diff options
| author | Thomas Lenz <thomas.lenz@a-sit.at> | 2025-09-25 06:29:19 +0000 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@a-sit.at> | 2025-09-25 06:29:19 +0000 |
| commit | 32d859478da3c8368213ba398b70b8ee39861f03 (patch) | |
| tree | 6190080e24df905ad07295b2f241f61c5cb77c94 /moaSig/moa-sig/src | |
| parent | f332d5a3b6bbe0650f0f8485a1e92d4b2fe5dbf4 (diff) | |
| parent | 71c6b41accf6786cd790fd931c909f119979b2c6 (diff) | |
| download | moa-sig-master.tar.gz moa-sig-master.tar.bz2 moa-sig-master.zip | |
Nightlybuild
See merge request egiz/moa-sig!3
Diffstat (limited to 'moaSig/moa-sig/src')
15 files changed, 316 insertions, 210 deletions
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java index d13492f..f206167 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java @@ -33,8 +33,6 @@ import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Iterator; -import javax.servlet.http.HttpServletRequest; - import org.apache.axis.AxisFault; import org.apache.axis.Message; import org.apache.axis.MessageContext; @@ -53,12 +51,15 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; import at.gv.egovernment.moa.spss.server.transaction.TransactionIDGenerator; +import at.gv.egovernment.moa.spss.server.utils.DataHandlerConverter; import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moaspss.logging.LogMsg; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import at.gv.egovernment.moaspss.util.DOMUtils; +import jakarta.activation.DataHandler; +import jakarta.servlet.http.HttpServletRequest; /** * An handler that is invoked on each web service request and performs some @@ -150,7 +151,7 @@ public class AxisHandler extends BasicHandler { soapMessage = msgContext.getCurrentMessage(); Element xmlRequest = null; - // log.info(soapMessage.getSOAPPartAsString()); + final Element soapPart = DOMUtils.parseDocument( new ByteArrayInputStream(soapMessage.getSOAPPartAsBytes()), false, null, null) .getDocumentElement(); @@ -172,8 +173,9 @@ public class AxisHandler extends BasicHandler { } - final TransactionContext context = new TransactionContext(TransactionIDGenerator.nextID(), clientCert, - ConfigurationProvider.getInstance(), xmlRequest, null); + final TransactionContext context = + new TransactionContext(TransactionIDGenerator.nextID(), clientCert, + ConfigurationProvider.getInstance(), xmlRequest, null); String soapAction = request.getHeader(SOAP_ACTION_HEADER); if ("\"\"".equals(soapAction)) { @@ -201,7 +203,11 @@ public class AxisHandler extends BasicHandler { // content with Object content = // attachment.getContent();) InputStream is = null; - final javax.activation.DataHandler datahandler = attachment.getDataHandler(); + + Object dataHandlerObj = attachment.getDataHandler(); + final DataHandler datahandler = dataHandlerObj instanceof DataHandler + ? (DataHandler) dataHandlerObj + : DataHandlerConverter.convert((javax.activation.DataHandler) dataHandlerObj); final int TYPE = 2; switch (TYPE) { @@ -239,19 +245,6 @@ public class AxisHandler extends BasicHandler { info("handler.03", null); } if (Logger.isTraceEnabled()) { - // OutputFormat format = new OutputFormat((Document) - // xmlRequest.getOwnerDocument()); - // format.setLineSeparator("\n"); - // format.setIndenting(false); - // format.setPreserveSpace(true); - // format.setOmitXMLDeclaration(false); - // format.setEncoding("UTF-8"); - // ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // XMLSerializer conSerializer = new XMLSerializer(baos, - // format); - // conSerializer.serialize(xmlRequest); - // Logger.debug(new LogMsg("Request:" + baos.toString())); - final String msg = soapMessage.getSOAPPartAsString(); Logger.trace(new LogMsg(msg)); } @@ -305,24 +298,13 @@ public class AxisHandler extends BasicHandler { if (xmlResponse != null) { try { xmlResponseString = DOMUtils.serializeNode(xmlResponse, true); - /* - * Soll die Antwort nur \n enthalten, so gibt es 2 Möglichkeiten: 1.) Xalan - * Version und xmlResponseString = DOMUtils.serializeNode(xmlResponse, true, - * "\n"); 2.) OutputFormat serializerFormat = new