IAIK Moa CAdES added, cms verification not working

5 files changed, 172 insertions, 18 deletions

diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java
index 0cc3389..d878b26 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java
@@ -2,6 +2,8 @@ package at.gv.egovernment.moa.spss.server.webservice;
 
 import at.gv.egiz.moasig.VerifyCMSSignatureRequest;
 import at.gv.egiz.moasig.VerifyCMSSignatureResponseType;
+import at.gv.egiz.moasig.VerifyPDFSignatureRequest;
+import at.gv.egiz.moasig.VerifyPDFSignatureResponseType;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
 
@@ -9,6 +11,13 @@ public interface CMSVerifySignatureBinding {
 	public at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest buildCMSRequest(
 			VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws MOAApplicationException;
 
+	public at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest buildPDFRequest(
+			VerifyPDFSignatureRequest verifyPDFSignatureRequest) throws MOAApplicationException;
+	
 	public VerifyCMSSignatureResponseType buildCMSResponse(VerifyCMSSignatureResponse response)
 			throws MOAApplicationException;
+	
+	public VerifyPDFSignatureResponseType buildPDFResponse(VerifyCMSSignatureResponse response)
+			throws MOAApplicationException;
+	
 }
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java
index 5da3dfc..5162f55 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java
@@ -7,17 +7,17 @@ import javax.jws.WebService;
 @WebService(name = "SignatureCreationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
 public interface SignatureCreationService {
 
-	@WebMethod(action = "createXMLSignature", operationName = "createXMLSignature")
+	@WebMethod(action = "XMLSignatureCreate", operationName = "XMLSignatureCreate")
 	public at.gv.egiz.moasig.CreateXMLSignatureResponseType createXMLSignature(
 			@WebParam(name = "CreateXMLSignatureRequest") at.gv.egiz.moasig.CreateXMLSignatureRequest createXMLSignatureRequest)
 					throws Exception;
 	
-	@WebMethod(action = "createCMSSignature", operationName = "createCMSSignature")
+	@WebMethod(action = "CMSSignatureCreate", operationName = "CMSSignatureCreate")
 	public at.gv.egiz.moasig.CreateCMSSignatureResponseType createCMSSignature(
 			@WebParam(name = "CreateCMSSignatureRequest") at.gv.egiz.moasig.CreateCMSSignatureRequest createCMSSignatureRequest)
 					throws Exception;
 	
-	@WebMethod(action = "createPDFSignature", operationName = "createPDFSignature")
+	@WebMethod(action = "PDFSignatureCreate", operationName = "PDFSignatureCreate")
 	public at.gv.egiz.moasig.CreatePDFSignatureResponseType createPDFSignature(
 			@WebParam(name = "CreatePDFSignatureRequest") at.gv.egiz.moasig.CreatePDFSignatureRequest createPDFSignatureRequest)
 					throws Exception;
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java
index dd78aea..65de3bf 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java
@@ -7,17 +7,17 @@ import javax.jws.WebService;
 @WebService(name = "SignatureVerificationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
 public interface SignatureVerificationService {
 
-	@WebMethod(action = "verifyXMLSignature", operationName = "verifyXMLSignature")
+	@WebMethod(action = "XMLSignatureVerify", operationName = "XMLSignatureVerify")
 	public at.gv.egiz.moasig.VerifyXMLSignatureResponseType verifyXMLSignature(
 			@WebParam(name = "VerifyXMLSignatureRequest") at.gv.egiz.moasig.VerifyXMLSignatureRequest verifyXMLSignatureRequest)
 					throws Exception;
 	
-	@WebMethod(action = "verifyCMSSignature", operationName = "verifyCMSSignature")
+	@WebMethod(action = "CMSSignatureVerify", operationName = "CMSSignatureVerify")
 	public at.gv.egiz.moasig.VerifyCMSSignatureResponseType verifyCMSSignature(
 			@WebParam(name = "VerifyCMSSignatureRequest") at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest)
 					throws Exception;
 	
-	@WebMethod(action = "verifyPDFSignature", operationName = "verifyPDFSignature")
+	@WebMethod(action = "PDFSignatureVerify", operationName = "PDFSignatureVerify")
 	public at.gv.egiz.moasig.VerifyPDFSignatureResponseType verifyPDFSignature(
 			@WebParam(name = "VerifyPDFSignatureRequest") at.gv.egiz.moasig.VerifyPDFSignatureRequest verifyPDFSignatureRequest)
 					throws Exception;
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java
index 3799fde..7a49d6a 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java
@@ -2,14 +2,19 @@ package at.gv.egovernment.moa.spss.server.webservice.binding;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
+import java.math.BigInteger;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.Iterator;
 import java.util.List;
 import java.util.StringTokenizer;
 
