diff options
Diffstat (limited to 'moaSig/moa-asic/src/main/java/at')
46 files changed, 1554 insertions, 1521 deletions
diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiC.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiC.java index 759e910..d8bf4d9 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiC.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiC.java @@ -4,11 +4,15 @@ import java.util.Collection; import java.util.List; public interface ASiC { - public ASiCFormat getFormat(); - public boolean isXAdES(); - public boolean isCAdES(); + ASiCFormat getFormat(); - public List<ASiCEntry> getSignaturesEntries(); - public Collection<ASiCEntry> getDataEntries(); - public List<ASiCEntry> getInformationEntries(); + boolean isXAdES(); + + boolean isCAdES(); + + List<ASiCEntry> getSignaturesEntries(); + + Collection<ASiCEntry> getDataEntries(); + + List<ASiCEntry> getInformationEntries(); } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCConstants.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCConstants.java index 02baf40..b987346 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCConstants.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCConstants.java @@ -4,6 +4,6 @@ package at.gv.egiz.asic.api; * Created by afitzek on 6/15/16. */ public interface ASiCConstants { - public static final String FILE_MIME_TYPE = "mimetype"; - public static final String FILE_META_INF = "META-INF/"; + String FILE_MIME_TYPE = "mimetype"; + String FILE_META_INF = "META-INF/"; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCEntry.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCEntry.java index 7c026cf..f0a9edd 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCEntry.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCEntry.java @@ -7,32 +7,32 @@ import java.io.InputStream; */ public class ASiCEntry { - private String entryName; - private InputStream contents; - - public ASiCEntry() { - } - - public String getEntryName() { - return entryName; - } - - public void setEntryName(String entryName) { - this.entryName = entryName; - } - - public InputStream getContents() { - return contents; - } - - public void setContents(InputStream contents) { - this.contents = contents; - } - - @Override - public String toString() { - return "ASiCEntry{" + - "entryName='" + entryName + '\'' + - '}'; - } + private String entryName; + private InputStream contents; + + public ASiCEntry() { + } + + public String getEntryName() { + return entryName; + } + + public void setEntryName(String entryName) { + this.entryName = entryName; + } + + public InputStream getContents() { + return contents; + } + + public void setContents(InputStream contents) { + this.contents = contents; + } + + @Override + public String toString() { + return "ASiCEntry{" + + "entryName='" + entryName + '\'' + + '}'; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFactory.java index 661e418..ccab9a4 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFactory.java @@ -1,16 +1,5 @@ package at.gv.egiz.asic.api; -import at.gv.egiz.asic.exceptions.ASiCException; -import at.gv.egiz.asic.impl.ASiCBaseFormatFactory; -import at.gv.egiz.asic.impl.ASiCExtendedFormatFactory; -import at.gv.egiz.asic.impl.ASiCSimpleFormatFactory; -import at.gv.egiz.asic.impl.ZipCommentReaderStream; -import at.gv.egovernment.moa.spss.MOAApplicationException; -import at.gv.egovernment.moa.spss.MOAException; -import org.apache.commons.io.IOUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -18,147 +7,158 @@ import java.io.InputStream; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; +import org.apache.commons.io.IOUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.impl.ASiCBaseFormatFactory; +import at.gv.egiz.asic.impl.ASiCExtendedFormatFactory; +import at.gv.egiz.asic.impl.ASiCSimpleFormatFactory; +import at.gv.egiz.asic.impl.ZipCommentReaderStream; +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by afitzek on 6/15/16. */ public class ASiCFactory { - private static final Logger logger = LoggerFactory.getLogger(ASiCFactory.class); - - private static final String MIMETYPE_FORMAT_E = "application/vnd.etsi.asic-e+zip"; - private static final String MIMETYPE_FORMAT_S = "application/vnd.etsi.asic-s+zip"; - - public static ASiC parseASiC(InputStream is, ASiCFormat format) throws MOAException { - - InputStream newInputStream = is; - - - // Try to determine the asic format! - if (!newInputStream.markSupported()) { - ByteArrayOutputStream asicContainer = new ByteArrayOutputStream(); - - try { - IOUtils.copy(newInputStream, asicContainer); - } catch (IOException e) { - throw new MOAApplicationException("asic.0003", null); - } - newInputStream = new ByteArrayInputStream(asicContainer.toByteArray()); - } - - String mimeTypeFile = null; - ZipCommentReaderStream commentReaderStream = new ZipCommentReaderStream(newInputStream); - byte[] buffer = new byte[8096]; - try { - while (commentReaderStream.read(buffer) >= 0) { - } - newInputStream.reset(); - } catch (IOException e) { - throw new MOAApplicationException("asic.0003", null); - } - - ZipInputStream zipInputStream = new ZipInputStream(newInputStream); - - try { - for (ZipEntry entry = zipInputStream.getNextEntry(); entry != null; entry = zipInputStream.getNextEntry()) { - String entryName = entry.getName(); - - if("mimetype".equalsIgnoreCase(entryName)) { - if(mimeTypeFile == null) { - mimeTypeFile = IOUtils.toString(zipInputStream, "UTF-8"); - } else { - logger.warn("multiple mimetype files found in archiv"); - } - } - } - newInputStream.reset(); - } catch (IOException e) { - throw new MOAApplicationException("asic.0007", null); - } - - String fileComment = commentReaderStream.getFileComment(); - ASiCFormat fileCommentFormat = null; - if (fileComment != null) { - logger.debug("Found file comment in ASiC {}", fileComment); - if(fileComment.startsWith("mimetype=")) { - String fileCommentMimeType = fileComment.substring("mimetype=".length()); - if(fileCommentMimeType.startsWith(MIMETYPE_FORMAT_E)) { - fileCommentFormat = ASiCFormat.ASiCE; - } else if(fileCommentMimeType.startsWith(MIMETYPE_FORMAT_S)) { - fileCommentFormat = ASiCFormat.ASiCS; - } - } - } else { - logger.info("No file comment in ASiC"); - } - - - ASiCFormat mimeTypeFileFormat = null; - if (mimeTypeFile != null) { - logger.debug("Found mimetype file in ASiC {}", mimeTypeFile); - if(MIMETYPE_FORMAT_E.equalsIgnoreCase(mimeTypeFile)) { - mimeTypeFileFormat = ASiCFormat.ASiCE; - } else if(MIMETYPE_FORMAT_S.equalsIgnoreCase(mimeTypeFile)) { - mimeTypeFileFormat = ASiCFormat.ASiCS; - } - } else { - logger.info("No mimetype file in ASiC"); - } - - if (format == null) { - if (fileCommentFormat != null && mimeTypeFileFormat != null) { - // both are set - if (fileCommentFormat == mimeTypeFileFormat) { - format = fileCommentFormat; - } else { - throw new MOAApplicationException("asic.0009", null); - } - } else if (fileCommentFormat != null) { - format = fileCommentFormat; - } else if (mimeTypeFileFormat != null) { - format = mimeTypeFileFormat; - } else { - throw new MOAApplicationException("asic.0008", null); - } - } else { - // format is provided, only check for missmatches - if (fileCommentFormat != null && fileCommentFormat != format) { - logger.warn("ASiC format missmatch file comment {} vs provided {}", fileCommentFormat, format); - throw new MOAApplicationException("asic.0009", null); - } - if (mimeTypeFileFormat != null && mimeTypeFileFormat != format) { - logger.warn("ASiC format missmatch mimetype file {} vs provided {}", mimeTypeFileFormat, format); - throw new MOAApplicationException("asic.0009", null); - } - - if (fileCommentFormat != null && mimeTypeFileFormat != null) { - // both are set - if (fileCommentFormat != mimeTypeFileFormat) { - logger.warn("ASiC format missmatch file comment {} vs mimetype file {}", fileCommentFormat, mimeTypeFileFormat); - throw new MOAApplicationException("asic.0009", null); - } - } - } + private static final Logger logger = LoggerFactory.getLogger(ASiCFactory.class); - ASiCBaseFormatFactory formatFactory = null; + private static final String MIMETYPE_FORMAT_E = "application/vnd.etsi.asic-e+zip"; + private static final String MIMETYPE_FORMAT_S = "application/vnd.etsi.asic-s+zip"; - if (format == null) { - throw new MOAApplicationException("asic.0008", null); + public static ASiC parseASiC(InputStream is, ASiCFormat format) throws MOAException { + + InputStream newInputStream = is; + + // Try to determine the asic format! + if (!newInputStream.markSupported()) { + final ByteArrayOutputStream asicContainer = new ByteArrayOutputStream(); + + try { + IOUtils.copy(newInputStream, asicContainer); + } catch (final IOException e) { + throw new MOAApplicationException("asic.0003", null); + } + newInputStream = new ByteArrayInputStream(asicContainer.toByteArray()); + } + + String mimeTypeFile = null; + final ZipCommentReaderStream commentReaderStream = new ZipCommentReaderStream(newInputStream); + final byte[] buffer = new byte[8096]; + try { + while (commentReaderStream.read(buffer) >= 0) { + } + newInputStream.reset(); + } catch (final IOException e) { + throw new MOAApplicationException("asic.0003", null); + } + + final ZipInputStream zipInputStream = new ZipInputStream(newInputStream); + + try { + for (ZipEntry entry = zipInputStream.getNextEntry(); entry != null; entry = zipInputStream + .getNextEntry()) { + final String entryName = entry.getName(); + + if ("mimetype".equalsIgnoreCase(entryName)) { + if (mimeTypeFile == null) { + mimeTypeFile = IOUtils.toString(zipInputStream, "UTF-8"); + } else { + logger.warn("multiple mimetype files found in archiv"); + } } + } + newInputStream.reset(); + } catch (final IOException e) { + throw new MOAApplicationException("asic.0007", null); + } - switch (format) { - case ASiCE: - formatFactory = new ASiCExtendedFormatFactory(); - break; - case ASiCS: - formatFactory = new ASiCSimpleFormatFactory(); - break; + final String fileComment = commentReaderStream.getFileComment(); + ASiCFormat fileCommentFormat = null; + if (fileComment != null) { + logger.debug("Found file comment in ASiC {}", fileComment); + if (fileComment.startsWith("mimetype=")) { + final String fileCommentMimeType = fileComment.substring("mimetype=".length()); + if (fileCommentMimeType.startsWith(MIMETYPE_FORMAT_E)) { + fileCommentFormat = ASiCFormat.ASiCE; + } else if (fileCommentMimeType.startsWith(MIMETYPE_FORMAT_S)) { + fileCommentFormat = ASiCFormat.ASiCS; } + } + } else { + logger.info("No file comment in ASiC"); + } - if (formatFactory == null) { - throw new MOAApplicationException("asic.0008", null); + ASiCFormat mimeTypeFileFormat = null; + if (mimeTypeFile != null) { + logger.debug("Found mimetype file in ASiC {}", mimeTypeFile); + if (MIMETYPE_FORMAT_E.equalsIgnoreCase(mimeTypeFile)) { + mimeTypeFileFormat = ASiCFormat.ASiCE; + } else if (MIMETYPE_FORMAT_S.equalsIgnoreCase(mimeTypeFile)) { + mimeTypeFileFormat = ASiCFormat.ASiCS; + } + } else { + logger.info("No mimetype file in ASiC"); + } + + if (format == null) { + if (fileCommentFormat != null && mimeTypeFileFormat != null) { + // both are set + if (fileCommentFormat == mimeTypeFileFormat) { + format = fileCommentFormat; + } else { + throw new MOAApplicationException("asic.0009", null); } + } else if (fileCommentFormat != null) { + format = fileCommentFormat; + } else if (mimeTypeFileFormat != null) { + format = mimeTypeFileFormat; + } else { + throw new MOAApplicationException("asic.0008", null); + } + } else { + // format is provided, only check for missmatches + if (fileCommentFormat != null && fileCommentFormat != format) { + logger.warn("ASiC format missmatch file comment {} vs provided {}", fileCommentFormat, format); + throw new MOAApplicationException("asic.0009", null); + } + if (mimeTypeFileFormat != null && mimeTypeFileFormat != format) { + logger.warn("ASiC format missmatch mimetype file {} vs provided {}", mimeTypeFileFormat, format); + throw new MOAApplicationException("asic.0009", null); + } + + if (fileCommentFormat != null && mimeTypeFileFormat != null) { + // both are set + if (fileCommentFormat != mimeTypeFileFormat) { + logger.warn("ASiC format missmatch file comment {} vs mimetype file {}", fileCommentFormat, + mimeTypeFileFormat); + throw new MOAApplicationException("asic.0009", null); + } + } + } + + ASiCBaseFormatFactory formatFactory = null; - return formatFactory.createASiC(newInputStream); + if (format == null) { + throw new MOAApplicationException("asic.0008", null); } + switch (format) { + case ASiCE: + formatFactory = new ASiCExtendedFormatFactory(); + break; + case ASiCS: + formatFactory = new ASiCSimpleFormatFactory(); + break; + } + + if (formatFactory == null) { + throw new MOAApplicationException("asic.0008", null); + } + + return formatFactory.createASiC(newInputStream); + } + } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFormat.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFormat.java index 8106944..cc72f58 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFormat.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCFormat.java @@ -4,6 +4,6 @@ package at.gv.egiz.asic.api; * Created by Andreas Fitzek on 6/15/16. */ public enum ASiCFormat { - ASiCS, - ASiCE + ASiCS, + ASiCE } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java index ce8f374..a29b5c2 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java @@ -1,41 +1,43 @@ package at.gv.egiz.asic.api; +import java.util.ArrayList; +import java.util.List; + import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; -import java.util.ArrayList; -import java.util.List; - /** * Created by Andreas Fitzek on 6/16/16. */ public class ASiCVerificationResult { - private List<AsicSignedFilesContainer> signedFiles = new ArrayList<AsicSignedFilesContainer>(); + private List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); - private VerifyCMSSignatureResponse cmsResult = null; - private VerifyXMLSignatureResponse xmlResult = null; + private VerifyCMSSignatureResponse cmsResult = null; + private VerifyXMLSignatureResponse xmlResult = null; - public ASiCVerificationResult(List<AsicSignedFilesContainer> references, VerifyCMSSignatureResponse cmsResult) { - this.signedFiles = references; - this.cmsResult = cmsResult; - } + public ASiCVerificationResult(List<AsicSignedFilesContainer> references, + VerifyCMSSignatureResponse cmsResult) { + this.signedFiles = references; + this.cmsResult = cmsResult; + } - public ASiCVerificationResult(List<AsicSignedFilesContainer> references, VerifyXMLSignatureResponse xmlResult) { - this.signedFiles = references; - this.xmlResult = xmlResult; - } + public ASiCVerificationResult(List<AsicSignedFilesContainer> references, + VerifyXMLSignatureResponse xmlResult) { + this.signedFiles = references; + this.xmlResult = xmlResult; + } - public List<AsicSignedFilesContainer> getSignedFiles() { - return signedFiles; - } + public List<AsicSignedFilesContainer> getSignedFiles() { + return signedFiles; + } - public VerifyXMLSignatureResponse getXmlResult() { - return xmlResult; - } + public VerifyXMLSignatureResponse getXmlResult() { + return xmlResult; + } - public VerifyCMSSignatureResponse getCmsResult() { - return cmsResult; - } + public VerifyCMSSignatureResponse getCmsResult() { + return cmsResult; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerifier.java index 77bc61d..fc8de87 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerifier.java @@ -1,16 +1,15 @@ package at.gv.egiz.asic.api; -import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; - import java.util.Date; import java.util.List; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by Andreas Fitzek on 6/15/16. */ public interface ASiCVerifier { - public List<ASiCVerificationResult> verify(ASiC asic, String trustProfileID, Date date) throws MOAException; + List<ASiCVerificationResult> verify(ASiC asic, String trustProfileID, Date date) throws MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/exceptions/ASiCContainerInvalidException.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/exceptions/ASiCContainerInvalidException.java index ea6d19c..1927528 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/exceptions/ASiCContainerInvalidException.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/exceptions/ASiCContainerInvalidException.java @@ -1,7 +1,7 @@ package at.gv.egiz.asic.exceptions; public class ASiCContainerInvalidException extends ASiCException { - public ASiCContainerInvalidException(String reason) { - super(); - } + public ASiCContainerInvalidException(String reason) { + super(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java index 578371c..65c6ccc 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCBaseFormatFactory.java @@ -1,16 +1,5 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.api.ASiCFormat; -import at.gv.egiz.asic.impl.handler.*; -import at.gv.egovernment.moa.spss.MOAApplicationException; -import at.gv.egovernment.moa.spss.MOAException; -import iaik.util.logging.Log; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; @@ -21,125 +10,142 @@ import java.util.Map; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.api.ASiC; +import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.api.ASiCFormat; +import at.gv.egiz.asic.impl.handler.AllDataHandler; +import at.gv.egiz.asic.impl.handler.MetaInfHandler; +import at.gv.egiz.asic.impl.handler.MimefileHandler; +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class ASiCBaseFormatFactory implements ASiCContainer { - private static final Logger logger = LoggerFactory.getLogger(ASiCBaseFormatFactory.class); - - protected boolean cadesSigned = false; - protected boolean xadesSigned = false; - protected boolean timestamped = false; + private static final Logger logger = LoggerFactory.getLogger(ASiCBaseFormatFactory.class); - protected String mimeType = null; + protected boolean cadesSigned = false; + protected boolean xadesSigned = false; + protected boolean timestamped = false; - protected List<ASiCEntry> signatureEntries = new ArrayList<ASiCEntry>(); - protected Map<String, ASiCEntry> dataEntries = new HashMap<String, ASiCEntry>(); - protected List<ASiCEntry> informationEntries = new ArrayList<ASiCEntry>(); + protected String mimeType = null; - protected List<EntryHandler> handlers = new ArrayList<EntryHandler>(); + protected List<ASiCEntry> signatureEntries = new ArrayList<>(); + protected Map<String, ASiCEntry> dataEntries = new HashMap<>(); + protected List<ASiCEntry> informationEntries = new ArrayList<>(); - @Override - public void addDataEntry(ASiCEntry entry) throws MOAApplicationException { - //check if entry with a specific name already exists - if (!dataEntries.containsKey(entry.getEntryName())) { - this.dataEntries.put(entry.getEntryName(), entry); - - } else { - logger.warn("ASiC container already contains a DataEntry with name: " + entry.getEntryName() + " ASiC container is INVALID"); - throw new MOAApplicationException("asic.0017", new Object[]{entry.getEntryName()}); - } - } + protected List<EntryHandler> handlers = new ArrayList<>(); - @Override - public void addSignatureEntry(ASiCEntry entry) { - this.signatureEntries.add(entry); - } + @Override + public void addDataEntry(ASiCEntry entry) throws MOAApplicationException { + // check if entry with a specific name already exists + if (!dataEntries.containsKey(entry.getEntryName())) { + this.dataEntries.put(entry.getEntryName(), entry); - @Override - public void addInformationEntry(ASiCEntry entry) { - this.informationEntries.add(entry); + } else { + logger.warn("ASiC container already contains a DataEntry with name: " + entry.getEntryName() + + " ASiC container is INVALID"); + throw new MOAApplicationException("asic.0017", new Object[] { entry.getEntryName() }); } + } - public ASiCBaseFormatFactory() { - handlers.add(new MimefileHandler()); - handlers.add(new MetaInfHandler()); - handlers.add(new AllDataHandler()); - } + @Override + public void addSignatureEntry(ASiCEntry entry) { + this.signatureEntries.add(entry); + } - public abstract ASiCFormat factoryFormat(); + @Override + public void addInformationEntry(ASiCEntry entry) { + this.informationEntries.add(entry); + } - protected abstract void validate() throws MOAException; + public ASiCBaseFormatFactory() { + handlers.add(new MimefileHandler()); + handlers.add(new MetaInfHandler()); + handlers.add(new AllDataHandler()); + } - public ASiC createASiC(InputStream is) throws MOAException { + public abstract ASiCFormat factoryFormat(); - ZipCommentReaderStream commentReaderStream = new ZipCommentReaderStream(is); + protected abstract void validate() throws MOAException; - ZipInputStream zipInputStream = new ZipInputStream(commentReaderStream); + public ASiC createASiC(InputStream is) throws MOAException { - try { - for (ZipEntry entry = zipInputStream.getNextEntry(); entry != null; entry = zipInputStream.getNextEntry()) { - String entryName = entry.getName(); + final ZipCommentReaderStream commentReaderStream = new ZipCommentReaderStream(is); - Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); - while (handlerIterator.hasNext()) { - EntryHandler entryHandler = handlerIterator.next(); + final ZipInputStream zipInputStream = new ZipInputStream(commentReaderStream); - if (entryHandler.handle(entryName, zipInputStream, this)) { - break; - } - } - } - } catch(IOException e) { - logger.info("Failed to read from ASiC Container", e); - throw new MOAApplicationException("asic.0007", null); - } + try { + for (ZipEntry entry = zipInputStream.getNextEntry(); entry != null; entry = zipInputStream + .getNextEntry()) { + final String entryName = entry.getName(); + final Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); + while (handlerIterator.hasNext()) { + final EntryHandler entryHandler = handlerIterator.next(); - if(this.mimeType == null) { - String mimeTypeComment = commentReaderStream.getFileComment(); - if(mimeTypeComment != null) { - this.mimeType = mimeTypeComment; - } + if (entryHandler.handle(entryName, zipInputStream, this)) { + break; + } } - - this.validate(); - - // unpack and retrieve all available information on ASiC signature - return new ASiCImpl(this.factoryFormat(), this.xadesSigned, this.cadesSigned, this.signatureEntries, dataEntries.values(), this.informationEntries); + } + } catch (final IOException e) { + logger.info("Failed to read from ASiC Container", e); + throw new MOAApplicationException("asic.0007", null); } - @Override - public void setMimeType(String mimeType) { - this.mimeType = mimeType; + if (this.mimeType == null) { + final String mimeTypeComment = commentReaderStream.getFileComment(); + if (mimeTypeComment != null) { + this.mimeType = mimeTypeComment; + } } - public void setIsXAdES() throws MOAException { - if(this.cadesSigned) { - throw new MOAApplicationException("asic.0010", null); - } - this.xadesSigned = true; - } + this.validate(); - public void setIsCAdES() throws MOAException { - if(this.xadesSigned) { - throw new MOAApplicationException("asic.0010", null); - } - this.cadesSigned = true; - } + // unpack and retrieve all available information on ASiC signature + return new ASiCImpl(this.factoryFormat(), this.xadesSigned, this.cadesSigned, this.signatureEntries, + dataEntries.values(), this.informationEntries); + } - public void setIsTimestamped() throws MOAException { - throw new MOAApplicationException("asic.0013", null); - } + @Override + public void setMimeType(String mimeType) { + this.mimeType = mimeType; + } - @Override - public void setIsEvidenceERS() throws MOAException { - throw new MOAApplicationException("asic.0011", null); + @Override + public void setIsXAdES() throws MOAException { + if (this.cadesSigned) { + throw new MOAApplicationException("asic.0010", null); } + this.xadesSigned = true; + } - @Override - public void setIsEvidenceXML() throws MOAException { - throw new MOAApplicationException("asic.0012", null); + @Override + public void setIsCAdES() throws MOAException { + if (this.xadesSigned) { + throw new MOAApplicationException("asic.0010", null); } + this.cadesSigned = true; + } + + @Override + public void setIsTimestamped() throws MOAException { + throw new MOAApplicationException("asic.0013", null); + } + + @Override + public void setIsEvidenceERS() throws MOAException { + throw new MOAApplicationException("asic.0011", null); + } + + @Override + public void setIsEvidenceXML() throws MOAException { + throw new MOAApplicationException("asic.0012", null); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java index 3960a37..26f2924 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCContainer.java @@ -9,15 +9,22 @@ import at.gv.egovernment.moa.spss.MOAException; */ public interface ASiCContainer { - public void setMimeType(String mimeType); - public void addDataEntry(ASiCEntry entry) throws MOAApplicationException; - public void addSignatureEntry(ASiCEntry entry); - public void addInformationEntry(ASiCEntry entry); - - public void setIsXAdES() throws MOAException; - public void setIsCAdES() throws MOAException; - public void setIsEvidenceERS() throws MOAException; - public void setIsEvidenceXML() throws MOAException; - public void setIsTimestamped() throws MOAException; + void setMimeType(String mimeType); + + void addDataEntry(ASiCEntry entry) throws MOAApplicationException; + + void addSignatureEntry(ASiCEntry entry); + + void addInformationEntry(ASiCEntry entry); + + void setIsXAdES() throws MOAException; + + void setIsCAdES() throws MOAException; + + void setIsEvidenceERS() throws MOAException; + + void setIsEvidenceXML() throws MOAException; + + void setIsTimestamped() throws MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java index f71552b..854bf81 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCExtendedFormatFactory.java @@ -1,51 +1,49 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCFormat; -import at.gv.egiz.asic.impl.handler.*; +import java.util.Collections; +import java.util.Iterator; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.io.IOException; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.Collections; -import java.util.Iterator; -import java.util.List; -import java.util.zip.ZipEntry; -import java.util.zip.ZipInputStream; +import at.gv.egiz.asic.api.ASiCFormat; +import at.gv.egiz.asic.impl.handler.ExtendedASiCCAdESHandler; +import at.gv.egiz.asic.impl.handler.ExtendedASiCXAdESHandler; +import at.gv.egiz.asic.impl.handler.ExtendedEvidenceERSRecordHandler; +import at.gv.egiz.asic.impl.handler.ExtendedEvidenceXMLRecordHandler; +import at.gv.egiz.asic.impl.handler.HandlerSorter; /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCExtendedFormatFactory extends ASiCBaseFormatFactory { - private static final Logger logger = LoggerFactory.getLogger(ASiCExtendedFormatFactory.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCExtendedFormatFactory.class); - public ASiCExtendedFormatFactory() { - super(); - handlers.add(new ExtendedASiCCAdESHandler()); - handlers.add(new ExtendedASiCXAdESHandler()); - handlers.add(new ExtendedEvidenceERSRecordHandler()); - handlers.add(new ExtendedEvidenceXMLRecordHandler()); + public ASiCExtendedFormatFactory() { + super(); + handlers.add(new ExtendedASiCCAdESHandler()); + handlers.add(new ExtendedASiCXAdESHandler()); + handlers.add(new ExtendedEvidenceERSRecordHandler()); + handlers.add(new ExtendedEvidenceXMLRecordHandler()); - Collections.sort(handlers, new HandlerSorter()); + Collections.sort(handlers, new HandlerSorter()); - logger.debug("Handler ordering for ASiCExtendedFormatFactory"); - Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); - while(handlerIterator.hasNext()) { - EntryHandler entryHandler = handlerIterator.next(); - logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); - } + logger.debug("Handler ordering for ASiCExtendedFormatFactory"); + final Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); + while (handlerIterator.hasNext()) { + final EntryHandler entryHandler = handlerIterator.next(); + logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); } + } - @Override - protected void validate() { + @Override + protected void validate() { - } + } - @Override - public ASiCFormat factoryFormat() { - return ASiCFormat.ASiCE; - } + @Override + public ASiCFormat factoryFormat() { + return ASiCFormat.ASiCE; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java index 34f6343..e7cfc7e 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCImpl.java @@ -1,74 +1,75 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.api.ASiCFormat; - import java.util.ArrayList; import java.util.Collection; import java.util.List; +import at.gv.egiz.asic.api.ASiC; +import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.api.ASiCFormat; + /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCImpl implements ASiC { - private ASiCFormat format; - private boolean xades; - private boolean cades; + private final ASiCFormat format; + private final boolean xades; + private final boolean cades; - protected List<ASiCEntry> signatureEntries = new ArrayList<ASiCEntry>(); - protected Collection<ASiCEntry> dataEntries = new ArrayList<ASiCEntry>(); - protected List<ASiCEntry> informationEntries = new ArrayList<ASiCEntry>(); + protected List<ASiCEntry> signatureEntries = new ArrayList<>(); + protected Collection<ASiCEntry> dataEntries = new ArrayList<>(); + protected List<ASiCEntry> informationEntries = new ArrayList<>(); - public ASiCImpl(ASiCFormat format, boolean xades, boolean cades, List<ASiCEntry> signatureEntries, Collection<ASiCEntry> collection, List<ASiCEntry> informationEntries) { - this.format = format; - this.xades = xades; - this.cades = cades; - this.signatureEntries = signatureEntries; - this.dataEntries = collection; - this.informationEntries = informationEntries; - } + public ASiCImpl(ASiCFormat format, boolean xades, boolean cades, List<ASiCEntry> signatureEntries, + Collection<ASiCEntry> collection, List<ASiCEntry> informationEntries) { + this.format = format; + this.xades = xades; + this.cades = cades; + this.signatureEntries = signatureEntries; + this.dataEntries = collection; + this.informationEntries = informationEntries; + } - @Override - public ASiCFormat getFormat() { - return format; - } + @Override + public ASiCFormat getFormat() { + return format; + } - @Override - public boolean isXAdES() { - return xades; - } + @Override + public boolean isXAdES() { + return xades; + } - @Override - public boolean isCAdES() { - return cades; - } + @Override + public boolean isCAdES() { + return cades; + } - @Override - public List<ASiCEntry> getSignaturesEntries() { - return signatureEntries; - } + @Override + public List<ASiCEntry> getSignaturesEntries() { + return signatureEntries; + } - @Override - public Collection<ASiCEntry> getDataEntries() { - return dataEntries; - } + @Override + public Collection<ASiCEntry> getDataEntries() { + return dataEntries; + } - @Override - public List<ASiCEntry> getInformationEntries() { - return informationEntries; - } + @Override + public List<ASiCEntry> getInformationEntries() { + return informationEntries; + } - @Override - public String toString() { - return "ASiCImpl{" + - "format=" + format + - ", xades=" + xades + - ", cades=" + cades + - ", signatureEntries=" + signatureEntries + - ", dataEntries=" + dataEntries + - ", informationEntries=" + informationEntries + - '}'; - } + @Override + public String toString() { + return "ASiCImpl{" + + "format=" + format + + ", xades=" + xades + + ", cades=" + cades + + ", signatureEntries=" + signatureEntries + + ", dataEntries=" + dataEntries + + ", informationEntries=" + informationEntries + + '}'; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java index 51392da..1ae32ed 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCMOAVerifier.java @@ -1,87 +1,62 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.ASiCManifestType; -import at.gv.egiz.asic.DataObjectReferenceType; -import at.gv.egiz.asic.ReferenceType; -import at.gv.egiz.asic.XAdESSignaturesType; -import at.gv.egiz.asic.api.*; +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.api.ASiC; +import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.api.ASiCVerifier; import at.gv.egiz.asic.impl.verifier.ExtendedCAdESVerifier; import at.gv.egiz.asic.impl.verifier.ExtendedXAdESVerifier; import at.gv.egiz.asic.impl.verifier.SimpleCAdESVerifier; import at.gv.egiz.asic.impl.verifier.SimpleXAdESVerifier; -import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.MOARuntimeException; import at.gv.egovernment.moa.spss.MOASystemException; -import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.*; -import at.gv.egovernment.moa.spss.api.common.*; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; -import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import at.gv.egovernment.moa.spss.server.invoke.VerifyCMSSignatureResponseBuilder; -import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; -import iaik.server.cmspdfverify.CertificateValidationResult; -import org.apache.commons.codec.binary.Hex; -import org.apache.commons.io.IOUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.xml.bind.DataBindingException; -import javax.xml.bind.JAXB; -import javax.xml.crypto.dsig.Reference; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.DigestInputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.cert.X509Certificate; -import java.util.*; /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCMOAVerifier implements ASiCVerifier { - private static final Logger logger = LoggerFactory.getLogger(ASiCMOAVerifier.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCMOAVerifier.class); - private List<Verifier> verifierMap = new ArrayList<Verifier>(); + private final List<Verifier> verifierMap = new ArrayList<>(); - public ASiCMOAVerifier() { - verifierMap.add(new SimpleCAdESVerifier()); - verifierMap.add(new SimpleXAdESVerifier()); - verifierMap.add(new ExtendedCAdESVerifier()); - verifierMap.add(new ExtendedXAdESVerifier()); - } + public ASiCMOAVerifier() { + verifierMap.add(new SimpleCAdESVerifier()); + verifierMap.add(new SimpleXAdESVerifier()); + verifierMap.add(new ExtendedCAdESVerifier()); + verifierMap.add(new ExtendedXAdESVerifier()); + } - @Override - public List<ASiCVerificationResult> verify(ASiC asic, String trustProfileID, Date date) throws MOAException { - List<ASiCVerificationResult> response = new ArrayList<ASiCVerificationResult>(); - boolean handled = false; + @Override + public List<ASiCVerificationResult> verify(ASiC asic, String trustProfileID, Date date) + throws MOAException { + final List<ASiCVerificationResult> response = new ArrayList<>(); + boolean handled = false; - Iterator<Verifier> verifierIterator = verifierMap.iterator(); + final Iterator<Verifier> verifierIterator = verifierMap.iterator(); - while (verifierIterator.hasNext()) { - Verifier verifier = verifierIterator.next(); - if (verifier.handles(asic)) { - verifier.verify(asic, trustProfileID, date, response); - handled = true; - break; - } - } - - if (!handled) { - logger.warn("Cannot handle ASiC: {}", asic); - throw new MOASystemException("asic.0016", null); - } + while (verifierIterator.hasNext()) { + final Verifier verifier = verifierIterator.next(); + if (verifier.handles(asic)) { + verifier.verify(asic, trustProfileID, date, response); + handled = true; + break; + } + } - return response; + if (!handled) { + logger.warn("Cannot handle ASiC: {}", asic); + throw new MOASystemException("asic.0016", null); } + return response; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java index 90b3081..f478f93 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ASiCSimpleFormatFactory.java @@ -1,54 +1,59 @@ package at.gv.egiz.asic.impl; -import at.gv.egiz.asic.api.ASiCFormat; -import at.gv.egiz.asic.impl.handler.