OutputFormat((Document) - * xmlResponse.getOwnerDocument()); serializerFormat.setLineSeparator("\n"); - * serializerFormat.setIndenting(false); - * serializerFormat.setPreserveSpace(true); - * serializerFormat.setOmitXMLDeclaration(true); - * serializerFormat.setEncoding("UTF-8"); ByteArrayOutputStream serializedBytes - * = new ByteArrayOutputStream(); XMLSerializer serializer = new - * XMLSerializer(serializedBytes, serializerFormat); - * serializer.serialize(xmlResponse); serializedBytes.close(); xmlResponseString - * = serializedBytes.toString("UTF-8"); - */ if (Logger.isTraceEnabled()) { Logger.trace(new LogMsg(xmlResponseString)); + } + soapResponseString = SOAP_PART_PRE + xmlResponseString + SOAP_PART_POST; + // override axis response-message msgContext.setResponseMessage(new Message(soapResponseString)); } catch (final Throwable t) { @@ -341,8 +323,8 @@ public class AxisHandler extends BasicHandler { } info("handler.04", null); - if (Logger.isDebugEnabled()) { - Logger.debug(new LogMsg(soapResponseString)); + if (Logger.isTraceEnabled()) { + Logger.trace(new LogMsg(soapResponseString)); } tearDownContexts(); } diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/CertificateProviderServlet.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/CertificateProviderServlet.java index bc2c3b6..703a08d 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/CertificateProviderServlet.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/CertificateProviderServlet.java @@ -11,10 +11,7 @@ import java.util.Iterator; import java.util.List; import java.util.Set; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang3.StringUtils; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; @@ -25,6 +22,10 @@ import at.gv.egovernment.moaspss.logging.Logger; import iaik.server.modules.keys.KeyEntryID; import iaik.server.modules.keys.KeyModule; import iaik.server.modules.keys.KeyModuleFactory; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * @@ -34,7 +35,7 @@ import iaik.server.modules.keys.KeyModuleFactory; public class CertificateProviderServlet extends HttpServlet { /** - * + * */ private static final long serialVersionUID = -6907582473072190122L; @@ -43,69 +44,7 @@ public class CertificateProviderServlet extends HttpServlet { public static final String PARAM_KEYID = "id"; - /** - * Build the set of <code>KeyEntryID</code>s available to the given - * <code>keyGroupID</code>. - * - * @param keyGroupID The keygroup ID for which the available keys should be - * returned. - * @return The <code>Set</code> of <code>KeyEntryID</code>s identifying the - * available keys. - * @throws ConfigurationException - */ - @SuppressWarnings({ "rawtypes", "unchecked" }) - private Set buildKeySet(String keyGroupID, X509Certificate cert, KeyModule module) - throws ConfigurationException { - final ConfigurationProvider config = ConfigurationProvider.getInstance(); - Set keyGroupEntries; - // get the KeyGroup entries from the configuration - if (cert != null) { - final Principal issuer = cert.getIssuerDN(); - final BigInteger serialNumber = cert.getSerialNumber(); - - keyGroupEntries = config.getKeyGroupEntries(issuer, serialNumber, - keyGroupID); - } else { - keyGroupEntries = config.getKeyGroupEntries(null, null, keyGroupID); - } - - // map the KeyGroup entries to a set of KeyEntryIDs - if (keyGroupEntries == null) { - return null; - } else if (keyGroupEntries.size() == 0) { - return Collections.EMPTY_SET; - } else { - - final Set keyEntryIDs = module.getPrivateKeyEntryIDs(); - final Set keySet = new HashSet(); - Iterator iter; - - // filter out the keys that do not exist in the IAIK configuration - // by walking through the key entries and checking if the exist in - // the - // keyGroupEntries - for (iter = keyEntryIDs.iterator(); iter.hasNext();) { - final KeyEntryID entryID = (KeyEntryID) iter.next(); - final KeyGroupEntry entry = new KeyGroupEntry(entryID.getModuleID(), - entryID.getCertificateIssuer(), - entryID.getCertificateSerialNumber()); - if (keyGroupEntries.contains(entry)) { - keySet.add(entryID); - } - } - return