+import at.gv.egiz.moasig.FormResultType;
 import at.gv.egiz.moasig.ObjectFactory;
+import at.gv.egiz.moasig.PDFSignatureResultType;
 import at.gv.egiz.moasig.VerifyCMSSignatureResponseType;
+import at.gv.egiz.moasig.VerifyPDFSignatureRequest;
+import at.gv.egiz.moasig.VerifyPDFSignatureResponseType;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
@@ -18,6 +23,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
 import at.gv.egovernment.moa.spss.api.common.CheckResult;
 import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
 import at.gv.egovernment.moa.spss.server.webservice.CMSVerifySignatureBinding;
 import at.gv.egovernment.moa.util.CollectionUtils;
 
@@ -33,7 +39,7 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding
 			at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws MOAApplicationException {
 
 		Date dateTime = null;
-		if (verifyCMSSignatureRequest.getDateTime() == null) {
+		if (verifyCMSSignatureRequest.getDateTime() != null) {
 			dateTime = verifyCMSSignatureRequest.getDateTime().toGregorianCalendar().getTime();
 		}
 
@@ -49,7 +55,7 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding
 
 		InputStream cmsSignature = new ByteArrayInputStream(verifyCMSSignatureRequest.getCMSSignature());
 
-		return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, dataObject, trustProfileID);
+		return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, dataObject, trustProfileID, false);
 	}
 
 	/**
@@ -62,6 +68,10 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding
 	 *         <code>VerifyCMSSignatureRequest</code> DOM element.
 	 */
 	private int[] parseSignatories(at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) {
+		if(verifyCMSSignatureRequest.getSignatories().isEmpty()) {
+			return VerifyCMSSignatureRequest.ALL_SIGNATORIES;
+		}
+		
 		Iterator<String> signatoriesIterator = verifyCMSSignatureRequest.getSignatories().iterator();
 		List signatoriesList = new ArrayList();
 
@@ -91,8 +101,6 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding
 		return signatories;
 	}
 
-	
-
 	@Override
 	public VerifyCMSSignatureResponseType buildCMSResponse(VerifyCMSSignatureResponse response)
 			throws MOAApplicationException {
@@ -120,11 +128,11 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding
 	private void addResponseElement(VerifyCMSSignatureResponseType verifyCMSSignatureResponseType,
 			VerifyCMSSignatureResponseElement responseElement) throws MOAApplicationException {
 
+		ObjectFactory of = new ObjectFactory();
 		SignerInfo signerInfo = responseElement.getSignerInfo();
 		CheckResult signatureCheck = responseElement.getSignatureCheck();
 		CheckResult certCheck = responseElement.getCertificateCheck();
-
-		ObjectFactory of = new ObjectFactory();
+		
 		verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck().add(
 				of.createVerifyCMSSignatureResponseTypeSignerInfo(this.transformerUtils.buildSignerInfo(signerInfo)));
 		verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck()
@@ -132,8 +140,105 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding
 						this.transformerUtils.buildCheckResult(signatureCheck)));
 
