aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig-lib
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2015-12-02 15:48:52 +0100
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2015-12-02 15:48:52 +0100
commit191ba3411f2db0a48ae8d4243926b33a063bf769 (patch)
tree944b69da205c85c16fcc710a4dc7eaf921110fe5 /moaSig/moa-sig-lib
parentf26449517c01e456f677d3e47edf9cafad6e70e0 (diff)
downloadmoa-sig-191ba3411f2db0a48ae8d4243926b33a063bf769.tar.gz
moa-sig-191ba3411f2db0a48ae8d4243926b33a063bf769.tar.bz2
moa-sig-191ba3411f2db0a48ae8d4243926b33a063bf769.zip
IAIK Moa CAdES added, cms verification not working
Diffstat (limited to 'moaSig/moa-sig-lib')
-rw-r--r--moaSig/moa-sig-lib/build.gradle1
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java6
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java2
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java10
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java9
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java10
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java12
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java3
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java39
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java8
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java2
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java106
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java29
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java5
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java16
15 files changed, 209 insertions, 49 deletions
diff --git a/moaSig/moa-sig-lib/build.gradle b/moaSig/moa-sig-lib/build.gradle
index 7e46f0a..adb053f 100644
--- a/moaSig/moa-sig-lib/build.gradle
+++ b/moaSig/moa-sig-lib/build.gradle
@@ -6,6 +6,7 @@ dependencies {
compile 'log4j:log4j:1.2.17'
compile 'commons-logging:commons-logging:1.2'
compile 'commons-io:commons-io:2.4'
+ compile 'commons-codec:commons-codec:1.10'
compile 'org.apache.axis:axis-jaxrpc:1.4'
compile 'org.xerial:sqlite-jdbc:3.8.11.2'
compile 'javax.xml.bind:jaxb-api:2.2.12'
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
index b725422..d216569 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
@@ -467,7 +467,8 @@ public abstract class SPSSFactory {
Date dateTime,
InputStream cmsSignature,
CMSDataObject dataObject,
- String trustProfileID);
+ String trustProfileID,
+ boolean pdf);
/**
* Create a new <code>CMSDataObject</code> object from data at a given URI.
@@ -543,7 +544,8 @@ public abstract class SPSSFactory {
public abstract VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
SignerInfo signerInfo,
CheckResult signatureCheck,
- CheckResult certificateCheck);
+ CheckResult certificateCheck,
+ List adesResult);
//
// Factory methods for verifying XML signatures
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
index 225f685..3adb381 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
@@ -73,4 +73,6 @@ public interface VerifyCMSSignatureRequest {
* @return The profile ID of trusted certificates.
*/
public String getTrustProfileId();
+
+ public boolean isPDF();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
index a1135ba..8579a2f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
@@ -24,6 +24,8 @@
package at.gv.egovernment.moa.spss.api.cmsverify;
+import java.util.List;
+
import at.gv.egovernment.moa.spss.api.common.CheckResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
@@ -54,4 +56,12 @@ public interface VerifyCMSSignatureResponseElement {
*/
public CheckResult getCertificateCheck();
+ /**
+ * Gets AdES Form results
+ *
+ * This might be null!
+ *
+ * @return The result of the AdES Form validation
+ */
+ public List getAdESFormResults();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
index 8a46219..478dcb4 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
@@ -260,7 +260,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
Date dateTime,
InputStream cmsSignature,
CMSDataObject dataObject,
- String trustProfileID) {
+ String trustProfileID,
+ boolean pdf) {
VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest =
new VerifyCMSSignatureRequestImpl();
verifyCMSSignatureRequest.setDateTime(dateTime);
@@ -268,6 +269,7 @@ public class SPSSFactoryImpl extends SPSSFactory {
verifyCMSSignatureRequest.setDataObject(dataObject);
verifyCMSSignatureRequest.setTrustProfileId(trustProfileID);
verifyCMSSignatureRequest.setSignatories(signatories);
+ verifyCMSSignatureRequest.setPDF(pdf);
return verifyCMSSignatureRequest;
}
@@ -321,13 +323,14 @@ public class SPSSFactoryImpl extends SPSSFactory {
public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
SignerInfo signerInfo,
CheckResult signatureCheck,
- CheckResult certificateCheck) {
+ CheckResult certificateCheck,
+ List adesResult) {
VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement =
new VerifyCMSSignatureResponseElementImpl();
verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck);
-
+ verifyCMSSignatureResponseElement.setAdESFormResults(adesResult);
return verifyCMSSignatureResponseElement;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
index c759f5f..78d817b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
@@ -49,6 +49,8 @@ public class VerifyCMSSignatureRequestImpl
private InputStream cmsSignature;
/** The date for which to verify the signature. */
private Date dateTime;
+
+ private boolean pdf = false;
/**
* Sets the indexes of the signatories whose signature should be verified.