keySet; - } - } - - private X509Certificate getClientCertificate(HttpServletRequest request) { - final X509Certificate[] clientCert = (X509Certificate[]) request - .getAttribute(X509_CERTIFICATE_PROPERTY); - if (clientCert != null) { - return clientCert[0]; - } - return null; - } @Override @SuppressWarnings("rawtypes") @@ -158,7 +97,8 @@ public class CertificateProviderServlet extends HttpServlet { final byte[] certData = keyCert.getEncoded(); response.setStatus(HttpServletResponse.SC_OK); response.setContentType("application/pkix-cert"); - response.setHeader("Content-disposition", "attachment; filename=\"" + keyId + ".cer\""); + response.setHeader("Content-disposition", "attachment; filename=\"" + + StringUtils.deleteWhitespace(keyId) + ".cer\""); response.getOutputStream().write(certData); response.getOutputStream().close(); return; @@ -176,4 +116,69 @@ public class CertificateProviderServlet extends HttpServlet { response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } + + /** + * Build the set of <code>KeyEntryID</code>s available to the given + * <code>keyGroupID</code>. + * + * @param keyGroupID The keygroup ID for which the available keys should be + * returned. + * @return The <code>Set</code> of <code>KeyEntryID</code>s identifying the + * available keys. + * @throws ConfigurationException + */ + @SuppressWarnings({ "rawtypes", "unchecked" }) + private Set buildKeySet(String keyGroupID, X509Certificate cert, KeyModule module) + throws ConfigurationException { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + Set keyGroupEntries; + + // get the KeyGroup entries from the configuration + if (cert != null) { + final Principal issuer = cert.getIssuerDN(); + final BigInteger serialNumber = cert.getSerialNumber(); + + keyGroupEntries = config.getKeyGroupEntries(issuer, serialNumber, keyGroupID); + } else { + keyGroupEntries = config.getKeyGroupEntries(null, null, keyGroupID); + + } + + // map the KeyGroup entries to a set of KeyEntryIDs + if (keyGroupEntries == null) { + return null; + } else if (keyGroupEntries.size() == 0) { + return Collections.EMPTY_SET; + } else { + + final Set keyEntryIDs = module.getPrivateKeyEntryIDs(); + final Set keySet = new HashSet(); + Iterator iter; + + // filter out the keys that do not exist in the IAIK configuration + // by walking through the key entries and checking if the exist in + // the + // keyGroupEntries + for (iter = keyEntryIDs.iterator(); iter.hasNext();) { + final KeyEntryID entryID = (KeyEntryID) iter.next(); + final KeyGroupEntry entry = new KeyGroupEntry(entryID.getModuleID(), + entryID.getCertificateIssuer(), + entryID.getCertificateSerialNumber()); + if (keyGroupEntries.contains(entry)) { + keySet.add(entryID); + } + } + return keySet; + } + } + + private X509Certificate getClientCertificate(HttpServletRequest request) { + final X509Certificate[] clientCert = (X509Certificate[]) request + .getAttribute(X509_CERTIFICATE_PROPERTY); + if (clientCert != null) { + return clientCert[0]; + } + return null; + } + } diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java index 135d652..49047d7 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java @@ -29,11 +29,6 @@ import java.util.ArrayList; import java.util.Iterator; import java.util.List; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; @@ -42,6 +37,10 @@ import at.gv.egovernment.moaspss.logging.LogMsg; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * A servlet to initialize and update the MOA configuration. @@ -52,7 +51,7 @@ import at.gv.egovernment.moaspss.logging.LoggingContextManager; */ public class ConfigurationServlet extends HttpServlet { /** - * + * */ private static final long serialVersionUID = 8372961105222028696L; /** The document type of the HTML to generate. */ @@ -63,8 +62,6 @@ public class ConfigurationServlet extends HttpServlet { * Handle a HTTP GET request, used to indicated that the MOA configuration needs * to be updated (reloaded). * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, - * HttpServletResponse) */ @Override @SuppressWarnings({ "rawtypes", "unchecked" }) @@ -126,8 +123,6 @@ public class ConfigurationServlet extends HttpServlet { /** * Do the same as <code>doGet</code>. * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, - * HttpServletResponse) */ @Override public void doPost(HttpServletRequest request, HttpServletResponse response) @@ -141,8 +136,6 @@ public class ConfigurationServlet extends HttpServlet { * * Does an initial load of the MOA configuration to test if a working web * service can be provided. - * - * @see javax.servlet.GenericServlet#init() */ @Override public void init() throws ServletException { diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java index 4030883..7973e44 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java @@ -63,7 +63,7 @@ public class SignatureCreationService { /** * Handle a <code>CreatePDFSignatureRequest</code>. - * + * * @param request The <code>CreatePDFSignatureRequest</code> to work on * (contained in the 0th element of the array). * @return A <code>CreatePDFSignatureResponse</code> as the only element of the @@ -152,7 +152,7 @@ public class SignatureCreationService { /** * Handle a <code>CreateXMLSignatureRequest</code>. - * + * * @param request The <code>CreateXMLSignatureRequest</code> to work on * (contained in the 0th element of the array). * @return A <code>CreateXMLSignatureResponse</code> as the only element of the diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/TSLClientStatusServlet.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/TSLClientStatusServlet.java index 3bf9a37..abdf121 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/TSLClientStatusServlet.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/TSLClientStatusServlet.java @@ -5,18 +5,17 @@ import java.io.PrintWriter; import java.text.MessageFormat; import java.util.List; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import at.gv.egovernment.moa.sig.tsl.engine.data.TSLProcessingResultElement; import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public class TSLClientStatusServlet extends HttpServlet { /** - * + * */ private static final long serialVersionUID = 1L; diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/utils/DataHandlerConverter.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/utils/DataHandlerConverter.java new file mode 100644 index 0000000..fd11789 --- /dev/null +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/utils/DataHandlerConverter.java @@ -0,0 +1,49 @@ +package at.gv.egovernment.moa.spss.server.utils; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +import lombok.experimental.UtilityClass; + +/** + * Utility to convert javax.activation.DataHandler to jakarta.activation.DataHandler. + */ +@UtilityClass +public class DataHandlerConverter { + + /** + * Converts javax.activation.DataHandler to jakarta.activation.DataHandler + */ + public static jakarta.activation.DataHandler convert(javax.activation.DataHandler oldHandler) { + if (oldHandler == null) return null; + + javax.activation.DataSource oldSource = oldHandler.getDataSource(); + + // Wrap the old javax.activation.DataSource in a jakarta.activation.DataSource + jakarta.activation.DataSource newSource = new jakarta.activation.DataSource() { + @Override + public InputStream getInputStream() throws IOException { + return oldSource.getInputStream(); + } + + @Override + public OutputStream getOutputStream() throws IOException { + return oldSource.getOutputStream(); + } + + @Override + public String getContentType() { + return oldSource.getContentType(); + } + + @Override + public String getName() { + return oldSource.getName(); + } + }; + + return new jakarta.activation.DataHandler(newSource); + } +} + diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/utils/LoggerUtils.