer[tempBufferContentOff] = tValue; - tempBufferContentOff++; - tempBufferContentLen++; + private int readIntIntoBuffer() throws IOException { + final int tValue = this.inputStream.read(); - return tValue; + if (this.tempBuffer.length <= tempBufferContentOff) { + throw new IOException("Temp Buffer is out of space! @ " + tempBufferContentOff); } - private int readIntIntoCommentBuffer() throws IOException { - int tValue = this.inputStream.read(); + this.tempBuffer[tempBufferContentOff] = tValue; + tempBufferContentOff++; + tempBufferContentLen++; - if(this.commentBuffer.length <= commentBufferContentOff) { - throw new IOException("Comment Buffer is out of space! @ " + commentBufferContentOff); - } + return tValue; + } - this.commentBuffer[commentBufferContentOff] = tValue; - commentBufferContentOff++; - commentBufferContentLen++; + private int readIntIntoCommentBuffer() throws IOException { + final int tValue = this.inputStream.read(); - return tValue; + if (this.commentBuffer.length <= commentBufferContentOff) { + throw new IOException("Comment Buffer is out of space! @ " + commentBufferContentOff); } - private void checkMagicBytes() throws IOException { - boolean foundMagic = true; - tempBufferContentOff = 0; - tempBufferContentLen = 0; - for(int i = 1; i < directoryRecord.length; i++) { - int tValue = readIntIntoBuffer(); - if(tValue != directoryRecord[i]) { - foundMagic = false; - break; - } - if(tValue < 0) { - // Found EOF - return; - } - } + this.commentBuffer[commentBufferContentOff] = tValue; + commentBufferContentOff++; + commentBufferContentLen++; + + return tValue; + } + + private void checkMagicBytes() throws IOException { + boolean foundMagic = true; + tempBufferContentOff = 0; + tempBufferContentLen = 0; + for (int i = 1; i < directoryRecord.length; i++) { + final int tValue = readIntIntoBuffer(); + if (tValue != directoryRecord[i]) { + foundMagic = false; + break; + } + if (tValue < 0) { + // Found EOF + return; + } + } - if(foundMagic) { - // read input stream until comment length - for(int i = 0; i < 16; i++) { - int tValue = readIntIntoBuffer(); + if (foundMagic) { + // read input stream until comment length + for (int i = 0; i < 16; i++) { + final int tValue = readIntIntoBuffer(); - if(tValue < 0) { - // Found EOF - return; - } - } + if (tValue < 0) { + // Found EOF + return; + } + } - int commentlengthHigh = readIntIntoBuffer(); + final int commentlengthHigh = readIntIntoBuffer(); - if(commentlengthHigh < 0) { - // Found EOF - return; - } + if (commentlengthHigh < 0) { + // Found EOF + return; + } - int commentlengthLow = readIntIntoBuffer(); + final int commentlengthLow = readIntIntoBuffer(); - if(commentlengthLow < 0) { - // Found EOF - return; - } + if (commentlengthLow < 0) { + // Found EOF + return; + } - int commentLength = commentlengthLow * 255 + commentlengthHigh; + final int commentLength = commentlengthLow * 255 + commentlengthHigh; - if(commentLength == 0) { - return; - } + if (commentLength == 0) { + return; + } - this.commentBuffer = new int[commentLength]; + this.commentBuffer = new int[commentLength]; - commentBufferContentOff = 0; - commentBufferContentLen = 0; + commentBufferContentOff = 0; + commentBufferContentLen = 0; - // read comment buffer string - for(int i = 0; i < commentLength; i++) { - int tValue = readIntIntoCommentBuffer(); + // read comment buffer string + for (int i = 0; i < commentLength; i++) { + final int tValue = readIntIntoCommentBuffer(); - if(tValue < 0) { - // Found EOF - return; - } - } + if (tValue < 0) { + // Found EOF + return; + } + } - byte[] stringBuffer = new byte[this.commentBuffer.length]; + final byte[] stringBuffer = new byte[this.commentBuffer.length]; - for(int i = 0; i < stringBuffer.length; i++) { - stringBuffer[i] = (byte)this.commentBuffer[i]; - } + for (int i = 0; i < stringBuffer.length; i++) { + stringBuffer[i] = (byte) this.commentBuffer[i]; + } - this.fileComment = new String(stringBuffer); - } + this.fileComment = new String(stringBuffer); } + } - @Override - public int read() throws IOException { - int value = -1; - if(tempBufferContentLen > 0) { - value = this.tempBuffer[tempBufferContentOff]; - tempBufferContentOff++; + @Override + public int read() throws IOException { + int value = -1; + if (tempBufferContentLen > 0) { + value = this.tempBuffer[tempBufferContentOff]; + tempBufferContentOff++; - // reset temp buffer - if(tempBufferContentOff >= tempBufferContentLen) { - tempBufferContentOff = 0; - tempBufferContentLen = 0; - } + // reset temp buffer + if (tempBufferContentOff >= tempBufferContentLen) { + tempBufferContentOff = 0; + tempBufferContentLen = 0; + } - return value; - } + return value; + } - if(this.commentBuffer != null) { - value = this.commentBuffer[commentBufferContentOff]; + if (this.commentBuffer != null) { + value = this.commentBuffer[commentBufferContentOff]; - commentBufferContentOff++; + commentBufferContentOff++; - // reset comment buffer - if(commentBufferContentOff >= commentBufferContentLen) { - commentBufferContentOff = 0; - commentBufferContentLen = 0; - this.commentBuffer = null; - } + // reset comment buffer + if (commentBufferContentOff >= commentBufferContentLen) { + commentBufferContentOff = 0; + commentBufferContentLen = 0; + this.commentBuffer = null; + } - return value; - } - - value = this.inputStream.read(); + return value; + } - if(value == directoryRecord[0] && this.fileComment == null) { - // might have found start of magic bytes - checkMagicBytes(); - // reset buffer offsets - tempBufferContentOff = 0; - commentBufferContentOff = 0; - } + value = this.inputStream.read(); - return value; + if (value == directoryRecord[0] && this.fileComment == null) { + // might have found start of magic bytes + checkMagicBytes(); + // reset buffer offsets + tempBufferContentOff = 0; + commentBufferContentOff = 0; } - public String getFileComment() { - return this.fileComment; - } + return value; + } + + public String getFileComment() { + return this.fileComment; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java index fa31bfc..e1d95c0 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java @@ -1,28 +1,30 @@ package at.gv.egiz.asic.impl.handler; +import java.io.IOException; +import java.io.InputStream; + import at.gv.egiz.asic.api.ASiCConstants; -import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; - -import java.io.IOException; -import java.io.InputStream; +import at.gv.egovernment.moa.spss.MOAApplicationException; /** * Created by afitzek on 6/15/16. */ public class AllDataHandler extends BaseHandler implements EntryHandler, ASiCConstants { - @Override - public int getPriority() { - return 100; - } + @Override + public int getPriority() { + return 100; + } - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, + MOAApplicationException { - ASiCEntry entry = buildASiCEntry(entryName, is); - container.addDataEntry(entry); + final ASiCEntry entry = buildASiCEntry(entryName, is); + container.addDataEntry(entry); - return true; - } + return true; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java index 2b5ca9a..208edb4 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java @@ -1,27 +1,28 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.api.ASiCConstants; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.impl.EntryHandler; -import