@@ -114,4 +116,12 @@ public class VerifyCMSSignatureRequestImpl
return trustProfileId;
}
+ public void setPDF(boolean value) {
+ this.pdf = value;
+ }
+
+ public boolean isPDF() {
+ return this.pdf;
+ }
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
index f258b3b..3d6b72a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
@@ -24,6 +24,8 @@
package at.gv.egovernment.moa.spss.api.impl;
+import java.util.List;
+
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
import at.gv.egovernment.moa.spss.api.common.CheckResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
@@ -44,6 +46,8 @@ public class VerifyCMSSignatureResponseElementImpl
/** Information about the certificate check. */
private CheckResult certificateCheck;
+ private List adesResults = null;
+
/**
* Sets a SignerInfo element according to CMS.
*
@@ -82,5 +86,13 @@ public class VerifyCMSSignatureResponseElementImpl
public CheckResult getCertificateCheck() {
return certificateCheck;
}
+
+ public void setAdESFormResults(List adesResults) {
+ this.adesResults = adesResults;
+ }
+
+ public List getAdESFormResults() {
+ return adesResults;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
index 6b3f430..bc92b7a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
@@ -103,7 +103,8 @@ public class VerifyCMSSignatureRequestParser {
dateTime,
cmsSignature,
dataObject,
- trustProfileID);
+ trustProfileID,
+ false);
}
/**
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
index 972b540..9fda5e0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
import iaik.pki.PKIProfile;
@@ -35,27 +34,25 @@ import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
* @author Patrick Peck
* @version $Id$
*/
-public class CMSSignatureVerificationProfileImpl
- implements CMSSignatureVerificationProfile {
-
- /** The profile for validating the certificate. */
- private PKIProfile certificateValidationProfile;
+public class CMSSignatureVerificationProfileImpl implements CMSSignatureVerificationProfile {
+ /** The profile for validating the certificate. */
+ private PKIProfile certificateValidationProfile;
- /**
- * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile()
- */
- public PKIProfile getCertificateValidationProfile() {
- return certificateValidationProfile;
- }
+ /**
+ * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile()
+ */
+ public PKIProfile getCertificateValidationProfile() {
+ return certificateValidationProfile;
+ }
- /**
- * Sets the profile for validating the signer certificate.
- *
- * @param certificateValidationProfile The certificate validation profile to
- * set.
- */
- public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
- this.certificateValidationProfile = certificateValidationProfile;
- }
+ /**
+ * Sets the profile for validating the signer certificate.
+ *
+ * @param certificateValidationProfile
+ * The certificate validation profile to set.
+ */
+ public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
+ this.certificateValidationProfile = certificateValidationProfile;
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
new file mode 100644
index 0000000..9189597
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
@@ -0,0 +1,8 @@
+package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
+
+import iaik.server.modules.cmsverify.PDFSignatureVerificationProfile;
+
+public class PDFSignatureVerificationProfileImpl extends CMSSignatureVerificationProfileImpl
+ implements PDFSignatureVerificationProfile {
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index 87dd572..ef9ddeb 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -24,6 +24,7 @@
package at.gv.egovernment.moa.spss.server.iaik.config;
+import iaik.cms.IaikCCProvider;
import iaik.pki.store.revocation.RevocationFactory;
import iaik.pki.store.revocation.RevocationSourceStore;
import iaik.pki.store.truststore.TrustStoreFactory;
@@ -34,6 +35,7 @@ import iaik.server.modules.keys.KeyEntryID;
import iaik.server.modules.keys.KeyModule;
import iaik.server.modules.keys.KeyModuleFactory;
+import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
import java.util.Iterator;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index aca6f58..905254e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -24,12 +24,16 @@
package at.gv.egovernment.moa.spss.server.invoke;
+import iaik.server.modules.AdESFormVerificationResult;
+import iaik.server.modules.AdESVerificationResult;
import iaik.server.modules.IAIKException;
import iaik.server.modules.IAIKRuntimeException;
+import iaik.server.modules.SignatureVerificationProfile;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModule;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
+import iaik.server.modules.cmsverify.ExtendedCMSSignatureVerificationResult;
import iaik.x509.X509Certificate;
import java.io.ByteArrayInputStream;
@@ -37,10 +41,17 @@ import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigDecimal;
+import java.security.MessageDigest;
+import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
+import org.apache.commons.codec.binary.Hex;
+import org.apache.commons.io.HexDump;
+import org.apache.commons.io.IOUtils;
+
+import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.logging.LoggingContext;
import at.gv.egovernment.moa.logging.LoggingContextManager;
import at.gv.egovernment.moa.spss.MOAApplicationException;
@@ -51,6 +62,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl;
import at.gv.egovernment.moa.spss.server.config.TrustProfile;
import at.gv.egovernment.moa.spss.server.logging.IaikLog;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
@@ -121,14 +133,14 @@ public class CMSSignatureVerificationInvoker {