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/utils/LoggerUtils.java new file mode 100644 index 0000000..78d5039 --- /dev/null +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/utils/LoggerUtils.java @@ -0,0 +1,41 @@ +package at.gv.egovernment.moa.spss.server.utils; + +import java.util.Properties; + +import iaik.logging.LogConfigurationException; +import iaik.logging.LogFactory; +import iaik.logging.LoggerConfig; +import lombok.experimental.UtilityClass; + +/** + * Logging helper. + */ +@UtilityClass +public class LoggerUtils { + + /** + * Fix {@link iaik.logging.impl.LogSlf4jFactoryImpl}, because it uses + * <code>org.slf4j.impl.StaticLoggerBinder</code> which was removed since v + * 1.5.x. + */ + public static void fixLoggerFactory() { + LogFactory.configure(new LoggerConfig() { + + @Override + public Properties getProperties() throws LogConfigurationException { + return null; + } + + @Override + public String getNodeId() { + return null; + } + + @Override + public String getFactory() { + return "iaik.logging.impl.OwnLogSlf4jFactoryImpl"; + } + }); + } + +} diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java index bf06ff6..4b91ec1 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java @@ -1,8 +1,8 @@ package at.gv.egovernment.moa.spss.server.webservice; -import javax.jws.WebMethod; -import javax.jws.WebParam; -import javax.jws.WebService; +import jakarta.jws.WebMethod; +import jakarta.jws.WebParam; +import jakarta.jws.WebService; @WebService(name = "SignatureCreationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") @@ -24,7 +24,7 @@ public interface SignatureCreationService { * @WebMethod(action = "PDFSignatureCreate", operationName = * "PDFSignatureCreate") public at.gv.egiz.moasig.CreatePDFSignatureResponseType * createPDFSignature( - * + * * @WebParam(name = "CreatePDFSignatureRequest") * at.gv.egiz.moasig.CreatePDFSignatureRequest createPDFSignatureRequest) throws * Exception; diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java index ca30650..d8aa9b6 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java @@ -1,8 +1,8 @@ package at.gv.egovernment.moa.spss.server.webservice; -import javax.jws.WebMethod; -import javax.jws.WebParam; -import javax.jws.WebService; +import jakarta.jws.WebMethod; +import jakarta.jws.WebParam; +import jakarta.jws.WebService; @WebService(name = "SignatureVerificationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") diff --git a/moaSig/moa-sig/src/main/resources/logback.xml b/moaSig/moa-sig/src/main/resources/logback.xml index 0012e81..0afb5cc 100644 --- a/moaSig/moa-sig/src/main/resources/logback.xml +++ b/moaSig/moa-sig/src/main/resources/logback.xml @@ -12,7 +12,7 @@ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> <File>${catalina.base}/logs/moa-spss.log</File> <encoder> - <pattern>logback | %5p | %d{dd HH:mm:ss,SSS} | %C{1} | %20c | %10t | %m%n</pattern> + <pattern>%5p | %d{dd HH:mm:ss.SSS} | %C{1} | %20c | %10t | %m%n</pattern> </encoder> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> <maxIndex>10</maxIndex> @@ -24,7 +24,7 @@ </appender> <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender"> <encoder> - <pattern>logback | %5p | %d{dd HH:mm:ss,SSS} | %C{1} | %20c | %10t | %m%n</pattern> + <pattern>%5p | %d{dd HH:mm:ss.SSS} | %C{1} | %20c | %10t | %m%n</pattern> </encoder> </appender> <logger name="moa.spss.server" level="info"> diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java index 1ee071a..92749b0 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java @@ -37,7 +37,6 @@ import at.gv.egovernment.moaspss.util.Constants; import iaik.esi.sva.ConfigurationAdapter; import iaik.pki.Configurator; import iaik.pki.PKIFactory; -import iaik.pki.store.certstore.CertStoreFactory; import iaik.pki.store.truststore.TrustStoreFactory; public abstract class AbstractIntegrationTest { @@ -57,9 +56,9 @@ public abstract class AbstractIntegrationTest { System.setProperty("moa.spss.server.configuration", ""); System.setProperty("iaik.esi.sva.configuration.location", ""); - + TrustStoreFactory.reset(); - + // reset TSL client final Field field1 = TSLServiceFactory.class.getDeclaredField("tslClient"); field1.setAccessible(true); @@ -68,32 +67,32 @@ public abstract class AbstractIntegrationTest { final Field field5 = SQLiteDBService.class.getDeclaredField("conn"); field5.setAccessible(true); field5.set(null, null); - + final Field field6 = DatabaseServiceFactory.class.getDeclaredField("dbServices"); field6.setAccessible(true); field6.set(null, null); - + // reset MOA-SPSS configuration object final Field field2 = ConfigurationProvider.class.getDeclaredField("instance"); field2.setAccessible(true); field2.set(null, null); - + final Field field8 = TransactionContextManager.class.getDeclaredField("instance"); field8.setAccessible(true); field8.set(null, null); - + // reset PKI module configuration resetClassState(PKIFactory.class, "instance_", null); // reset IAIK MOA configuration resetClassState(Configurator.class, "C", false); - + //reset ESI-SVA configuration resetClassState(ConfigurationAdapter.class, "a", null); - resetClassState(ConfigurationAdapter.class, "instance", null); + // resetClassState(ConfigurationAdapter.class, "instance", null); //resetClassState(ConfigurationAdapter.class, "config", null); //resetClassState(ConfigurationAdapter.class, "libraryConfig", null); - + } private static void resetClassState(Class clazz, String fieldName, Object value) { @@ -101,16 +100,16 @@ public abstract class AbstractIntegrationTest { Field field7 = clazz.getDeclaredField(fieldName); if (field7 != null) { field7.setAccessible(true); - field7.set(null, value); + field7.set(null, value); } - + } catch (NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException e) { e.printStackTrace(); } - + } - - + + protected VerifyXMLSignatureRequest buildVerifyXmlRequest(final byte[] signature, final String trustProfileID, boolean extValFlag, final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation, diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java index 191bed9..a88873a 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java @@ -38,6 +38,7 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.utils.LoggerUtils; import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; import at.gv.egovernment.moaspss.util.DOMUtils; import iaik.pki.Configurator; @@ -52,6 +53,9 @@ public class CadesIntegrationTest extends AbstractIntegrationTest { @BeforeClass public static void classInitializer() throws IOException, ConfigurationException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + + LoggerUtils.fixLoggerFactory(); + jvmStateReset(); final String current = new java.io.File(".").getCanonicalPath(); diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index 9cee722..16037d6 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -9,9 +9,6 @@ import static org.junit.Assert.assertTrue; import java.io.FileInputStream; import java.io.IOException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.util.Base64; import java.util.Date; import org.apache.commons.io.IOUtils; @@ -31,36 +28,45 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElemen import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.iaik.cmsverify.PDFSignatureVerificationProfileImpl; import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; import at.gv.egovernment.moa.spss.server.logging.TransactionId; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.spss.server.utils.LoggerUtils; +import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; +import iaik.pki.KeyUsageParam; +import iaik.pki.KeyUsageParams; import iaik.pki.PKIFactory; import iaik.pki.PKIModule; -import iaik.pki.PKIResult; -import iaik.server.cmspdfverify.CMSVerifyUtils; import iaik.x509.X509Certificate; -import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; +import iaik.x509.extensions.KeyUsage; @RunWith(BlockJUnit4ClassRunner.class) public class PadesIntegrationTest extends AbstractIntegrationTest { + public static boolean[] KEY_USAGE; + + static { + KeyUsage usage = new KeyUsage(KeyUsage.digitalSignature | KeyUsage.nonRepudiation); + KEY_USAGE = usage.getBooleanArray(); + } + CMSSignatureVerificationInvoker cadesInvoker; @BeforeClass - public static void classInitializer() throws IOException, ConfigurationException, + public static void classInitializer() throws