org.apache.commons.io.IOUtils; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import org.apache.commons.io.IOUtils; + +import at.gv.egiz.asic.api.ASiCConstants; +import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.impl.EntryHandler; + /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class BaseHandler implements EntryHandler, ASiCConstants { - protected ASiCEntry buildASiCEntry(String entryName, InputStream is) throws IOException { - ASiCEntry entry = new ASiCEntry(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - IOUtils.copy(is, baos); - entry.setContents(new ByteArrayInputStream(baos.toByteArray())); - entry.setEntryName(entryName); - return entry; - } + protected ASiCEntry buildASiCEntry(String entryName, InputStream is) throws IOException { + final ASiCEntry entry = new ASiCEntry(); + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + IOUtils.copy(is, baos); + entry.setContents(new ByteArrayInputStream(baos.toByteArray())); + entry.setEntryName(entryName); + return entry; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java index 3ee97fc..fef2e38 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java @@ -5,16 +5,13 @@ import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; import at.gv.egovernment.moa.spss.MOAException; -import java.io.IOException; -import java.io.InputStream; - /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class CAdESHandler extends SignatureHandler implements EntryHandler, ASiCConstants { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsCAdES(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsCAdES(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java index f89c6d0..5ba05d6 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java @@ -3,16 +3,13 @@ package at.gv.egiz.asic.impl.handler; import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egovernment.moa.spss.MOAException; -import java.io.IOException; -import java.io.InputStream; - /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class EvidenceERSRecordHandler extends SignatureHandler { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsEvidenceERS(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsEvidenceERS(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java index 4516bb0..932687b 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java @@ -8,8 +8,8 @@ import at.gv.egovernment.moa.spss.MOAException; */ public abstract class EvidenceXMLRecordHandler extends SignatureHandler { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsEvidenceXML(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsEvidenceXML(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java index 464bcf6..6eb4d60 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java @@ -1,13 +1,12 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.api.ASiCConstants; - /** * Created by Andreas Fitzek on 6/15/16. */ public class ExtendedASiCCAdESHandler extends CAdESHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".p7s") && entryName.startsWith(FILE_META_INF) && entryName.contains("signature"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".p7s") && entryName.startsWith(FILE_META_INF) && entryName.contains( + "signature"); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java index 28b21a3..199dda1 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java @@ -2,10 +2,17 @@ package at.gv.egiz.asic.impl.handler; /** * Created by Andreas Fitzek on 6/15/16. + * + * Updated by Thomas Lenz on 02/03/17 */ public class ExtendedASiCXAdESHandler extends XAdESHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".xml") && entryName.startsWith(FILE_META_INF) && entryName.contains("signature"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".xml") + && entryName.startsWith(FILE_META_INF) + && entryName.contains("signatures") +// && !entryName.contains("ASiCManifest") +// && !entryName.contains("AsiCManifest") + ; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java index ccf9224..ab6f2d5 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java @@ -4,8 +4,9 @@ package at.gv.egiz.asic.impl.handler; * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedEvidenceERSRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".ers") && entryName.startsWith(FILE_META_INF) && entryName.contains("evidencerecord"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".ers") && entryName.startsWith(FILE_META_INF) && entryName.contains( + "evidencerecord"); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java index d24d61b..ecac8b6 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java @@ -4,8 +4,9 @@ package at.gv.egiz.asic.impl.handler; * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedEvidenceXMLRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".xml") && entryName.startsWith(FILE_META_INF) && entryName.contains("evidencerecord"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".xml") && entryName.startsWith(FILE_META_INF) && entryName.contains( + "evidencerecord"); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java index 36a215d..2f753cf 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java @@ -1,16 +1,16 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.impl.EntryHandler; - import java.util.Comparator; +import at.gv.egiz.asic.impl.EntryHandler; + /** * Created by afitzek on 6/15/16. */ public class HandlerSorter implements Comparator<EntryHandler> { - @Override - public int compare(EntryHandler o1, EntryHandler o2) { - return Integer.compare(o1.getPriority(), o2.getPriority()); - } + @Override + public int compare(EntryHandler o1, EntryHandler o2) { + return Integer.compare(o1.getPriority(), o2.getPriority()); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java index ec4f101..0127ea4 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java @@ -1,33 +1,33 @@ package at.gv.egiz.asic.impl.handler; +import java.io.IOException; +import java.io.InputStream; + import at.gv.egiz.asic.api.ASiCConstants; -import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; -import java.io.IOException; -import java.io.InputStream; - /** * Created by Andreas Fitzek on 6/15/16. */ public class MetaInfHandler extends BaseHandler implements EntryHandler, ASiCConstants { - @Override - public int getPriority() { - return 20; - } + @Override + public int getPriority() { + return 20; + } - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { - boolean metainf = entryName.startsWith(FILE_META_INF); + final boolean metainf = entryName.startsWith(FILE_META_INF); - if(metainf) { - ASiCEntry entry = buildASiCEntry(entryName, is); - container.addInformationEntry(entry); - return true; - } - - return false; + if (metainf) { + final ASiCEntry entry = buildASiCEntry(entryName, is); + container.addInformationEntry(entry); + return true; } + + return false; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java index 68fc87e..5a67fb8 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java @@ -1,36 +1,37 @@ package at.gv.egiz.asic.impl.handler; +import java.io.IOException; +import java.io.InputStream; + +import org.apache.commons.io.IOUtils; + import at.gv.egiz.asic.api.ASiCConstants; import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; -import org.apache.commons.io.IOUtils; - -import java.io.IOException; -import java.io.InputStream; /** * Created by afitzek on 6/15/16. */ public class MimefileHandler implements EntryHandler, ASiCConstants { - private boolean isMimeType(String entryName) { - return FILE_MIME_TYPE.equalsIgnoreCase(entryName); - } - - @Override - public int getPriority() { - return 1; - } + private boolean isMimeType(String entryName) { + return FILE_MIME_TYPE.equalsIgnoreCase(entryName); + } - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { + @Override + public int getPriority() { + return 1; + } - if(isMimeType(entryName)) { - String mimeType = IOUtils.toString(is, "UTF-8"); - container.setMimeType(mimeType); - return true; - } + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { - return false; + if (isMimeType(entryName)) { + final String mimeType = IOUtils.toString(is, "UTF-8"); + container.setMimeType(mimeType); + return true; } + + return false; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java index 621c9d4..08adbe9 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java @@ -1,36 +1,37 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.impl.ASiCContainer; -import at.gv.egovernment.moa.spss.MOAException; - import java.io.IOException; import java.io.InputStream; +import at.gv.egiz.asic.impl.ASiCContainer; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class SignatureHandler extends BaseHandler { - @Override - public int getPriority() { - return 0; - } - - protected abstract boolean matches(String entryName); + @Override + public int getPriority() { + return 0; + } - protected abstract void setType(ASiCContainer container) throws MOAException; + protected abstract boolean matches(String entryName); - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAException { - boolean signature = this.matches(entryName); + protected abstract void setType(ASiCContainer container) throws MOAException; - if(signature) { - this.setType(container); - container.addSignatureEntry(buildASiCEntry(entryName, is)); - return true; - } + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, + MOAException { + final boolean signature = this.matches(entryName); - return false; + if (signature) { + this.setType(container); + container.addSignatureEntry(buildASiCEntry(entryName, is)); + return true; } + return false; + } + } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java index fdeda41..b049767 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/15/16. */ public class SimpleASiCCAdESHandler extends CAdESHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "signature.p7s").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "signature.p7s").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java index 66a7546..8425b51 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/15/16. */ public class SimpleASiCXAdESHandler extends XAdESHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "signatures.xml").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "signatures.xml").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java index 58221f5..63a70da 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/17/16. */ public class SimpleEvidenceERSRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "evidencerecord.ers").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "evidencerecord.ers").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java index dacc218..db7c063 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/17/16. */ public class SimpleEvidenceXMLRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "evidencerecord.xml").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "evidencerecord.xml").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java index ff19759..19e37c1 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java @@ -10,8 +10,8 @@ import at.gv.egovernment.moa.spss.MOAException; */ public abstract class XAdESHandler extends SignatureHandler implements EntryHandler, ASiCConstants { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsXAdES(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsXAdES(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java index a0bc516..3060f67 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java @@ -1,61 +1,61 @@ package at.gv.egiz.asic.impl.verifier; -import at.gv.egiz.asic.impl.Verifier; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import java.util.HashMap; import java.util.Map; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.impl.Verifier; + /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class BaseVerifier implements Verifier { - protected static Map<String, String> hashTranslator = new HashMap<String, String>(); - - static { - hashTranslator.put("http://www.w3.org/2000/09/xmldsig#sha1", "SHA-1"); - hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha224", "SHA-224"); - hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha256", "SHA-256"); - hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha384", "SHA-384"); - hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha512", "SHA-512"); - hashTranslator.put("http://www.w3.org/2001/04/xmlenc#ripemd160", "RIPEMD-160"); - } - - private static final Logger logger = LoggerFactory.getLogger(BaseVerifier.class); - - protected boolean compareHash(byte[] reference, byte[] calculated, String refName) { - String referenceHex = Hex.encodeHexString(reference); - String calculatedHex = Hex.encodeHexString(calculated); - if(Arrays.equals(reference, calculated)) { - logger.info("Digest from manifest do match for {}", refName); - return true; - } else { - logger.info("Digest from manifest do not match for {}", refName); - logger.info("Digest from manifest for {} : {}", refName, referenceHex); - logger.info("Digest from calculated for {} : {}", refName, calculatedHex); - return false; - } + protected static Map<String, String> hashTranslator = new HashMap<>(); + + static { + hashTranslator.put("http://www.w3.org/2000/09/xmldsig#sha1", "SHA-1"); + hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha224", "SHA-224"); + hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha256", "SHA-256"); + hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha384", "SHA-384"); + hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha512", "SHA-512"); + hashTranslator.put("http://www.w3.org/2001/04/xmlenc#ripemd160", "RIPEMD-160"); + } + + private static final Logger logger = LoggerFactory.getLogger(BaseVerifier.class); + + protected boolean compareHash(byte[] reference, byte[] calculated, String refName) { + final String referenceHex = Hex.encodeHexString(reference); + final String calculatedHex = Hex.encodeHexString(calculated); + if (Arrays.equals(reference, calculated)) { + logger.debug("Digest from manifest do match for {}", refName); + return true; + } else { + logger.info("Digest from manifest do not match for {}", refName); + logger.info("Digest from manifest for {} : {}", refName, referenceHex); + logger.info("Digest from calculated for {} : {}", refName, calculatedHex); + return false; } + } - protected MessageDigest getMessageDigestFromURI(String uri) { - try { + protected MessageDigest getMessageDigestFromURI(String uri) { + try { - String algo = hashTranslator.get(uri); + String algo = hashTranslator.get(uri); - if(algo == null) { - algo = uri; - } + if (algo == null) { + algo = uri; + } - return MessageDigest.getInstance(algo); - } catch (NoSuchAlgorithmException e) { - return