CMSSignatureVerificationProfile profile;
Date signingTime;
List results;
- CMSSignatureVerificationResult result;
+ ExtendedCMSSignatureVerificationResult result;
int[] signatories;
InputStream input;
- byte[] buf = new byte[256];
+ byte[] buf = new byte[2048];
// get the signature
signature = request.getCMSSignature();
-
+
// get the actual trustprofile
TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
@@ -137,7 +149,11 @@ public class CMSSignatureVerificationInvoker {
signedContent = getSignedContent(request);
// build the profile
- profile = profileFactory.createProfile();
+ if(request.isPDF()) {
+ profile = profileFactory.createPDFProfile();
+ } else {
+ profile = profileFactory.createProfile();
+ }
// get the signing time
signingTime = request.getDateTime();
@@ -156,9 +172,9 @@ public class CMSSignatureVerificationInvoker {
input = module.getInputStream();
while (input.read(buf) > 0);
+ //results = module.verifyCAdESSignature(signingTime);
results = module.verifySignature(signingTime);
-
} catch (IAIKException e) {
MOAException moaException = IaikExceptionMapper.getInstance().map(e);
throw moaException;
@@ -191,10 +207,29 @@ public class CMSSignatureVerificationInvoker {
Iterator resultIter;
for (resultIter = results.iterator(); resultIter.hasNext();) {
- result = (CMSSignatureVerificationResult) resultIter.next();
+ Object resultObject = resultIter.next();
+ CMSSignatureVerificationResult cmsResult = null;
+ List adesResults = null;
+ if(resultObject instanceof ExtendedCMSSignatureVerificationResult) {
+ result = (ExtendedCMSSignatureVerificationResult) resultObject;
+
+ adesResults = getAdESResult(result.getFormVerificationResult());
+
+ if (adesResults != null) {
+ Iterator adesIterator = adesResults.iterator();
+ while (adesIterator.hasNext()) {
+ Logger.info("ADES Formresults: " + adesIterator.next().toString());
+ }
+ }
+ } else {
+ cmsResult = (CMSSignatureVerificationResult)resultObject;
+ }
+
+
String issuerCountryCode = null;
// QC/SSCD check
- List list = result.getCertificateValidationResult().getCertificateChain();
+
+ List list = cmsResult.getCertificateValidationResult().getCertificateChain();
if (list != null) {
X509Certificate[] chain = new X509Certificate[list.size()];
@@ -213,7 +248,7 @@ public class CMSSignatureVerificationInvoker {
}
- responseBuilder.addResult(result, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode);
+ responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
}
} else {
int i;
@@ -223,11 +258,23 @@ public class CMSSignatureVerificationInvoker {
try {
result =
- (CMSSignatureVerificationResult) results.get(signatories[i] - 1);
+ (ExtendedCMSSignatureVerificationResult) results.get(signatories[i] - 1);
String issuerCountryCode = null;
+
+ CMSSignatureVerificationResult cmsResult = result.getCMSSignatureVerificationResult();
+
+ List adesResults = getAdESResult(result.getFormVerificationResult());
+
+ if (adesResults != null) {
+ Iterator adesIterator = adesResults.iterator();
+ while (adesIterator.hasNext()) {
+ Logger.info("ADES Formresults: " + adesIterator.next().toString());
+ }
+ }
+
// QC/SSCD check
- List list = result.getCertificateValidationResult().getCertificateChain();
+ List list = cmsResult.getCertificateValidationResult().getCertificateChain();
if (list != null) {
X509Certificate[] chain = new X509Certificate[list.size()];
@@ -244,7 +291,7 @@ public class CMSSignatureVerificationInvoker {
issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate)list.get(0));
}
- responseBuilder.addResult(result, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode);
+ responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
} catch (IndexOutOfBoundsException e) {
throw new MOAApplicationException(
"2249",
@@ -368,4 +415,41 @@ public class CMSSignatureVerificationInvoker {
}
+
+ private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
+ if (adesFormVerification == null) {
+ // no form information
+ return null;
+ }
+
+ List adesList = new ArrayList();
+
+ checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
+ SignatureVerificationProfile.LEVEL_LTA, adesList);
+ checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+ SignatureVerificationProfile.LEVEL_LT, adesList);
+ checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+ SignatureVerificationProfile.LEVEL_T, adesList);
+ checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+ SignatureVerificationProfile.LEVEL_B, adesList);
+
+ return adesList;
+ }
+
+ private void checkSubResult(AdESVerificationResult subResult, String level, List adesList) {
+ if (subResult != null) {
+ Logger.info("Checking Level: " + level);
+ try {
+ AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
+ adESFormResultsImpl.setCode(subResult.getResultCode());
+ adESFormResultsImpl.setInfo(subResult.getInfo());
+ adESFormResultsImpl.setName(subResult.getName());
+
+ adesList.add(adESFormResultsImpl);
+ } catch (NullPointerException e) {
+ Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
+ }
+ }
+ }
+
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
index 5f459ac..74b2a89 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
@@ -24,15 +24,15 @@
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
-
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.iaik.cmsverify.CMSSignatureVerificationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.cmsverify.PDFSignatureVerificationProfileImpl;
import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
/**
* A factory to create a <code>CMSSignatureVerificationProfile</code> from a
@@ -65,6 +65,31 @@ public class CMSSignatureVerificationProfileFactory {
* <code>request</code>, based on the current configuration.