IOException, ConfigurationException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + + LoggerUtils.fixLoggerFactory(); + jvmStateReset(); - + final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); System.setProperty("iaik.esi.sva.configuration.location", current + "/src/test/resources/moaspss_config/svaconfig.example"); - + moaSpssCore = SystemInitializer.init(); } @@ -162,7 +168,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 1, cmsResult.getExtendedCertificateCheck().getMajorCode()); - + // because was signed by using SHA1 after xxxx assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMinorCode()); @@ -170,9 +176,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); } - - - + + + @Ignore @Test public void padesLteTest() throws MOAException, IOException { @@ -188,10 +194,10 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { // verify result assertNotNull("verification result", result); - + } - + @Test public void padesAmtssignatur() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -203,7 +209,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { // perform test final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + // verify result assertNotNull("verification result", result); @@ -211,21 +217,21 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { .getResponseElements().get(0); assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); - + assertTrue("Amtssignatur", cmsResult.getSignerInfo().isPublicAuthority()); assertEquals("Amtssignatur", "L4AL", cmsResult.getSignerInfo().getPublicAuhtorityID()); - + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); - + assertEquals("CountryCode", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); - + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); - - // it's no valid CAdES signature because it does not include SignatureCertificateInfo extension + + // it's no valid CAdES signature because it does not include SignatureCertificateInfo extension assertEquals("ext. val major", 13, cmsResult.getExtendedCertificateCheck().getMinorCode()); - + assertNotNull("form val. result", cmsResult.getAdESFormResults()); assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); @@ -234,9 +240,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertEquals("Find wrong form val status", 2, ((AdESFormResults) el).getCode().longValue()); } - + } - + @Ignore @Test public void padesOwnTest() throws Exception { @@ -257,26 +263,31 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); assertEquals("Amtssignatur", "", cmsResult.getSignerInfo().getPublicAuhtorityID()); - + } - - @Ignore + @Test public void pkixTest() throws Exception { - final String current = new java.io.File(".").getCanonicalPath(); - X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); - + final String current = new java.io.File(".").getCanonicalPath(); + X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); + PKIModule pkiModule = PKIFactory.getInstance().getPKIModule( new PKIProfileImpl(ConfigurationProvider.getInstance(), "MOAIDBuergerkarteAuthentisierungsDaten")); - PKIResult pkiResult = pkiModule.validateCertificate( - new Date(), - (X509Certificate) chain[0], - (X509Certificate[]) ArrayUtils.subarray(chain, 1, chain.length), - (boolean[])null, - new TransactionId("aabbccdd")); - + + KeyUsageParams keyUsage = new KeyUsageParams(); + keyUsage.addParam(new KeyUsageParam(KEY_USAGE, KeyUsageParam.STRICT)); + + pkiModule.validateCertificate( + new Date(), + chain[0], + ArrayUtils.subarray(chain, 1, chain.length), + //(boolean[]) null, + // keyUsage, + null, + new TransactionId("aabbccdd")); + System.out.print("Finished"); - + } - + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java index ebbc334..3f413c3 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java @@ -37,6 +37,7 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.utils.LoggerUtils; import at.gv.egovernment.moaspss.util.DOMUtils; @RunWith(BlockJUnit4ClassRunner.class) @@ -46,10 +47,13 @@ public class XadesIntegrationTest extends AbstractIntegrationTest { XMLSignatureCreationInvoker xadesSignInvoker; @BeforeClass - public static void classInitializer() throws IOException, ConfigurationException, + public static void classInitializer() throws IOException, ConfigurationException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + + LoggerUtils.fixLoggerFactory(); + jvmStateReset(); - + final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); @@ -166,27 +170,27 @@ public class XadesIntegrationTest extends AbstractIntegrationTest { assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); } - + @Test public void simpleXmlSignature() throws MOAException, ParserConfigurationException, SAXException, IOException, TransformerException { // build request Element xml = DOMUtils.parseXmlNonValidating( CadesIntegrationTest.class.getResourceAsStream("/testdata/xades/sign/createXades_1.xml")); CreateXMLSignatureRequest xmlReq = new CreateXMLSignatureRequestParser().parse(xml); - + // create signature CreateXMLSignatureResponse xmlResp = xadesSignInvoker.createXMLSignature(xmlReq, Collections.EMPTY_SET); - - + + // verify response assertNotNull("xadesResp", xmlResp); assertNotNull("xadesResp elements", xmlResp.getResponseElements()); assertFalse("xadesResp elements", xmlResp.getResponseElements().isEmpty()); - - SignatureEnvironmentResponse signedXml = (SignatureEnvironmentResponse) xmlResp.getResponseElements().get(0); + + SignatureEnvironmentResponse signedXml = (SignatureEnvironmentResponse) xmlResp.getResponseElements().get(0); assertNotNull("signed xml", signedXml.getSignatureEnvironment()); - - + + // verify signature final VerifyXMLSignatureRequest request = buildVerifyXmlRequest( DOMUtils.serializeNode(signedXml.getSignatureEnvironment()).getBytes(), @@ -199,7 +203,7 @@ public class XadesIntegrationTest extends AbstractIntegrationTest { assertNotNull("verification result", result); assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 0, result.getCertificateCheck().getCode()); - + } @Test @@ -208,20 +212,20 @@ public class XadesIntegrationTest extends AbstractIntegrationTest { Element xml = DOMUtils.parseXmlNonValidating( CadesIntegrationTest.class.getResourceAsStream("/testdata/xades/sign/createXades_2.xml")); CreateXMLSignatureRequest xmlReq = new CreateXMLSignatureRequestParser().parse(xml); - + // create signature CreateXMLSignatureResponse xmlResp = xadesSignInvoker.createXMLSignature(xmlReq, Collections.EMPTY_SET); - - + + // verify response assertNotNull("xadesResp", xmlResp); assertNotNull("xadesResp elements", xmlResp.getResponseElements()); assertFalse("xadesResp elements", xmlResp.getResponseElements().isEmpty()); - - SignatureEnvironmentResponse signedXml = (SignatureEnvironmentResponse) xmlResp.getResponseElements().get(0); + + SignatureEnvironmentResponse signedXml = (SignatureEnvironmentResponse) xmlResp.getResponseElements().get(0); assertNotNull("signed xml", signedXml.getSignatureEnvironment()); - - + + // verify signature final VerifyXMLSignatureRequest request = buildVerifyXmlRequest( DOMUtils.serializeNode(signedXml.getSignatureEnvironment()).getBytes(), @@ -234,7 +238,7 @@ public class XadesIntegrationTest extends AbstractIntegrationTest { assertNotNull("verification result", result); assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 0, result.getCertificateCheck().getCode()); - + } - + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/UtilsTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/UtilsTest.java new file mode 100644 index 0000000..7ddebaa --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/UtilsTest.java @@ -0,0 +1,19 @@ +package at.gv.egovernment.moa.spss.test.integration.utils; + +import static org.junit.jupiter.api.Assertions.assertEquals; + +import org.apache.commons.lang3.StringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +@RunWith(BlockJUnit4ClassRunner.class) +public class UtilsTest { + + @Test + public void characterCleanUp() { + String text = "Hello\nWorld\r\nThis is Java.\rNew lines gone!"; + String result = StringUtils.deleteWhitespace(text); + assertEquals("HelloWorldThisisJava.Newlinesgone!", result); + } +} |