null; - } + return MessageDigest.getInstance(algo); + } catch (final NoSuchAlgorithmException e) { + return null; } + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java index 5ab677c..ac96f90 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java @@ -1,5 +1,8 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.InputStream; +import java.util.Date; + import at.gv.egiz.asic.api.ASiC; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; @@ -9,35 +12,34 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import java.io.InputStream; -import java.util.Date; - /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class CAdESVerifier extends BaseVerifier { - @Override - public boolean handles(ASiC asic) { - return asic.isCAdES(); - } + @Override + public boolean handles(ASiC asic) { + return asic.isCAdES(); + } - protected VerifyCMSSignatureResponse runCMSVerification(InputStream signedData, InputStream cmsSignature, - String trustProfileID, Date date) throws MOAException { - CMSContent cmsContent = SPSSFactory.getInstance().createCMSContent(signedData); - CMSDataObject cmsDataObject = SPSSFactory.getInstance().createCMSDataObject(null, cmsContent, null, null); + protected VerifyCMSSignatureResponse runCMSVerification(InputStream signedData, InputStream cmsSignature, + String trustProfileID, Date date) throws MOAException { + final CMSContent cmsContent = SPSSFactory.getInstance().createCMSContent(signedData); + final CMSDataObject cmsDataObject = SPSSFactory.getInstance().createCMSDataObject(null, cmsContent, null, + null); - VerifyCMSSignatureRequest verifyCMSSignatureRequest = - SPSSFactory.getInstance().createVerifyCMSSignatureRequest( - VerifyCMSSignatureRequest.ALL_SIGNATORIES, - date, - cmsSignature, - cmsDataObject, - trustProfileID, - false, - true); + final VerifyCMSSignatureRequest verifyCMSSignatureRequest = + SPSSFactory.getInstance().createVerifyCMSSignatureRequest( + VerifyCMSSignatureRequest.ALL_SIGNATORIES, + date, + cmsSignature, + cmsDataObject, + trustProfileID, + false, + true); - VerifyCMSSignatureResponse verifyResponse = CMSSignatureVerificationInvoker.getInstance().verifyCMSSignature( - verifyCMSSignatureRequest); - return verifyResponse; - } + final VerifyCMSSignatureResponse verifyResponse = CMSSignatureVerificationInvoker.getInstance() + .verifyCMSSignature( + verifyCMSSignatureRequest); + return verifyResponse; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java index e71f263..62ac1c8 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java @@ -1,168 +1,179 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.IOException; +import java.security.DigestInputStream; +import java.security.MessageDigest; +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import javax.xml.bind.JAXB; + +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import at.gv.egiz.asic.ASiCManifestType; import at.gv.egiz.asic.DataObjectReferenceType; import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.*; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.xml.bind.JAXB; -import java.io.IOException; -import java.security.DigestInputStream; -import java.security.MessageDigest; -import java.util.ArrayList; -import java.util.Date; -import java.util.Iterator; -import java.util.List; /** * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedCAdESVerifier extends CAdESVerifier { - private static final Logger logger = LoggerFactory.getLogger(ExtendedCAdESVerifier.class); + private static final Logger logger = LoggerFactory.getLogger(ExtendedCAdESVerifier.class); - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); - } + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); + } + + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + try { + final Iterator<ASiCEntry> informationsIterator = asic.getInformationEntries().iterator(); - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - try { - Iterator<ASiCEntry> informationsIterator = asic.getInformationEntries().iterator(); + while (informationsIterator.hasNext()) { + final ASiCEntry informationEntry = informationsIterator.next(); + + if (informationEntry.getEntryName().startsWith("META-INF/") && informationEntry.getEntryName() + .endsWith(".xml") + && informationEntry.getEntryName().contains("ASiCManifest")) { + // Got ASiC Manifest + final ASiCManifestType asiCManifestType = JAXB.unmarshal(informationEntry.getContents(), + ASiCManifestType.class); + final String signatureName = asiCManifestType.getSigReference().getURI(); + + ASiCEntry cadesSignature = null; + + // find referenced signature + final Iterator<ASiCEntry> cadesSignatureIterator = asic.getSignaturesEntries().iterator(); + + while (cadesSignatureIterator.hasNext()) { + final ASiCEntry tmpCadesSignature = cadesSignatureIterator.next(); + if (signatureName.equalsIgnoreCase(tmpCadesSignature.getEntryName())) { + cadesSignature = tmpCadesSignature; + break; + } + } - while (informationsIterator.hasNext()) { - ASiCEntry informationEntry = informationsIterator.next(); - - if (informationEntry.getEntryName().startsWith("META-INF/") && informationEntry.getEntryName().endsWith(".xml") - && informationEntry.getEntryName().contains("ASiCManifest")) { - // Got ASiC Manifest - ASiCManifestType asiCManifestType = JAXB.unmarshal(informationEntry.getContents(), ASiCManifestType.class); - String signatureName = asiCManifestType.getSigReference().getURI(); - - ASiCEntry cadesSignature = null; - - // find referenced signature - Iterator<ASiCEntry> cadesSignatureIterator = asic.getSignaturesEntries().iterator(); - - while (cadesSignatureIterator.hasNext()) { - ASiCEntry tmpCadesSignature = cadesSignatureIterator.next(); - if (signatureName.equalsIgnoreCase(tmpCadesSignature.getEntryName())) { - cadesSignature = tmpCadesSignature; - break; - } - } - - if (cadesSignature == null) { - throw new MOAApplicationException("asic.0004", new Object[]{signatureName}); - } - - // verify all references - - boolean allReferencesValid = true; - List<String> signedFiles = new ArrayList<String>(); - Iterator<DataObjectReferenceType> dataObjectReferenceTypeIterator = asiCManifestType.getDataObjectReference().iterator(); - while (dataObjectReferenceTypeIterator.hasNext()) { - DataObjectReferenceType dataObjectReferenceType = dataObjectReferenceTypeIterator.next(); - - String mdURI = dataObjectReferenceType.getDigestMethod().getAlgorithm(); - String uri = dataObjectReferenceType.getURI(); - signedFiles.add(uri); - - Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); - - while (dataEntryIterator.hasNext()) { - ASiCEntry dataEntry = dataEntryIterator.next(); - if (uri.equalsIgnoreCase(dataEntry.getEntryName())) { - MessageDigest md = this.getMessageDigestFromURI(mdURI); - if (md == null) { - throw new MOAApplicationException("asic.0005", new Object[]{mdURI}); - } - DigestInputStream dis = new DigestInputStream(dataEntry.getContents(), md); - byte[] buffer = new byte[8096]; - while (dis.read(buffer) > 0) ; - - if (!this.compareHash(dataObjectReferenceType.getDigestValue(), md.digest(), uri)) { - allReferencesValid = false; - } - - dataEntry.getContents().reset(); - break; - } - } - } - - if (allReferencesValid) { - logger.info("ASiCManifest {} references do match data files!", - informationEntry.getEntryName()); - } - - informationEntry.getContents().reset(); - MessageDigest md = this.getMessageDigestFromURI("SHA-256"); - DigestInputStream dis = new DigestInputStream(informationEntry.getContents(), md); - - VerifyCMSSignatureResponse verifyResponse = - this.runCMSVerification(dis, cadesSignature.getContents(), trustProfileID, date); - - dis.close(); - - String fullDigest = Hex.encodeHexString(md.digest()); - logger.info("CMS Input data {}", fullDigest); - - if (!allReferencesValid) { - logger.warn("ASiCManifest {} References do not match data files!", - informationEntry.getEntryName()); - List responseElements = new ArrayList(); - - SignerInfo signerInfo; - - - // add SignerInfo element - Iterator responseElementIterator = verifyResponse.getResponseElements().iterator(); - while (responseElementIterator.hasNext()) { - VerifyCMSSignatureResponseElement orig = (VerifyCMSSignatureResponseElement) - responseElementIterator.next(); - - CheckResult signatureCheck; - CheckResult certificateCheck; - - // add SignatureCheck element - signatureCheck = SPSSFactory.getInstance().createCheckResult(1, null); - - // build the response element - VerifyCMSSignatureResponseElement responseElement = - SPSSFactory.getInstance().createVerifyCMSSignatureResponseElement( - orig.getSignerInfo(), - signatureCheck, - orig.getCertificateCheck(), - orig.getAdESFormResults(), - orig.getExtendedCertificateCheck()); - responseElements.add(responseElement); - } - VerifyCMSSignatureResponse verifyCMSSignatureResponse = SPSSFactory.getInstance(). - createVerifyCMSSignatureResponse(responseElements); - response.add(new ASiCVerificationResult(signedFiles, verifyCMSSignatureResponse)); - continue; - } else { - response.add(new ASiCVerificationResult(signedFiles, verifyResponse)); - } + if (cadesSignature == null) { + throw new MOAApplicationException("asic.0004", new Object[] { signatureName }); + } + + // verify all references + + boolean allReferencesValid = true; + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + final Iterator<DataObjectReferenceType> dataObjectReferenceTypeIterator = asiCManifestType + .getDataObjectReference().iterator(); + while (dataObjectReferenceTypeIterator.hasNext()) { + final DataObjectReferenceType dataObjectReferenceType = dataObjectReferenceTypeIterator.next(); + + final String mdURI = dataObjectReferenceType.getDigestMethod().getAlgorithm(); + final String uri = dataObjectReferenceType.getURI(); + signedFiles.add(new AsicSignedFilesContainer(uri, mdURI)); + + final Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); + + while (dataEntryIterator.hasNext()) { + final ASiCEntry dataEntry = dataEntryIterator.next(); + if (uri.equalsIgnoreCase(dataEntry.getEntryName())) { + final MessageDigest md = this.getMessageDigestFromURI(mdURI); + if (md == null) { + throw new MOAApplicationException("asic.0005", new Object[] { mdURI }); } + final DigestInputStream dis = new DigestInputStream(dataEntry.getContents(), md); + final byte[] buffer = new byte[8096]; + while (dis.read(buffer) > 0) { + ; + } + + if (!this.compareHash(dataObjectReferenceType.getDigestValue(), md.digest(), uri)) { + allReferencesValid = false; + } + + dataEntry.getContents().reset(); + break; + } + } + } + + if (allReferencesValid) { + logger.info("ASiCManifest {} references do match data files!", + informationEntry.getEntryName()); + } + + informationEntry.getContents().reset(); + final MessageDigest md = this.getMessageDigestFromURI("SHA-256"); + final DigestInputStream dis = new DigestInputStream(informationEntry.getContents(), md); + + final VerifyCMSSignatureResponse verifyResponse = + this.runCMSVerification(dis, cadesSignature.getContents(), trustProfileID, date); + + dis.close(); + + final String fullDigest = Hex.encodeHexString(md.digest()); + logger.debug("CMS Input data {}", fullDigest); + + if (!allReferencesValid) { + logger.warn("ASiCManifest {} References do not match data files!", + informationEntry.getEntryName()); + final List responseElements = new ArrayList(); + + final SignerInfo signerInfo; + + // add SignerInfo element + final Iterator responseElementIterator = verifyResponse.getResponseElements().iterator(); + while (responseElementIterator.hasNext()) { + final VerifyCMSSignatureResponseElement orig = + (VerifyCMSSignatureResponseElement) responseElementIterator.next(); + + CheckResult signatureCheck; + final CheckResult certificateCheck; + + // add SignatureCheck element + signatureCheck = SPSSFactory.getInstance().createCheckResult(1, null); + + // build the response element + final VerifyCMSSignatureResponseElement responseElement = + SPSSFactory.getInstance().createVerifyCMSSignatureResponseElement( + orig.getSignerInfo(), + signatureCheck, + orig.getCertificateCheck(), + orig.getAdESFormResults(), + orig.getExtendedCertificateCheck(), + orig.getSignatureAlgorithm(), + null, + null); + responseElements.add(responseElement); } - } catch (IOException ex) { - throw new MOASystemException("asic.0003", null, ex); + final VerifyCMSSignatureResponse verifyCMSSignatureResponse = SPSSFactory.getInstance() + .createVerifyCMSSignatureResponse(responseElements); + response.add(new ASiCVerificationResult(signedFiles, verifyCMSSignatureResponse)); + continue; + } else { + response.add(new ASiCVerificationResult(signedFiles, verifyResponse)); + } } + } + } catch (final IOException ex) { + throw new MOASystemException("asic.0003", null, ex); } + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java index 58f0185..565921f 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java @@ -1,5 +1,30 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXB; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + import at.gv.egiz.asic.ReferenceType; import at.gv.egiz.asic.SignatureType; import at.gv.egiz.asic.XAdESSignaturesType; @@ -7,178 +32,195 @@ import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; +import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOARuntimeException; import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moaspss.util.URLEncoder; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.*; -import org.xml.sax.SAXException; - -import javax.xml.bind.*; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import java.io.*; -import java.util.*; /** * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedXAdESVerifier extends XAdESVerifier { - private static final Logger logger = LoggerFactory.getLogger(ExtendedXAdESVerifier.class); + private static final Logger logger = LoggerFactory.getLogger(ExtendedXAdESVerifier.class); - private void resetStream(InputStream is) { - try { - is.reset(); - } catch (IOException e) { - throw new MOARuntimeException("Failed to reset inputStream", null, e); - } + private void resetStream(InputStream is) { + try { + is.reset(); + } catch (final IOException e) { + throw new MOARuntimeException("Failed to reset inputStream", null, e); } + } - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - try { - Iterator<ASiCEntry> xadesSignatureIterator = asic.getSignaturesEntries().iterator(); + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + try { + final Iterator<ASiCEntry> xadesSignatureIterator = asic.getSignaturesEntries().iterator(); - while (xadesSignatureIterator.hasNext()) { - ASiCEntry xadesSignature = xadesSignatureIterator.next(); + while (xadesSignatureIterator.hasNext()) { + final ASiCEntry xadesSignature = xadesSignatureIterator.next(); - List<SignatureType> xmlSignatures = null; - //int signatureSize = 0; + List<SignatureType> xmlSignatures = null; + // int signatureSize = 0; - - // TODO: support not only XAdESSignaturesType object 4.4.3.2 + // TODO: support not only XAdESSignaturesType object 4.4.3.2 // XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - // signatureSize = xAdESSignaturesType.getSignature().size(); - - // this.resetStream(xadesSignature.getContents()); - DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); - dbFactory.setNamespaceAware(true); - //dbFactory.setValidating(true); - DocumentBuilder dBuilder = dbFactory.newDocumentBuilder(); - Document doc = dBuilder.parse(xadesSignature.getContents()); - - this.resetStream(xadesSignature.getContents()); - - org.w3c.dom.Element rootElement = doc.getDocumentElement(); - - if ("http://www.w3.org/2000/09/xmldsig#".equals(rootElement.getNamespaceURI()) && - "Signature".equals(rootElement.getTagName())) { - JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); - JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, SignatureType.class); - SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - xmlSignatures = new ArrayList<SignatureType>(); - xmlSignatures.add(xmlSignature); - } else if ("http://uri.etsi.org/02918/v1.2.1#".equals(rootElement.getNamespaceURI()) && - "XAdESSignatures".equals(rootElement.getLocalName())) { - XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - xmlSignatures = xAdESSignaturesType.getSignature(); - } else { - NodeList childrenNodes = rootElement.getChildNodes(); - for(int i = 0; i < childrenNodes.getLength(); i++) { - Node node = childrenNodes.item(i); - JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); - xmlSignatures = new ArrayList<SignatureType>(); - if ("http://www.w3.org/2000/09/xmldsig#".equals(node.getNamespaceURI()) && - "Signature".equals(rootElement.getTagName())) { - JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, SignatureType.class); - SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - xmlSignatures.add(xmlSignature); - } - } - } - - - this.resetStream(xadesSignature.getContents()); - - Map namespaces = new HashMap(); - - //namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); - namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); - - for (int i = 0; i < xmlSignatures.size(); i++) { - //NodeList nodes = (NodeList) result; - - //for(int i = 0; i < nodes.getLength(); i++) { - //Node node = nodes.item(i); - //JAXBContext jc = JAXBContext.newInstance( "at.gv.egiz.asic" ); - //JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(node, SignatureType.class); - //SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - List<String> signedFiles = new ArrayList<String>(); - - //Iterator<ReferenceType> it = xmlSignature.getSignedInfo().getReference().iterator(); - Iterator<ReferenceType> it = xmlSignatures.get(i).getSignedInfo().getReference().iterator(); - while (it.hasNext()) { - ReferenceType refType = it.next(); - if (!refType.getURI().startsWith("#")) { - signedFiles.add(refType.getURI()); - } - } - - Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); - - Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); - - List supplementsList = new ArrayList(); - while (dataEntryIterator.hasNext()) { - ASiCEntry dataEntry = dataEntryIterator.next(); - dataEntry.getContents().reset(); - String entryName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") - .replaceAll("\\+", "%20") - .replaceAll("\\%21", "!") - .replaceAll("\\%2F", "/") - //.replaceAll("\\%27", "'") - //.replaceAll("\\%28", "(") - //.replaceAll("\\%29", ")") - .replaceAll("\\%7E", "~"); - logger.info("Adding Entry : {}", entryName); - Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), entryName); - XMLDataObjectAssociation association = SPSSFactoryImpl.getInstance().createXMLDataObjectAssociation(null, dataContent); - SupplementProfile profile = SPSSFactoryImpl.getInstance().createSupplementProfile(association); - supplementsList.add(profile); - } - String location = "(//ds:Signature)[" + (i + 1) + "]"; - - VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation( - location, namespaces); - - VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation); - - VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest( - date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); - - response.add(new ASiCVerificationResult(signedFiles, - XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); - } + // signatureSize = xAdESSignaturesType.getSignature().size(); + + // this.resetStream(xadesSignature.getContents()); + final DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); + dbFactory.setNamespaceAware(true); + // dbFactory.setValidating(true); + final DocumentBuilder dBuilder = dbFactory.newDocumentBuilder(); + final Document doc = dBuilder.parse(xadesSignature.getContents()); + + this.resetStream(xadesSignature.getContents()); + + final org.w3c.dom.Element rootElement = doc.getDocumentElement(); + + if ("http://www.w3.org/2000/09/xmldsig#".equals(rootElement.getNamespaceURI()) && + "Signature".equals(rootElement.getTagName())) { + final JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); + final JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, + SignatureType.class); + final SignatureType xmlSignature = xmlSignatureJaxb.getValue(); + xmlSignatures = new ArrayList<>(); + xmlSignatures.add(xmlSignature); + } else if ("http://uri.etsi.org/02918/v1.2.1#".equals(rootElement.getNamespaceURI()) && + "XAdESSignatures".equals(rootElement.getLocalName())) { + final XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), + XAdESSignaturesType.class); + xmlSignatures = xAdESSignaturesType.getSignature(); + + // TODO: maybe add additional XAdES version + } else if ("http://uri.etsi.org/02918/v1.1.1#".equals(rootElement.getNamespaceURI()) && + "XAdESSignatures".equals(rootElement.getLocalName())) { + + logger.warn( + "ASiC v1.1.1 is not supported any more. MOA-SP only supports v1.2.1 (http://uri.etsi.org/02918/v1.2.1#)"); + // XAdESSignaturesType xAdESSignaturesType = + // JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); + // xmlSignatures = xAdESSignaturesType.getSignature(); + + } else { + final NodeList childrenNodes = rootElement.getChildNodes(); + for (int i = 0; i < childrenNodes.getLength(); i++) { + final Node node = childrenNodes.item(i); + final JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); + xmlSignatures = new ArrayList<>(); + if ("http://www.w3.org/2000/09/xmldsig#".equals(node.getNamespaceURI()) && + "Signature".equals(rootElement.getTagName())) { + final JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal( + rootElement, SignatureType.class); + final SignatureType xmlSignature = xmlSignatureJaxb.getValue(); + xmlSignatures.add(xmlSignature); } - } catch( UnsupportedEncodingException e) { - logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); - throw new MOARuntimeException("asic.0003", null, e); - } catch (IOException ex) { - throw new MOASystemException("asic.0003", null, ex); - } catch (ParserConfigurationException e) { - throw new MOASystemException("asic.0003", null, e); - } catch (SAXException e) { - throw new MOASystemException("asic.0003", null, e); - } catch (JAXBException e) { - throw new