* @throws MOAException An error occurred creating the profile.
*/
+ public CMSSignatureVerificationProfile createPDFProfile()
+ throws MOAException {
+ TransactionContext context =
+ TransactionContextManager.getInstance().getTransactionContext();
+ ConfigurationProvider config = context.getConfiguration();
+ PDFSignatureVerificationProfileImpl profile =
+ new PDFSignatureVerificationProfileImpl();
+ String trustProfileID;
+
+ // set the certificate validation profile
+ trustProfileID = request.getTrustProfileId();
+ profile.setCertificateValidationProfile(
+ new PKIProfileImpl(config, trustProfileID));
+
+ return profile;
+ }
+
+ /**
+ * Create a <code>CMSSignatureVerificationProfile</code> from the given
+ * request and the current MOA configuration.
+ *
+ * @return The <code>CMSSignatureVerificationProfile</code> for the
+ * <code>request</code>, based on the current configuration.
+ * @throws MOAException An error occurred creating the profile.
+ */
public CMSSignatureVerificationProfile createProfile()
throws MOAException {
TransactionContext context =
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index 1ea10cb..f32093a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -79,7 +79,7 @@ public class VerifyCMSSignatureResponseBuilder {
* otherwise <code>false</code>.
* @throws MOAException
*/
- public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode)
+ public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults)
throws MOAException {
CertificateValidationResult certResult =
@@ -118,7 +118,8 @@ public class VerifyCMSSignatureResponseBuilder {
factory.createVerifyCMSSignatureResponseElement(
signerInfo,
signatureCheck,
- certificateCheck);
+ certificateCheck,
+ adesResults);
responseElements.add(responseElement);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
index 10dc79d..dcb1397 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
@@ -26,6 +26,8 @@ package at.gv.egovernment.moa.spss.server.logging;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import iaik.logging.TransactionId;
@@ -40,7 +42,7 @@ public class IaikLog implements iaik.logging.Log {
/** The hierarchy to log all IAIK output to. */
public static final String IAIK_LOG_HIERARCHY = "iaik.server";
/** The commons-loggin <code>Log</code> to use for logging the messages. */
- private static Log log = LogFactory.getLog(IAIK_LOG_HIERARCHY);
+ private static Logger log = LoggerFactory.getLogger(IAIK_LOG_HIERARCHY);
/** The node ID to use. */
private String nodeId;
@@ -66,7 +68,7 @@ public class IaikLog implements iaik.logging.Log {
public void debug(TransactionId transactionId, Object message, Throwable t) {
IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
- log.debug(msg, t);
+ log.debug(msg.toString(), t);
}
/**
@@ -82,7 +84,7 @@ public class IaikLog implements iaik.logging.Log {
public void info(TransactionId transactionId, Object message, Throwable t) {
IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
- log.info(msg, t);
+ log.info(msg.toString(), t);
}
/**
@@ -98,7 +100,7 @@ public class IaikLog implements iaik.logging.Log {
public void warn(TransactionId transactionId, Object message, Throwable t) {
IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
- log.warn(msg, t);
+ log.warn(msg.toString(), t);
}
/**
@@ -114,14 +116,14 @@ public class IaikLog implements iaik.logging.Log {
public void error(TransactionId transactionId, Object message, Throwable t) {
IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
- log.error(msg, t);
+ log.error(msg.toString(), t);
}
/**
* @see iaik.logging.Log#isFatalEnabled()
*/
public boolean isFatalEnabled() {
- return log.isFatalEnabled();
+ return log.isErrorEnabled();
}
/**
@@ -130,7 +132,7 @@ public class IaikLog implements iaik.logging.Log {
public void fatal(TransactionId transactionId, Object message, Throwable t) {
IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
- log.fatal(msg, t);
+ log.error(msg.toString(), t);
}
/**