*; -import at.gv.egovernment.moa.spss.MOAApplicationException; +import java.util.Collections; +import java.util.Iterator; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.util.Collections; -import java.util.Iterator; +import at.gv.egiz.asic.api.ASiCFormat; +import at.gv.egiz.asic.impl.handler.HandlerSorter; +import at.gv.egiz.asic.impl.handler.SimpleASiCCAdESHandler; +import at.gv.egiz.asic.impl.handler.SimpleASiCXAdESHandler; +import at.gv.egiz.asic.impl.handler.SimpleEvidenceERSRecordHandler; +import at.gv.egiz.asic.impl.handler.SimpleEvidenceXMLRecordHandler; +import at.gv.egovernment.moa.spss.MOAApplicationException; /** * Created by Andreas Fitzek on 6/15/16. */ public class ASiCSimpleFormatFactory extends ASiCBaseFormatFactory { - private static final Logger logger = LoggerFactory.getLogger(ASiCSimpleFormatFactory.class); + private static final Logger logger = LoggerFactory.getLogger(ASiCSimpleFormatFactory.class); - public ASiCSimpleFormatFactory() { - super(); + public ASiCSimpleFormatFactory() { + super(); - handlers.add(new SimpleASiCCAdESHandler()); - handlers.add(new SimpleASiCXAdESHandler()); - handlers.add(new SimpleEvidenceXMLRecordHandler()); - handlers.add(new SimpleEvidenceERSRecordHandler()); + handlers.add(new SimpleASiCCAdESHandler()); + handlers.add(new SimpleASiCXAdESHandler()); + handlers.add(new SimpleEvidenceXMLRecordHandler()); + handlers.add(new SimpleEvidenceERSRecordHandler()); - Collections.sort(handlers, new HandlerSorter()); + Collections.sort(handlers, new HandlerSorter()); - logger.debug("Handler ordering for ASiCSimpleFormatFactory"); - Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); - while(handlerIterator.hasNext()) { - EntryHandler entryHandler = handlerIterator.next(); - logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); - } + logger.debug("Handler ordering for ASiCSimpleFormatFactory"); + final Iterator<EntryHandler> handlerIterator = this.handlers.iterator(); + while (handlerIterator.hasNext()) { + final EntryHandler entryHandler = handlerIterator.next(); + logger.debug(" " + entryHandler.getPriority() + " " + entryHandler.getClass().getSimpleName()); } + } - @Override - protected void validate() throws MOAApplicationException { - if(this.dataEntries.size() != 1) { - logger.warn("There can only be one data entry for ASiC signatures in simple format"); - throw new MOAApplicationException("asic.0014", null); - } - - if(this.signatureEntries.size() != 1) { - logger.warn("There can only be one signature entry for ASiC signatures in simple format"); - throw new MOAApplicationException("asic.0015", null); - } + @Override + protected void validate() throws MOAApplicationException { + if (this.dataEntries.size() != 1) { + logger.warn("There can only be one data entry for ASiC signatures in simple format"); + throw new MOAApplicationException("asic.0014", null); } - @Override - public ASiCFormat factoryFormat() { - return ASiCFormat.ASiCS; + if (this.signatureEntries.size() != 1) { + logger.warn("There can only be one signature entry for ASiC signatures in simple format"); + throw new MOAApplicationException("asic.0015", null); } + } + + @Override + public ASiCFormat factoryFormat() { + return ASiCFormat.ASiCS; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java index c21960d..fe88a0e 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java @@ -2,38 +2,37 @@ package at.gv.egiz.asic.impl; public class AsicSignedFilesContainer { - private String uri = null; - private String hashAlg = null; - - - /** - * Container element with ASIC signed files information - * - * @param uri Identifier of the file - * @param hashAlg Hash algorithm that is used to hash the file - */ - public AsicSignedFilesContainer(String uri, String hashAlg) { - this.uri = uri; - this.hashAlg = hashAlg; - - } - - /** - * Get file identifier - * - * @return - */ - public String getUri() { - return uri; - } - - /** - * Get hash algorithm that is used to hash the file - * - * @return - */ - public String getHashAlg() { - return hashAlg; - } - + private String uri = null; + private String hashAlg = null; + + /** + * Container element with ASIC signed files information + * + * @param uri Identifier of the file + * @param hashAlg Hash algorithm that is used to hash the file + */ + public AsicSignedFilesContainer(String uri, String hashAlg) { + this.uri = uri; + this.hashAlg = hashAlg; + + } + + /** + * Get file identifier + * + * @return + */ + public String getUri() { + return uri; + } + + /** + * Get hash algorithm that is used to hash the file + * + * @return + */ + public String getHashAlg() { + return hashAlg; + } + } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java index 7767b33..e5e19ed 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/EntryHandler.java @@ -1,14 +1,15 @@ package at.gv.egiz.asic.impl; -import at.gv.egovernment.moa.spss.MOAException; - import java.io.IOException; import java.io.InputStream; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by afitzek on 6/15/16. */ public interface EntryHandler { - public int getPriority(); - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAException; + int getPriority(); + + boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java index 95a2450..29bba58 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/Verifier.java @@ -1,18 +1,18 @@ package at.gv.egiz.asic.impl; +import java.util.Date; +import java.util.List; + import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCVerificationResult; import at.gv.egovernment.moa.spss.MOAException; -import java.util.Date; -import java.util.List; - /** * Created by Andreas Fitzek on 6/17/16. */ public interface Verifier { - public boolean handles(ASiC asic); + boolean handles(ASiC asic); - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) - throws MOAException; + void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java index 93b7651..dacc76e 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/ZipCommentReaderStream.java @@ -1,7 +1,5 @@ package at.gv.egiz.asic.impl; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; @@ -10,171 +8,171 @@ import java.io.InputStream; */ public class ZipCommentReaderStream extends InputStream { - private InputStream inputStream; + private final InputStream inputStream; - private int[] tempBuffer = new int[22]; + private final int[] tempBuffer = new int[22]; - private int[] commentBuffer = null; + private int[] commentBuffer = null; - private int commentBufferContentLen = 0; - private int commentBufferContentOff = 0; + private int commentBufferContentLen = 0; + private int commentBufferContentOff = 0; - private int tempBufferContentLen = 0; - private int tempBufferContentOff = 0; + private int tempBufferContentLen = 0; + private int tempBufferContentOff = 0; - private String fileComment = null; + private String fileComment = null; - private static final byte[] directoryRecord = new byte[] { (byte)0x50, (byte)0x4b, 0x05, 0x06 }; + private static final byte[] directoryRecord = new byte[] { (byte) 0x50, (byte) 0x4b, 0x05, 0x06 }; - public ZipCommentReaderStream(InputStream inputStream) { - this.inputStream = inputStream; - } - - private int readIntIntoBuffer() throws IOException { - int tValue = this.inputStream.read(); - - if(this.tempBuffer.length <= tempBufferContentOff) { - throw new IOException("Temp Buffer is out of space! @ " + tempBufferContentOff); - } + public ZipCommentReaderStream(InputStream inputStream) { + this.inputStream = inputStream; + } - this.tempBuffer[tempBufferContentOff] = tValue; - tempBufferContentOff++; - tempBufferContentLen++; + private int readIntIntoBuffer() throws IOException { + final int tValue = this.inputStream.read(); - return tValue; + if (this.tempBuffer.length <= tempBufferContentOff) { + throw new IOException("Temp Buffer is out of space! @ " + tempBufferContentOff); } - private int readIntIntoCommentBuffer() throws IOException { - int tValue = this.inputStream.read(); + this.tempBuffer[tempBufferContentOff] = tValue; + tempBufferContentOff++; + tempBufferContentLen++; - if(this.commentBuffer.length <= commentBufferContentOff) { - throw new IOException("Comment Buffer is out of space! @ " + commentBufferContentOff); - } + return tValue; + } - this.commentBuffer[commentBufferContentOff] = tValue; - commentBufferContentOff++; - commentBufferContentLen++; + private int readIntIntoCommentBuffer() throws IOException { + final int tValue = this.inputStream.read(); - return tValue; + if (this.commentBuffer.length <= commentBufferContentOff) { + throw new IOException("Comment Buffer is out of space! @ " + commentBufferContentOff); } - private void checkMagicBytes() throws IOException { - boolean foundMagic = true; - tempBufferContentOff = 0; - tempBufferContentLen = 0; - for(int i = 1; i < directoryRecord.length; i++) { - int tValue = readIntIntoBuffer(); - if(tValue != directoryRecord[i]) { - foundMagic = false; - break; - } - if(tValue < 0) { - // Found EOF - return; - } - } + this.commentBuffer[commentBufferContentOff] = tValue; + commentBufferContentOff++; + commentBufferContentLen++; + + return tValue; + } + + private void checkMagicBytes() throws IOException { + boolean foundMagic = true; + tempBufferContentOff = 0; + tempBufferContentLen = 0; + for (int i = 1; i < directoryRecord.length; i++) { + final int tValue = readIntIntoBuffer(); + if (tValue != directoryRecord[i]) { + foundMagic = false; + break; + } + if (tValue < 0) { + // Found EOF + return; + } + } - if(foundMagic) { - // read input stream until comment length - for(int i = 0; i < 16; i++) { - int tValue = readIntIntoBuffer(); + if (foundMagic) { + // read input stream until comment length + for (int i = 0; i < 16; i++) { + final int tValue = readIntIntoBuffer(); - if(tValue < 0) { - // Found EOF - return; - } - } + if (tValue < 0) { + // Found EOF + return; + } + } - int commentlengthHigh = readIntIntoBuffer(); + final int commentlengthHigh = readIntIntoBuffer(); - if(commentlengthHigh < 0) { - // Found EOF - return; - } + if (commentlengthHigh < 0) { + // Found EOF + return; + } - int commentlengthLow = readIntIntoBuffer(); + final int commentlengthLow = readIntIntoBuffer(); - if(commentlengthLow < 0) { - // Found EOF - return; - } + if (commentlengthLow < 0) { + // Found EOF + return; + } - int commentLength = commentlengthLow * 255 + commentlengthHigh; + final int commentLength = commentlengthLow * 255 + commentlengthHigh; - if(commentLength == 0) { - return; - } + if (commentLength == 0) { + return; + } - this.commentBuffer = new int[commentLength]; + this.commentBuffer = new int[commentLength]; - commentBufferContentOff = 0; - commentBufferContentLen = 0; + commentBufferContentOff = 0; + commentBufferContentLen = 0; - // read comment buffer string - for(int i = 0; i < commentLength; i++) { - int tValue = readIntIntoCommentBuffer(); + // read comment buffer string + for (int i = 0; i < commentLength; i++) { + final int tValue = readIntIntoCommentBuffer(); - if(tValue < 0) { - // Found EOF - return; - } - } + if (tValue < 0) { + // Found EOF + return; + } + } - byte[] stringBuffer = new byte[this.commentBuffer.length]; + final byte[] stringBuffer = new byte[this.commentBuffer.length]; - for(int i = 0; i < stringBuffer.length; i++) { - stringBuffer[i] = (byte)this.commentBuffer[i]; - } + for (int i = 0; i < stringBuffer.length; i++) { + stringBuffer[i] = (byte) this.commentBuffer[i]; + } - this.fileComment = new String(stringBuffer); - } + this.fileComment = new String(stringBuffer); } + } - @Override - public int read() throws IOException { - int value = -1; - if(tempBufferContentLen > 0) { - value = this.tempBuffer[tempBufferContentOff]; - tempBufferContentOff++; + @Override + public int read() throws IOException { + int value = -1; + if (tempBufferContentLen > 0) { + value = this.tempBuffer[tempBufferContentOff]; + tempBufferContentOff++; - // reset temp buffer - if(tempBufferContentOff >= tempBufferContentLen) { - tempBufferContentOff = 0; - tempBufferContentLen = 0; - } + // reset temp buffer + if (tempBufferContentOff >= tempBufferContentLen) { + tempBufferContentOff = 0; + tempBufferContentLen = 0; + } - return value; - } + return value; + } - if(this.commentBuffer != null) { - value = this.commentBuffer[commentBufferContentOff]; + if (this.commentBuffer != null) { + value = this.commentBuffer[commentBufferContentOff]; - commentBufferContentOff++; + commentBufferContentOff++; - // reset comment buffer - if(commentBufferContentOff >= commentBufferContentLen) { - commentBufferContentOff = 0; - commentBufferContentLen = 0; - this.commentBuffer = null; - } + // reset comment buffer + if (commentBufferContentOff >= commentBufferContentLen) { + commentBufferContentOff = 0; + commentBufferContentLen = 0; + this.commentBuffer = null; + } - return value; - } - - value = this.inputStream.read(); + return value; + } - if(value == directoryRecord[0] && this.fileComment == null) { - // might have found start of magic bytes - checkMagicBytes(); - // reset buffer offsets - tempBufferContentOff = 0; - commentBufferContentOff = 0; - } + value = this.inputStream.read(); - return value; + if (value == directoryRecord[0] && this.fileComment == null) { + // might have found start of magic bytes + checkMagicBytes(); + // reset buffer offsets + tempBufferContentOff = 0; + commentBufferContentOff = 0; } - public String getFileComment() { - return this.fileComment; - } + return value; + } + + public String getFileComment() { + return this.fileComment; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java index cbf7a35..e1d95c0 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/AllDataHandler.java @@ -1,29 +1,30 @@ package at.gv.egiz.asic.impl.handler; +import java.io.IOException; +import java.io.InputStream; + import at.gv.egiz.asic.api.ASiCConstants; -import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; import at.gv.egovernment.moa.spss.MOAApplicationException; -import java.io.IOException; -import java.io.InputStream; - /** * Created by afitzek on 6/15/16. */ public class AllDataHandler extends BaseHandler implements EntryHandler, ASiCConstants { - @Override - public int getPriority() { - return 100; - } + @Override + public int getPriority() { + return 100; + } - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAApplicationException { + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, + MOAApplicationException { - ASiCEntry entry = buildASiCEntry(entryName, is); - container.addDataEntry(entry); + final ASiCEntry entry = buildASiCEntry(entryName, is); + container.addDataEntry(entry); - return true; - } + return true; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java index 2b5ca9a..208edb4 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/BaseHandler.java @@ -1,27 +1,28 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.api.ASiCConstants; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.impl.EntryHandler; -import org.apache.commons.io.IOUtils; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import org.apache.commons.io.IOUtils; + +import at.gv.egiz.asic.api.ASiCConstants; +import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.impl.EntryHandler; + /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class BaseHandler implements EntryHandler, ASiCConstants { - protected ASiCEntry buildASiCEntry(String entryName, InputStream is) throws IOException { - ASiCEntry entry = new ASiCEntry(); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - IOUtils.copy(is, baos); - entry.setContents(new ByteArrayInputStream(baos.toByteArray())); - entry.setEntryName(entryName); - return entry; - } + protected ASiCEntry buildASiCEntry(String entryName, InputStream is) throws IOException { + final ASiCEntry entry = new ASiCEntry(); + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + IOUtils.copy(is, baos); + entry.setContents(new ByteArrayInputStream(baos.toByteArray())); + entry.setEntryName(entryName); + return entry; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java index 3ee97fc..fef2e38 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/CAdESHandler.java @@ -5,16 +5,13 @@ import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; import at.gv.egovernment.moa.spss.MOAException; -import java.io.IOException; -import java.io.InputStream; - /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class CAdESHandler extends SignatureHandler implements EntryHandler, ASiCConstants { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsCAdES(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsCAdES(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java index f89c6d0..5ba05d6 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceERSRecordHandler.java @@ -3,16 +3,13 @@ package at.gv.egiz.asic.impl.handler; import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egovernment.moa.spss.MOAException; -import java.io.IOException; -import java.io.InputStream; - /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class EvidenceERSRecordHandler extends SignatureHandler { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsEvidenceERS(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsEvidenceERS(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java index 4516bb0..932687b 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/EvidenceXMLRecordHandler.java @@ -8,8 +8,8 @@ import at.gv.egovernment.moa.spss.MOAException; */ public abstract class EvidenceXMLRecordHandler extends SignatureHandler { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsEvidenceXML(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsEvidenceXML(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java index 464bcf6..6eb4d60 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCCAdESHandler.java @@ -1,13 +1,12 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.api.ASiCConstants; - /** * Created by Andreas Fitzek on 6/15/16. */ public class ExtendedASiCCAdESHandler extends CAdESHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".p7s") && entryName.startsWith(FILE_META_INF) && entryName.contains("signature"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".p7s") && entryName.startsWith(FILE_META_INF) && entryName.contains( + "signature"); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java index 971ba31..199dda1 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedASiCXAdESHandler.java @@ -2,17 +2,17 @@ package at.gv.egiz.asic.impl.handler; /** * Created by Andreas Fitzek on 6/15/16. - * + * * Updated by Thomas Lenz on 02/03/17 */ public class ExtendedASiCXAdESHandler extends XAdESHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".xml") - && entryName.startsWith(FILE_META_INF) - && entryName.contains("signatures") + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".xml") + && entryName.startsWith(FILE_META_INF) + && entryName.contains("signatures") // && !entryName.contains("ASiCManifest") // && !entryName.contains("AsiCManifest") - ; - } + ; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java index ccf9224..ab6f2d5 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceERSRecordHandler.java @@ -4,8 +4,9 @@ package at.gv.egiz.asic.impl.handler; * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedEvidenceERSRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".ers") && entryName.startsWith(FILE_META_INF) && entryName.contains("evidencerecord"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".ers") && entryName.startsWith(FILE_META_INF) && entryName.contains( + "evidencerecord"); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java index d24d61b..ecac8b6 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/ExtendedEvidenceXMLRecordHandler.java @@ -4,8 +4,9 @@ package at.gv.egiz.asic.impl.handler; * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedEvidenceXMLRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return entryName.endsWith(".xml") && entryName.startsWith(FILE_META_INF) && entryName.contains("evidencerecord"); - } + @Override + protected boolean matches(String entryName) { + return entryName.endsWith(".xml") && entryName.startsWith(FILE_META_INF) && entryName.contains( + "evidencerecord"); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java index 36a215d..2f753cf 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/HandlerSorter.java @@ -1,16 +1,16 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.impl.EntryHandler; - import java.util.Comparator; +import at.gv.egiz.asic.impl.EntryHandler; + /** * Created by afitzek on 6/15/16. */ public class HandlerSorter implements Comparator<EntryHandler> { - @Override - public int compare(EntryHandler o1, EntryHandler o2) { - return Integer.compare(o1.getPriority(), o2.getPriority()); - } + @Override + public int compare(EntryHandler o1, EntryHandler o2) { + return Integer.compare(o1.getPriority(), o2.getPriority()); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java index ec4f101..0127ea4 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MetaInfHandler.java @@ -1,33 +1,33 @@ package at.gv.egiz.asic.impl.handler; +import java.io.IOException; +import java.io.InputStream; + import at.gv.egiz.asic.api.ASiCConstants; -import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.api.ASiCEntry; +import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; -import java.io.IOException; -import java.io.InputStream; - /** * Created by Andreas Fitzek on 6/15/16. */ public class MetaInfHandler extends BaseHandler implements EntryHandler, ASiCConstants { - @Override - public int getPriority() { - return 20; - } + @Override + public int getPriority() { + return 20; + } - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { - boolean metainf = entryName.startsWith(FILE_META_INF); + final boolean metainf = entryName.startsWith(FILE_META_INF); - if(metainf) { - ASiCEntry entry = buildASiCEntry(entryName, is); - container.addInformationEntry(entry); - return true; - } - - return false; + if (metainf) { + final ASiCEntry entry = buildASiCEntry(entryName, is); + container.addInformationEntry(entry); + return true; } + + return false; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java index 68fc87e..5a67fb8 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/MimefileHandler.java @@ -1,36 +1,37 @@ package at.gv.egiz.asic.impl.handler; +import java.io.IOException; +import java.io.InputStream; + +import org.apache.commons.io.IOUtils; + import at.gv.egiz.asic.api.ASiCConstants; import at.gv.egiz.asic.impl.ASiCContainer; import at.gv.egiz.asic.impl.EntryHandler; -import org.apache.commons.io.IOUtils; - -import java.io.IOException; -import java.io.InputStream; /** * Created by afitzek on 6/15/16. */ public class MimefileHandler implements EntryHandler, ASiCConstants { - private boolean isMimeType(String entryName) { - return FILE_MIME_TYPE.equalsIgnoreCase(entryName); - } - - @Override - public int getPriority() { - return 1; - } + private boolean isMimeType(String entryName) { + return FILE_MIME_TYPE.equalsIgnoreCase(entryName); + } - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { + @Override + public int getPriority() { + return 1; + } - if(isMimeType(entryName)) { - String mimeType = IOUtils.toString(is, "UTF-8"); - container.setMimeType(mimeType); - return true; - } + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException { - return false; + if (isMimeType(entryName)) { + final String mimeType = IOUtils.toString(is, "UTF-8"); + container.setMimeType(mimeType); + return true; } + + return false; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java index 621c9d4..08adbe9 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SignatureHandler.java @@ -1,36 +1,37 @@ package at.gv.egiz.asic.impl.handler; -import at.gv.egiz.asic.impl.ASiCContainer; -import at.gv.egovernment.moa.spss.MOAException; - import java.io.IOException; import java.io.InputStream; +import at.gv.egiz.asic.impl.ASiCContainer; +import at.gv.egovernment.moa.spss.MOAException; + /** * Created by Andreas Fitzek on 6/15/16. */ public abstract class SignatureHandler extends BaseHandler { - @Override - public int getPriority() { - return 0; - } - - protected abstract boolean matches(String entryName); + @Override + public int getPriority() { + return 0; + } - protected abstract void setType(ASiCContainer container) throws MOAException; + protected abstract boolean matches(String entryName); - @Override - public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, MOAException { - boolean signature = this.matches(entryName); + protected abstract void setType(ASiCContainer container) throws MOAException; - if(signature) { - this.setType(container); - container.addSignatureEntry(buildASiCEntry(entryName, is)); - return true; - } + @Override + public boolean handle(String entryName, InputStream is, ASiCContainer container) throws IOException, + MOAException { + final boolean signature = this.matches(entryName); - return false; + if (signature) { + this.setType(container); + container.addSignatureEntry(buildASiCEntry(entryName, is)); + return true; } + return false; + } + } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java index fdeda41..b049767 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCCAdESHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/15/16. */ public class SimpleASiCCAdESHandler extends CAdESHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "signature.p7s").