MOASystemException("asic.0003", null, e); + } } - } - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); + this.resetStream(xadesSignature.getContents()); + + final Map namespaces = new HashMap(); + + // namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); + namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); + + if (xmlSignatures == null || xmlSignatures.size() == 0) { + logger.info("ASiC container does not include a signature or signature format is not supported"); + throw new MOAApplicationException("asic.0016", null); + + } + + for (int i = 0; i < xmlSignatures.size(); i++) { + // NodeList nodes = (NodeList) result; + + // for(int i = 0; i < nodes.getLength(); i++) { + // Node node = nodes.item(i); + // JAXBContext jc = JAXBContext.newInstance( "at.gv.egiz.asic" ); + // JAXBElement<SignatureType> xmlSignatureJaxb = + // jc.createUnmarshaller().unmarshal(node, SignatureType.class); + // SignatureType xmlSignature = xmlSignatureJaxb.getValue(); + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + + // Iterator<ReferenceType> it = + // xmlSignature.getSignedInfo().getReference().iterator(); + final Iterator<ReferenceType> it = xmlSignatures.get(i).getSignedInfo().getReference().iterator(); + while (it.hasNext()) { + final ReferenceType refType = it.next(); + if (!refType.getURI().startsWith("#")) { + signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod() + .getAlgorithm())); + } + } + + final Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); + + final Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); + + final List supplementsList = new ArrayList(); + while (dataEntryIterator.hasNext()) { + final ASiCEntry dataEntry = dataEntryIterator.next(); + dataEntry.getContents().reset(); + final String entryName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") + .replaceAll("\\+", "%20") + .replaceAll("\\%21", "!") + .replaceAll("\\%2F", "/") + // .replaceAll("\\%27", "'") + // .replaceAll("\\%28", "(") + // .replaceAll("\\%29", ")") + .replaceAll("\\%7E", "~"); + logger.info("Adding Entry : {}", entryName); + final Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), + entryName); + final XMLDataObjectAssociation association = SPSSFactory.getInstance() + .createXMLDataObjectAssociation(null, dataContent); + final SupplementProfile profile = SPSSFactory.getInstance().createSupplementProfile(association); + supplementsList.add(profile); + } + final String location = "(//ds:Signature)[" + (i + 1) + "]"; + + final VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance() + .createVerifySignatureLocation( + location, namespaces); + + final VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo( + content, verifySignatureLocation); + + final VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance() + .createVerifyXMLSignatureRequest( + date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); + + response.add(new ASiCVerificationResult(signedFiles, + XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); + } + } + } catch (final UnsupportedEncodingException e) { + logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); + throw new MOARuntimeException("asic.0003", null, e); + } catch (final IOException ex) { + throw new MOASystemException("asic.0003", null, ex); + } catch (final ParserConfigurationException e) { + throw new MOASystemException("asic.0003", null, e); + } catch (final SAXException e) { + throw new MOASystemException("asic.0003", null, e); + } catch (final JAXBException e) { + throw new MOASystemException("asic.0003", null, e); } + } + + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java index b86e290..5af344a 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java @@ -1,45 +1,42 @@ package at.gv.egiz.asic.impl.verifier; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; /** * Created by Andreas Fitzek on 6/17/16. */ public class SimpleCAdESVerifier extends CAdESVerifier { - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); - } - - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - ASiCEntry cadesSignature = asic.getSignaturesEntries().get(0); + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); + } - ASiCEntry dataEntry = asic.getDataEntries().get(0); + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + final ASiCEntry cadesSignature = asic.getSignaturesEntries().get(0); - List<String> signedFiles = new ArrayList<String>(); - signedFiles.add(dataEntry.getEntryName()); + // get first element + final ASiCEntry dataEntry = asic.getDataEntries().iterator().next(); - VerifyCMSSignatureResponse verifyResponse = - this.runCMSVerification(dataEntry.getContents(), cadesSignature.getContents(), trustProfileID, date); + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); - response.add(new ASiCVerificationResult(signedFiles, - verifyResponse)); - } + final VerifyCMSSignatureResponse verifyResponse = + this.runCMSVerification(dataEntry.getContents(), cadesSignature.getContents(), trustProfileID, date); + response.add(new ASiCVerificationResult(signedFiles, + verifyResponse)); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java index a71462c..bc418e2 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java @@ -1,128 +1,142 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXB; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import at.gv.egiz.asic.ReferenceType; import at.gv.egiz.asic.XAdESSignaturesType; import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOARuntimeException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moaspss.util.URLEncoder; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.xml.bind.JAXB; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.util.*; /** * Created by Andreas Fitzek on 6/17/16. */ public class SimpleXAdESVerifier extends XAdESVerifier { - private static final Logger logger = LoggerFactory.getLogger(SimpleXAdESVerifier.class); - - - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - // XAdES - try { - ASiCEntry xadesSignature = asic.getSignaturesEntries().get(0); - - XAdESSignaturesType xAdESSignaturesType = null; - try { - xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - } catch (Throwable ex) { - logger.warn("Failed to process xml signature: ex"); - throw new MOAApplicationException("asic.0003", null, ex); - } - - if (xAdESSignaturesType == null) { - throw new MOAApplicationException("asic.0003", null); - } - - int signatureSize = xAdESSignaturesType.getSignature().size(); - - try { - xadesSignature.getContents().reset(); - } catch (IOException e) { - throw new MOARuntimeException("asic.0003", null, e); - } - Map namespaces = new HashMap(); - - namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); - namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); - - for (int i = 0; i < signatureSize; i++) { - - List<String> signedFiles = new ArrayList<String>(); - - Iterator<ReferenceType> it = xAdESSignaturesType.getSignature().get(i).getSignedInfo().getReference().iterator(); - while (it.hasNext()) { - ReferenceType refType = it.next(); - if (!refType.getURI().startsWith("#")) { - signedFiles.add(refType.getURI()); - } - } - - boolean addAll = signedFiles.isEmpty() && asic.getDataEntries().size() == 1; - - Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); - - Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); - List supplementsList = new ArrayList(); - while (dataEntryIterator.hasNext()) { - ASiCEntry