 		verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck()
-		.add(of.createVerifyCMSSignatureResponseTypeCertificateCheck(
-				this.transformerUtils.buildCheckResult(certCheck)));
+				.add(of.createVerifyCMSSignatureResponseTypeCertificateCheck(
+						this.transformerUtils.buildCheckResult(certCheck)));
+		
+		if (responseElement.getAdESFormResults() != null) {
+			Iterator adesIterator = responseElement.getAdESFormResults().iterator();
+			while (adesIterator.hasNext()) {
+				AdESFormResults adesResult = (AdESFormResults) adesIterator.next();
+				FormResultType formResultType = new FormResultType();
+				formResultType.setCode(BigInteger.valueOf(adesResult.getCode()));
+				formResultType.setName(adesResult.getName());
+				
+				verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck().add(
+						of.createVerifyCMSSignatureResponseTypeFormCheckResult(formResultType));
+			}
+		}
+	}
+
+	/**
+	 * Add an element to the response.
+	 * 
+	 * @param responseElement
+	 *            The element to add to the response.
+	 * @throws MOAApplicationException
+	 *             An error occurred adding the element.
+	 */
+	private void addResponseElement(VerifyPDFSignatureResponseType verifyPDFSignatureResponseType,
+			VerifyCMSSignatureResponseElement responseElement) throws MOAApplicationException {
+
+		SignerInfo signerInfo = responseElement.getSignerInfo();
+		CheckResult signatureCheck = responseElement.getSignatureCheck();
+		CheckResult certCheck = responseElement.getCertificateCheck();
+
+		PDFSignatureResultType resultType = new PDFSignatureResultType();
+
+		if (responseElement.getAdESFormResults() != null) {
+			Iterator adesIterator = responseElement.getAdESFormResults().iterator();
+			while (adesIterator.hasNext()) {
+				AdESFormResults adesResult = (AdESFormResults) adesIterator.next();
+				FormResultType formResultType = new FormResultType();
+				formResultType.setCode(BigInteger.valueOf(adesResult.getCode()));
+				formResultType.setName(adesResult.getName());
+				resultType.getFormCheckResult().add(formResultType);
+			}
+		}
+
+		resultType.setSignerInfo(this.transformerUtils.buildSignerInfo(signerInfo));
+		resultType.setSignatureCheck(this.transformerUtils.buildCheckResult(signatureCheck));
+		resultType.setCertificateCheck(this.transformerUtils.buildCheckResult(certCheck));
+
+		verifyPDFSignatureResponseType.getSignatureResult().add(resultType);
+	}
+
+	/**
+	 * Parse the <code>Signatories</code> attribute contained in the
+	 * <code>VerifyCMSSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyCMSSignatureRequest</code> DOM element.
+	 * @return The signatories contained in the given
+	 *         <code>VerifyCMSSignatureRequest</code> DOM element.
+	 */
+	private int[] parseSignatories(VerifyPDFSignatureRequest verifyPDFSignatureRequest) {
+		return VerifyCMSSignatureRequest.ALL_SIGNATORIES;
+	}
+
+	@Override
+	public VerifyCMSSignatureRequest buildPDFRequest(VerifyPDFSignatureRequest verifyPDFSignatureRequest)
+			throws MOAApplicationException {
+		Date dateTime = null;
+		if (verifyPDFSignatureRequest.getDateTime() == null) {
+			dateTime = verifyPDFSignatureRequest.getDateTime().toGregorianCalendar().getTime();
+		}
+
+		int[] signatories = parseSignatories(verifyPDFSignatureRequest);
+
+		String trustProfileID = null;
+
+		if (verifyPDFSignatureRequest.getTrustProfileID() != null) {
+			trustProfileID = verifyPDFSignatureRequest.getTrustProfileID();
+		}
+
+		InputStream cmsSignature = new ByteArrayInputStream(verifyPDFSignatureRequest.getPDFSignature());
+
+		return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, null, trustProfileID, true);
+	}
+
+	@Override
+	public VerifyPDFSignatureResponseType buildPDFResponse(VerifyCMSSignatureResponse response)
+			throws MOAApplicationException {
+		VerifyPDFSignatureResponseType verifyPDFSignatureResponseType = new VerifyPDFSignatureResponseType();
+
+		Iterator iter;
+
+		for (iter = response.getResponseElements().iterator(); iter.hasNext();) {
+			VerifyCMSSignatureResponseElement responseElement = (VerifyCMSSignatureResponseElement) iter.next();
+			addResponseElement(verifyPDFSignatureResponseType, responseElement);
+		}
+
+		return verifyPDFSignatureResponseType;
 	}
 
 }
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java
index 0b16e2a..cbc4d2d 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java
@@ -129,15 +129,15 @@ public class SignatureVerificationServiceImpl implements SignatureVerificationSe
 		}
 	}
 
-	@Override
-	@WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
-	public VerifyPDFSignatureResponseType verifyPDFSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest)
+	//@Override
+	//@WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	private VerifyPDFSignatureResponseType verifyPDFASSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest)
 			throws Exception {
 		logger.info("verifyPDFSignature start");
 		try {
 			logger.info("WebServiceContext: {}", context);
 			ContextSetupAspect.setupContext(context.getMessageContext(), "verifyPDFSignature");
-
+			
 			VerifyPDFRequest requestObj;
 			VerifyPDFResponse responseObj;
 
@@ -171,5 +171,45 @@ public class SignatureVerificationServiceImpl implements SignatureVerificationSe
 			ContextSetupAspect.cleanContext();
 		}
 	}
+	
+	@Override
+	@WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public VerifyPDFSignatureResponseType verifyPDFSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest)
+			throws Exception {
+		logger.info("verifyPDFSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "verifyPDFSignature");
+			
+			CMSSignatureVerificationInvoker invoker = CMSSignatureVerificationInvoker.getInstance();
+
+			at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest requestObj;
+			at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse responseObj;
+
+			logger.trace(">>> preparsing Request");
+			requestObj = this.cmsVerifySignatureBinding.buildPDFRequest(verifyPDFSignatureRequest);
+			logger.trace("<<< preparsed Request");
+			
+			logger.trace(">>> verifying Signature");
+			// invoke the core logic
+			responseObj = invoker.verifyCMSSignature(requestObj);
+			logger.trace("<<< verified Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			VerifyPDFSignatureResponseType response = this.cmsVerifySignatureBinding.buildPDFResponse(responseObj);
+			logger.trace("<<< built Response");
+
+			return response;
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
 
 }