dataEntry = dataEntryIterator.next(); - String uriName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") - .replaceAll("\\+", "%20") - .replaceAll("\\%21", "!") - .replaceAll("\\%27", "'") - //.replaceAll("\\%28", "(") - //.replaceAll("\\%29", ")") - .replaceAll("\\%7E", "~"); - - Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), uriName); - XMLDataObjectAssociation association = SPSSFactoryImpl.getInstance().createXMLDataObjectAssociation(null, dataContent); - SupplementProfile profile = SPSSFactoryImpl.getInstance().createSupplementProfile(association); - supplementsList.add(profile); - - if (addAll) { - signedFiles.add(dataEntry.getEntryName()); - } - } - String location = "(//ds:Signature)[" + (i + 1) + "]"; - - VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation( - location, namespaces); - - VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation); - - VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest( - date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); - - response.add(new ASiCVerificationResult(signedFiles, - XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); - } - } catch(UnsupportedEncodingException e) { - logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); - throw new MOARuntimeException("asic.0003", null, e); + private static final Logger logger = LoggerFactory.getLogger(SimpleXAdESVerifier.class); + + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + // XAdES + try { + final ASiCEntry xadesSignature = asic.getSignaturesEntries().get(0); + + XAdESSignaturesType xAdESSignaturesType = null; + try { + xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); + } catch (final Throwable ex) { + logger.warn("Failed to process xml signature: ex"); + throw new MOAApplicationException("asic.0003", null, ex); + } + + if (xAdESSignaturesType == null) { + throw new MOAApplicationException("asic.0003", null); + } + + final int signatureSize = xAdESSignaturesType.getSignature().size(); + + try { + xadesSignature.getContents().reset(); + } catch (final IOException e) { + throw new MOARuntimeException("asic.0003", null, e); + } + final Map namespaces = new HashMap(); + + namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); + namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); + + for (int i = 0; i < signatureSize; i++) { + + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + + final Iterator<ReferenceType> it = xAdESSignaturesType.getSignature().get(i).getSignedInfo() + .getReference().iterator(); + while (it.hasNext()) { + final ReferenceType refType = it.next(); + if (!refType.getURI().startsWith("#")) { + signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod() + .getAlgorithm())); + } } - } - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); + final boolean addAll = signedFiles.isEmpty() && asic.getDataEntries().size() == 1; + + final Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); + + final Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); + final List supplementsList = new ArrayList(); + while (dataEntryIterator.hasNext()) { + final ASiCEntry dataEntry = dataEntryIterator.next(); + final String uriName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") + .replaceAll("\\+", "%20") + .replaceAll("\\%21", "!") + .replaceAll("\\%27", "'") + // .replaceAll("\\%28", "(") + // .replaceAll("\\%29", ")") + .replaceAll("\\%7E", "~"); + + final Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), + uriName); + final XMLDataObjectAssociation association = SPSSFactory.getInstance() + .createXMLDataObjectAssociation(null, dataContent); + final SupplementProfile profile = SPSSFactory.getInstance().createSupplementProfile(association); + supplementsList.add(profile); + + if (addAll) { + signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); + } + } + final String location = "(//ds:Signature)[" + (i + 1) + "]"; + + final VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance() + .createVerifySignatureLocation( + location, namespaces); + + final VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo( + content, verifySignatureLocation); + + final VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance() + .createVerifyXMLSignatureRequest( + date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); + + response.add(new ASiCVerificationResult(signedFiles, + XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); + } + } catch (final UnsupportedEncodingException e) { + logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); + throw new MOARuntimeException("asic.0003", null, e); } + } + + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); + } }
\ No newline at end of file diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java index 904ad4e..2074464 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java @@ -1,54 +1,54 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.InputStream; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.api.ASiCVerificationResult; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.common.Content; -import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; -import at.gv.egovernment.moa.spss.api.xmlverify.*; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; -import java.io.InputStream; -import java.util.*; - /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class XAdESVerifier extends BaseVerifier { - @Override - public boolean handles(ASiC asic) { - return asic.isXAdES(); - } + @Override + public boolean handles(ASiC asic) { + return asic.isXAdES(); + } - protected VerifyXMLSignatureResponse runXMLVerification(InputStream signedData, InputStream xmlSignature, - String trustProfileID, Date date, List supplementsList, - String location, Map namespaces) throws MOAException { + protected VerifyXMLSignatureResponse runXMLVerification(InputStream signedData, InputStream xmlSignature, + String trustProfileID, Date date, List supplementsList, + String location, Map namespaces) throws MOAException { - if(namespaces == null) { - namespaces = new HashMap(); + if (namespaces == null) { + namespaces = new HashMap(); - namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); - namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); - } + namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); + namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); + } - Content content = SPSSFactory.getInstance().createContent(xmlSignature, null); + final Content content = SPSSFactory.getInstance().createContent(xmlSignature, null); - VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation( - location, namespaces); + final VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance() + .createVerifySignatureLocation( + location, namespaces); - VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation); + final VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo( + content, verifySignatureLocation); - VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest( - date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); + final VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance() + .createVerifyXMLSignatureRequest( + date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); - return XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest); - } + return XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest); + } } |