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "signature.p7s").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java index 66a7546..8425b51 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleASiCXAdESHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/15/16. */ public class SimpleASiCXAdESHandler extends XAdESHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "signatures.xml").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "signatures.xml").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java index 58221f5..63a70da 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceERSRecordHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/17/16. */ public class SimpleEvidenceERSRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "evidencerecord.ers").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "evidencerecord.ers").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java index dacc218..db7c063 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/SimpleEvidenceXMLRecordHandler.java @@ -6,8 +6,8 @@ import at.gv.egiz.asic.api.ASiCConstants; * Created by Andreas Fitzek on 6/17/16. */ public class SimpleEvidenceXMLRecordHandler extends EvidenceERSRecordHandler { - @Override - protected boolean matches(String entryName) { - return (ASiCConstants.FILE_META_INF + "evidencerecord.xml").equalsIgnoreCase(entryName); - } + @Override + protected boolean matches(String entryName) { + return (ASiCConstants.FILE_META_INF + "evidencerecord.xml").equalsIgnoreCase(entryName); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java index ff19759..19e37c1 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/handler/XAdESHandler.java @@ -10,8 +10,8 @@ import at.gv.egovernment.moa.spss.MOAException; */ public abstract class XAdESHandler extends SignatureHandler implements EntryHandler, ASiCConstants { - @Override - protected void setType(ASiCContainer container) throws MOAException { - container.setIsXAdES(); - } + @Override + protected void setType(ASiCContainer container) throws MOAException { + container.setIsXAdES(); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java index cc2d363..3060f67 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/BaseVerifier.java @@ -1,61 +1,61 @@ package at.gv.egiz.asic.impl.verifier; -import at.gv.egiz.asic.impl.Verifier; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import java.util.HashMap; import java.util.Map; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.asic.impl.Verifier; + /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class BaseVerifier implements Verifier { - protected static Map<String, String> hashTranslator = new HashMap<String, String>(); - - static { - hashTranslator.put("http://www.w3.org/2000/09/xmldsig#sha1", "SHA-1"); - hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha224", "SHA-224"); - hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha256", "SHA-256"); - hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha384", "SHA-384"); - hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha512", "SHA-512"); - hashTranslator.put("http://www.w3.org/2001/04/xmlenc#ripemd160", "RIPEMD-160"); - } - - private static final Logger logger = LoggerFactory.getLogger(BaseVerifier.class); - - protected boolean compareHash(byte[] reference, byte[] calculated, String refName) { - String referenceHex = Hex.encodeHexString(reference); - String calculatedHex = Hex.encodeHexString(calculated); - if(Arrays.equals(reference, calculated)) { - logger.debug("Digest from manifest do match for {}", refName); - return true; - } else { - logger.info("Digest from manifest do not match for {}", refName); - logger.info("Digest from manifest for {} : {}", refName, referenceHex); - logger.info("Digest from calculated for {} : {}", refName, calculatedHex); - return false; - } + protected static Map<String, String> hashTranslator = new HashMap<>(); + + static { + hashTranslator.put("http://www.w3.org/2000/09/xmldsig#sha1", "SHA-1"); + hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha224", "SHA-224"); + hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha256", "SHA-256"); + hashTranslator.put("http://www.w3.org/2001/04/xmldsig-more#sha384", "SHA-384"); + hashTranslator.put("http://www.w3.org/2001/04/xmlenc#sha512", "SHA-512"); + hashTranslator.put("http://www.w3.org/2001/04/xmlenc#ripemd160", "RIPEMD-160"); + } + + private static final Logger logger = LoggerFactory.getLogger(BaseVerifier.class); + + protected boolean compareHash(byte[] reference, byte[] calculated, String refName) { + final String referenceHex = Hex.encodeHexString(reference); + final String calculatedHex = Hex.encodeHexString(calculated); + if (Arrays.equals(reference, calculated)) { + logger.debug("Digest from manifest do match for {}", refName); + return true; + } else { + logger.info("Digest from manifest do not match for {}", refName); + logger.info("Digest from manifest for {} : {}", refName, referenceHex); + logger.info("Digest from calculated for {} : {}", refName, calculatedHex); + return false; } + } - protected MessageDigest getMessageDigestFromURI(String uri) { - try { + protected MessageDigest getMessageDigestFromURI(String uri) { + try { - String algo = hashTranslator.get(uri); + String algo = hashTranslator.get(uri); - if(algo == null) { - algo = uri; - } + if (algo == null) { + algo = uri; + } - return MessageDigest.getInstance(algo); - } catch (NoSuchAlgorithmException e) { - return null; - } + return MessageDigest.getInstance(algo); + } catch (final NoSuchAlgorithmException e) { + return null; } + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java index 5ab677c..ac96f90 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/CAdESVerifier.java @@ -1,5 +1,8 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.InputStream; +import java.util.Date; + import at.gv.egiz.asic.api.ASiC; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; @@ -9,35 +12,34 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import java.io.InputStream; -import java.util.Date; - /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class CAdESVerifier extends BaseVerifier { - @Override - public boolean handles(ASiC asic) { - return asic.isCAdES(); - } + @Override + public boolean handles(ASiC asic) { + return asic.isCAdES(); + } - protected VerifyCMSSignatureResponse runCMSVerification(InputStream signedData, InputStream cmsSignature, - String trustProfileID, Date date) throws MOAException { - CMSContent cmsContent = SPSSFactory.getInstance().createCMSContent(signedData); - CMSDataObject cmsDataObject = SPSSFactory.getInstance().createCMSDataObject(null, cmsContent, null, null); + protected VerifyCMSSignatureResponse runCMSVerification(InputStream signedData, InputStream cmsSignature, + String trustProfileID, Date date) throws MOAException { + final CMSContent cmsContent = SPSSFactory.getInstance().createCMSContent(signedData); + final CMSDataObject cmsDataObject = SPSSFactory.getInstance().createCMSDataObject(null, cmsContent, null, + null); - VerifyCMSSignatureRequest verifyCMSSignatureRequest = - SPSSFactory.getInstance().createVerifyCMSSignatureRequest( - VerifyCMSSignatureRequest.ALL_SIGNATORIES, - date, - cmsSignature, - cmsDataObject, - trustProfileID, - false, - true); + final VerifyCMSSignatureRequest verifyCMSSignatureRequest = + SPSSFactory.getInstance().createVerifyCMSSignatureRequest( + VerifyCMSSignatureRequest.ALL_SIGNATORIES, + date, + cmsSignature, + cmsDataObject, + trustProfileID, + false, + true); - VerifyCMSSignatureResponse verifyResponse = CMSSignatureVerificationInvoker.getInstance().verifyCMSSignature( - verifyCMSSignatureRequest); - return verifyResponse; - } + final VerifyCMSSignatureResponse verifyResponse = CMSSignatureVerificationInvoker.getInstance() + .verifyCMSSignature( + verifyCMSSignatureRequest); + return verifyResponse; + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java index 4dda99f..62ac1c8 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java @@ -1,5 +1,19 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.IOException; +import java.security.DigestInputStream; +import java.security.MessageDigest; +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import javax.xml.bind.JAXB; + +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import at.gv.egiz.asic.ASiCManifestType; import at.gv.egiz.asic.DataObjectReferenceType; import at.gv.egiz.asic.api.ASiC; @@ -11,162 +25,155 @@ import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.*; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.xml.bind.JAXB; -import java.io.IOException; -import java.security.DigestInputStream; -import java.security.MessageDigest; -import java.util.ArrayList; -import java.util.Date; -import java.util.Iterator; -import java.util.List; /** * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedCAdESVerifier extends CAdESVerifier { - private static final Logger logger = LoggerFactory.getLogger(ExtendedCAdESVerifier.class); + private static final Logger logger = LoggerFactory.getLogger(ExtendedCAdESVerifier.class); - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); - } + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); + } + + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + try { + final Iterator<ASiCEntry> informationsIterator = asic.getInformationEntries().iterator(); - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - try { - Iterator<ASiCEntry> informationsIterator = asic.getInformationEntries().iterator(); + while (informationsIterator.hasNext()) { + final ASiCEntry informationEntry = informationsIterator.next(); + + if (informationEntry.getEntryName().startsWith("META-INF/") && informationEntry.getEntryName() + .endsWith(".xml") + && informationEntry.getEntryName().contains("ASiCManifest")) { + // Got ASiC Manifest + final ASiCManifestType asiCManifestType = JAXB.unmarshal(informationEntry.getContents(), + ASiCManifestType.class); + final String signatureName = asiCManifestType.getSigReference().getURI(); + + ASiCEntry cadesSignature = null; + + // find referenced signature + final Iterator<ASiCEntry> cadesSignatureIterator = asic.getSignaturesEntries().iterator(); + + while (cadesSignatureIterator.hasNext()) { + final ASiCEntry tmpCadesSignature = cadesSignatureIterator.next(); + if (signatureName.equalsIgnoreCase(tmpCadesSignature.getEntryName())) { + cadesSignature = tmpCadesSignature; + break; + } + } - while (informationsIterator.hasNext()) { - ASiCEntry informationEntry = informationsIterator.next(); - - if (informationEntry.getEntryName().startsWith("META-INF/") && informationEntry.getEntryName().endsWith(".xml") - && informationEntry.getEntryName().contains("ASiCManifest")) { - // Got ASiC Manifest - ASiCManifestType asiCManifestType = JAXB.unmarshal(informationEntry.getContents(), ASiCManifestType.class); - String signatureName = asiCManifestType.getSigReference().getURI(); - - ASiCEntry cadesSignature = null; - - // find referenced signature - Iterator<ASiCEntry> cadesSignatureIterator = asic.getSignaturesEntries().iterator(); - - while (cadesSignatureIterator.hasNext()) { - ASiCEntry tmpCadesSignature = cadesSignatureIterator.next(); - if (signatureName.equalsIgnoreCase(tmpCadesSignature.getEntryName())) { - cadesSignature = tmpCadesSignature; - break; - } - } - - if (cadesSignature == null) { - throw new MOAApplicationException("asic.0004", new Object[]{signatureName}); - } - - // verify all references - - boolean allReferencesValid = true; - List<AsicSignedFilesContainer> signedFiles = new ArrayList<AsicSignedFilesContainer>(); - Iterator<DataObjectReferenceType> dataObjectReferenceTypeIterator = asiCManifestType.getDataObjectReference().iterator(); - while (dataObjectReferenceTypeIterator.hasNext()) { - DataObjectReferenceType dataObjectReferenceType = dataObjectReferenceTypeIterator.next(); - - String mdURI = dataObjectReferenceType.getDigestMethod().getAlgorithm(); - String uri = dataObjectReferenceType.getURI(); - signedFiles.add(new AsicSignedFilesContainer(uri, mdURI)); - - Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); - - while (dataEntryIterator.hasNext()) { - ASiCEntry dataEntry = dataEntryIterator.next(); - if (uri.equalsIgnoreCase(dataEntry.getEntryName())) { - MessageDigest md = this.getMessageDigestFromURI(mdURI); - if (md == null) { - throw new MOAApplicationException("asic.0005", new Object[]{mdURI}); - } - DigestInputStream dis = new DigestInputStream(dataEntry.getContents(), md); - byte[] buffer = new byte[8096]; - while (dis.read(buffer) > 0) ; - - if (!this.compareHash(dataObjectReferenceType.getDigestValue(), md.digest(), uri)) { - allReferencesValid = false; - } - - dataEntry.getContents().reset(); - break; - } - } - } - - if (allReferencesValid) { - logger.info("ASiCManifest {} references do match data files!", - informationEntry.getEntryName()); - } - - informationEntry.getContents().reset(); - MessageDigest md = this.getMessageDigestFromURI("SHA-256"); - DigestInputStream dis = new DigestInputStream(informationEntry.getContents(), md); - - VerifyCMSSignatureResponse verifyResponse = - this.runCMSVerification(dis, cadesSignature.getContents(), trustProfileID, date); - - dis.close(); - - String fullDigest = Hex.encodeHexString(md.digest()); - logger.debug("CMS Input data {}", fullDigest); - - if (!allReferencesValid) { - logger.warn("ASiCManifest {} References do not match data files!", - informationEntry.getEntryName()); - List responseElements = new ArrayList(); - - SignerInfo signerInfo; - - - // add SignerInfo element - Iterator responseElementIterator = verifyResponse.getResponseElements().iterator(); - while (responseElementIterator.hasNext()) { - VerifyCMSSignatureResponseElement orig = (VerifyCMSSignatureResponseElement) - responseElementIterator.next(); - - CheckResult signatureCheck; - CheckResult certificateCheck; - - // add SignatureCheck element - signatureCheck = SPSSFactory.getInstance().createCheckResult(1, null); - - // build the response element - VerifyCMSSignatureResponseElement responseElement = - SPSSFactory.getInstance().createVerifyCMSSignatureResponseElement( - orig.getSignerInfo(), - signatureCheck, - orig.getCertificateCheck(), - orig.getAdESFormResults(), - orig.getExtendedCertificateCheck(), - orig.getSignatureAlgorithm(), - null, - null); - responseElements.add(responseElement); - } - VerifyCMSSignatureResponse verifyCMSSignatureResponse = SPSSFactory.getInstance(). - createVerifyCMSSignatureResponse(responseElements); - response.add(new ASiCVerificationResult(signedFiles, verifyCMSSignatureResponse)); - continue; - } else { - response.add(new ASiCVerificationResult(signedFiles, verifyResponse)); - } + if (cadesSignature == null) { + throw new MOAApplicationException("asic.0004", new Object[] { signatureName }); + } + + // verify all references + + boolean allReferencesValid = true; + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + final Iterator<DataObjectReferenceType> dataObjectReferenceTypeIterator = asiCManifestType + .getDataObjectReference().iterator(); + while (dataObjectReferenceTypeIterator.hasNext()) { + final DataObjectReferenceType dataObjectReferenceType = dataObjectReferenceTypeIterator.next(); + + final String mdURI = dataObjectReferenceType.getDigestMethod().getAlgorithm(); + final String uri = dataObjectReferenceType.getURI(); + signedFiles.add(new AsicSignedFilesContainer(uri, mdURI)); + + final Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); + + while (dataEntryIterator.hasNext()) { + final ASiCEntry dataEntry = dataEntryIterator.next(); + if (uri.equalsIgnoreCase(dataEntry.getEntryName())) { + final MessageDigest md = this.getMessageDigestFromURI(mdURI); + if (md == null) { + throw new MOAApplicationException("asic.0005", new Object[] { mdURI }); } + final DigestInputStream dis = new DigestInputStream(dataEntry.getContents(), md); + final byte[] buffer = new byte[8096]; + while (dis.read(buffer) > 0) { + ; + } + + if (!this.compareHash(dataObjectReferenceType.getDigestValue(), md.digest(), uri)) { + allReferencesValid = false; + } + + dataEntry.getContents().reset(); + break; + } + } + } + + if (allReferencesValid) { + logger.info("ASiCManifest {} references do match data files!", + informationEntry.getEntryName()); + } + + informationEntry.getContents().reset(); + final MessageDigest md = this.getMessageDigestFromURI("SHA-256"); + final DigestInputStream dis = new DigestInputStream(informationEntry.getContents(), md); + + final VerifyCMSSignatureResponse verifyResponse = + this.runCMSVerification(dis, cadesSignature.getContents(), trustProfileID, date); + + dis.close(); + + final String fullDigest = Hex.encodeHexString(md.digest()); + logger.debug("CMS Input data {}", fullDigest); + + if (!allReferencesValid) { + logger.warn("ASiCManifest {} References do not match data files!", + informationEntry.getEntryName()); + final List responseElements = new ArrayList(); + + final SignerInfo signerInfo; + + // add SignerInfo element + final Iterator responseElementIterator = verifyResponse.getResponseElements().iterator(); + while (responseElementIterator.hasNext()) { + final VerifyCMSSignatureResponseElement orig = + (VerifyCMSSignatureResponseElement) responseElementIterator.next(); + + CheckResult signatureCheck; + final CheckResult certificateCheck; + + // add SignatureCheck element + signatureCheck = SPSSFactory.getInstance().createCheckResult(1, null); + + // build the response element + final VerifyCMSSignatureResponseElement responseElement = + SPSSFactory.getInstance().createVerifyCMSSignatureResponseElement( + orig.getSignerInfo(), + signatureCheck, + orig.getCertificateCheck(), + orig.getAdESFormResults(), + orig.getExtendedCertificateCheck(), + orig.getSignatureAlgorithm(), + null, + null); + responseElements.add(responseElement); } - } catch (IOException ex) { - throw new MOASystemException("asic.0003", null, ex); + final VerifyCMSSignatureResponse verifyCMSSignatureResponse = SPSSFactory.getInstance() + .createVerifyCMSSignatureResponse(responseElements); + response.add(new ASiCVerificationResult(signedFiles, verifyCMSSignatureResponse)); + continue; + } else { + response.add(new ASiCVerificationResult(signedFiles, verifyResponse)); + } } + } + } catch (final IOException ex) { + throw new MOASystemException("asic.0003", null, ex); } + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java index 86918bf..565921f 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java @@ -1,5 +1,30 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXB; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + import at.gv.egiz.asic.ReferenceType; import at.gv.egiz.asic.SignatureType; import at.gv.egiz.asic.XAdESSignaturesType; @@ -15,187 +40,187 @@ import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moaspss.util.URLEncoder; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.*; -import org.xml.sax.SAXException; - -import javax.xml.bind.*; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import java.io.*; -import java.util.*; /** * Created by Andreas Fitzek on 6/17/16. */ public class ExtendedXAdESVerifier extends XAdESVerifier { - private static final Logger logger = LoggerFactory.getLogger(ExtendedXAdESVerifier.class); + private static final Logger logger = LoggerFactory.getLogger(ExtendedXAdESVerifier.class); - private void resetStream(InputStream is) { - try { - is.reset(); - } catch (IOException e) { - throw new MOARuntimeException("Failed to reset inputStream", null, e); - } + private void resetStream(InputStream is) { + try { + is.reset(); + } catch (final IOException e) { + throw new MOARuntimeException("Failed to reset inputStream", null, e); } + } - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - try { - Iterator<ASiCEntry> xadesSignatureIterator = asic.getSignaturesEntries().iterator(); + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + try { + final Iterator<ASiCEntry> xadesSignatureIterator = asic.getSignaturesEntries().iterator(); - while (xadesSignatureIterator.hasNext()) { - ASiCEntry xadesSignature = xadesSignatureIterator.next(); + while (xadesSignatureIterator.hasNext()) { + final ASiCEntry xadesSignature = xadesSignatureIterator.next(); - List<SignatureType> xmlSignatures = null; - //int signatureSize = 0; + List<SignatureType> xmlSignatures = null; + // int signatureSize = 0; - - // TODO: support not only XAdESSignaturesType object 4.4.3.2 + // TODO: support not only XAdESSignaturesType object 4.4.3.2 // XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - // signatureSize = xAdESSignaturesType.getSignature().size(); - - // this.resetStream(xadesSignature.getContents()); - DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); - dbFactory.setNamespaceAware(true); - //dbFactory.setValidating(true); - DocumentBuilder dBuilder = dbFactory.newDocumentBuilder(); - Document doc = dBuilder.parse(xadesSignature.getContents()); - - this.resetStream(xadesSignature.getContents()); - - org.w3c.dom.Element rootElement = doc.getDocumentElement(); - - if ("http://www.w3.org/2000/09/xmldsig#".equals(rootElement.getNamespaceURI()) && - "Signature".equals(rootElement.getTagName())) { - JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); - JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, SignatureType.class); - SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - xmlSignatures = new ArrayList<SignatureType>(); - xmlSignatures.add(xmlSignature); - } else if ("http://uri.etsi.org/02918/v1.2.1#".equals(rootElement.getNamespaceURI()) && - "XAdESSignatures".equals(rootElement.getLocalName())) { - XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - xmlSignatures = xAdESSignaturesType.getSignature(); - - //TODO: maybe add additional XAdES version - } else if ("http://uri.etsi.org/02918/v1.1.1#".equals(rootElement.getNamespaceURI()) && - "XAdESSignatures".equals(rootElement.getLocalName())) { - - logger.warn("ASiC v1.1.1 is not supported any more. MOA-SP only supports v1.2.1 (http://uri.etsi.org/02918/v1.2.1#)"); - //XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - //xmlSignatures = xAdESSignaturesType.getSignature(); - - } else { - NodeList childrenNodes = rootElement.getChildNodes(); - for(int i = 0; i < childrenNodes.getLength(); i++) { - Node node = childrenNodes.item(i); - JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); - xmlSignatures = new ArrayList<SignatureType>(); - if ("http://www.w3.org/2000/09/xmldsig#".equals(node.getNamespaceURI()) && - "Signature".equals(rootElement.getTagName())) { - JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, SignatureType.class); - SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - xmlSignatures.add(xmlSignature); - } - } - } - - - this.resetStream(xadesSignature.getContents()); - - Map namespaces = new HashMap(); - - //namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); - namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); - - if (xmlSignatures == null || xmlSignatures.size() == 0) { - logger.info("ASiC container does not include a signature or signature format is not supported"); - throw new MOAApplicationException("asic.0016", null); - - } - - for (int i = 0; i < xmlSignatures.size(); i++) { - //NodeList nodes = (NodeList) result; - - //for(int i = 0; i < nodes.getLength(); i++) { - //Node node = nodes.item(i); - //JAXBContext jc = JAXBContext.newInstance( "at.gv.egiz.asic" ); - //JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(node, SignatureType.class); - //SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - List<AsicSignedFilesContainer> signedFiles = new ArrayList<AsicSignedFilesContainer>(); - - //Iterator<ReferenceType> it = xmlSignature.getSignedInfo().getReference().iterator(); - Iterator<ReferenceType> it = xmlSignatures.get(i).getSignedInfo().getReference().iterator(); - while (it.hasNext()) { - ReferenceType refType = it.next(); - if (!refType.getURI().startsWith("#")) { - signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod().getAlgorithm())); - } - } - - Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); - - Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); - - List supplementsList = new ArrayList(); - while (dataEntryIterator.hasNext()) { - ASiCEntry dataEntry = dataEntryIterator.next(); - dataEntry.getContents().reset(); - String entryName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") - .replaceAll("\\+", "%20") - .replaceAll("\\%21", "!") - .replaceAll("\\%2F", "/") - //.replaceAll("\\%27", "'") - //.replaceAll("\\%28", "(") - //.replaceAll("\\%29", ")") - .replaceAll("\\%7E", "~"); - logger.info("Adding Entry : {}", entryName); - Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), entryName); - XMLDataObjectAssociation association = SPSSFactoryImpl.getInstance().createXMLDataObjectAssociation(null, dataContent); - SupplementProfile profile = SPSSFactoryImpl.getInstance().createSupplementProfile(association); - supplementsList.add(profile); - } - String location = "(//ds:Signature)[" + (i + 1) + "]"; - - VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation( - location, namespaces); - - VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation); - - VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest( - date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); - - response.add(new ASiCVerificationResult(signedFiles, - XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); - } + // signatureSize = xAdESSignaturesType.getSignature().size(); + + // this.resetStream(xadesSignature.getContents()); + final DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); + dbFactory.setNamespaceAware(true); + // dbFactory.setValidating(true); + final DocumentBuilder dBuilder = dbFactory.newDocumentBuilder(); + final Document doc = dBuilder.parse(xadesSignature.getContents()); + + this.resetStream(xadesSignature.getContents()); + + final org.w3c.dom.Element rootElement = doc.getDocumentElement(); + + if ("http://www.w3.org/2000/09/xmldsig#".equals(rootElement.getNamespaceURI()) && + "Signature".equals(rootElement.getTagName())) { + final JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); + final JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(rootElement, + SignatureType.class); + final SignatureType xmlSignature = xmlSignatureJaxb.getValue(); + xmlSignatures = new ArrayList<>(); + xmlSignatures.add(xmlSignature); + } else if ("http://uri.etsi.org/02918/v1.2.1#".equals(rootElement.getNamespaceURI()) && + "XAdESSignatures".equals(rootElement.getLocalName())) { + final XAdESSignaturesType xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), + XAdESSignaturesType.class); + xmlSignatures = xAdESSignaturesType.getSignature(); + + // TODO: maybe add additional XAdES version + } else if ("http://uri.etsi.org/02918/v1.1.1#".equals(rootElement.getNamespaceURI()) && + "XAdESSignatures".equals(rootElement.getLocalName())) { + + logger.warn( + "ASiC v1.1.1 is not supported any more. MOA-SP only supports v1.2.1 (http://uri.etsi.org/02918/v1.2.1#)"); + // XAdESSignaturesType xAdESSignaturesType = + // JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); + // xmlSignatures = xAdESSignaturesType.getSignature(); + + } else { + final NodeList childrenNodes = rootElement.getChildNodes(); + for (int i = 0; i < childrenNodes.getLength(); i++) { + final Node node = childrenNodes.item(i); + final JAXBContext jc = JAXBContext.newInstance("at.gv.egiz.asic"); + xmlSignatures = new ArrayList<>(); + if ("http://www.w3.org/2000/09/xmldsig#".equals(node.getNamespaceURI()) && + "Signature".equals(rootElement.getTagName())) { + final JAXBElement<SignatureType> xmlSignatureJaxb = jc.createUnmarshaller().unmarshal( + rootElement, SignatureType.class); + final SignatureType xmlSignature = xmlSignatureJaxb.getValue(); + xmlSignatures.add(xmlSignature); } - } catch( UnsupportedEncodingException e) { - logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); - throw new MOARuntimeException("asic.0003", null, e); - } catch (IOException ex) { - throw new MOASystemException("asic.0003", null, ex); - } catch (ParserConfigurationException e) { - throw new MOASystemException("asic.0003", null, e); - } catch (SAXException e) { - throw new MOASystemException("asic.0003", null, e); - } catch (JAXBException e) { - throw new MOASystemException("asic.0003", null, e); + } } - } - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); + this.resetStream(xadesSignature.getContents()); + + final Map namespaces = new HashMap(); + + // namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); + namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); + + if (xmlSignatures == null || xmlSignatures.size() == 0) { + logger.info("ASiC container does not include a signature or signature format is not supported"); + throw new MOAApplicationException("asic.0016", null); + + } + + for (int i = 0; i < xmlSignatures.size(); i++) { + // NodeList nodes = (NodeList) result; + + // for(int i = 0; i < nodes.getLength(); i++) { + // Node node = nodes.item(i); + // JAXBContext jc = JAXBContext.newInstance( "at.gv.egiz.asic" ); + // JAXBElement<SignatureType> xmlSignatureJaxb = + // jc.createUnmarshaller().unmarshal(node, SignatureType.class); + // SignatureType xmlSignature = xmlSignatureJaxb.getValue(); + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + + // Iterator<ReferenceType> it = + // xmlSignature.getSignedInfo().getReference().iterator(); + final Iterator<ReferenceType> it = xmlSignatures.get(i).getSignedInfo().getReference().iterator(); + while (it.hasNext()) { + final ReferenceType refType = it.next(); + if (!refType.getURI().startsWith("#")) { + signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod() + .getAlgorithm())); + } + } + + final Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); + + final Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); + + final List supplementsList = new ArrayList(); + while (dataEntryIterator.hasNext()) { + final ASiCEntry dataEntry = dataEntryIterator.next(); + dataEntry.getContents().reset(); + final String entryName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") + .replaceAll("\\+", "%20") + .replaceAll("\\%21", "!") + .replaceAll("\\%2F", "/") + // .replaceAll("\\%27", "'") + // .replaceAll("\\%28", "(") + // .replaceAll("\\%29", ")") + .replaceAll("\\%7E", "~"); + logger.info("Adding Entry : {}", entryName); + final Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), + entryName); + final XMLDataObjectAssociation association = SPSSFactory.getInstance() + .createXMLDataObjectAssociation(null, dataContent); + final SupplementProfile profile = SPSSFactory.getInstance().createSupplementProfile(association); + supplementsList.add(profile); + } + final String location = "(//ds:Signature)[" + (i + 1) + "]"; + + final VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance() + .createVerifySignatureLocation( + location, namespaces); + + final VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo( + content, verifySignatureLocation); + + final VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance() + .createVerifyXMLSignatureRequest( + date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); + + response.add(new ASiCVerificationResult(signedFiles, + XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); + } + } + } catch (final UnsupportedEncodingException e) { + logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); + throw new MOARuntimeException("asic.0003", null, e); + } catch (final IOException ex) { + throw new MOASystemException("asic.0003", null, ex); + } catch (final ParserConfigurationException e) { + throw new MOASystemException("asic.0003", null, e); + } catch (final SAXException e) { + throw new MOASystemException("asic.0003", null, e); + } catch (final JAXBException e) { + throw new MOASystemException("asic.0003", null, e); } + } + + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCE.equals(asic.getFormat()); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java index f1756fa..5af344a 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java @@ -1,47 +1,42 @@ package at.gv.egiz.asic.impl.verifier; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; /** * Created by Andreas Fitzek on 6/17/16. */ public class SimpleCAdESVerifier extends CAdESVerifier { - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); - } + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); + } - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - ASiCEntry cadesSignature = asic.getSignaturesEntries().get(0); + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + final ASiCEntry cadesSignature = asic.getSignaturesEntries().get(0); - //get first element - ASiCEntry dataEntry = asic.getDataEntries().iterator().next(); + // get first element + final ASiCEntry dataEntry = asic.getDataEntries().iterator().next(); - List<AsicSignedFilesContainer> signedFiles = new ArrayList<AsicSignedFilesContainer>(); - signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); - VerifyCMSSignatureResponse verifyResponse = - this.runCMSVerification(dataEntry.getContents(), cadesSignature.getContents(), trustProfileID, date); - - response.add(new ASiCVerificationResult(signedFiles, - verifyResponse)); - } + final VerifyCMSSignatureResponse verifyResponse = + this.runCMSVerification(dataEntry.getContents(), cadesSignature.getContents(), trustProfileID, date); + response.add(new ASiCVerificationResult(signedFiles, + verifyResponse)); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java index b378d5b..bc418e2 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java @@ -1,5 +1,19 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.xml.bind.JAXB; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import at.gv.egiz.asic.ReferenceType; import at.gv.egiz.asic.XAdESSignaturesType; import at.gv.egiz.asic.api.ASiC; @@ -13,117 +27,116 @@ import at.gv.egovernment.moa.spss.MOARuntimeException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.common.Content; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moaspss.util.URLEncoder; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.xml.bind.JAXB; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.util.*; /** * Created by Andreas Fitzek on 6/17/16. */ public class SimpleXAdESVerifier extends XAdESVerifier { - private static final Logger logger = LoggerFactory.getLogger(SimpleXAdESVerifier.class); - - - @Override - public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) throws MOAException { - // XAdES - try { - ASiCEntry xadesSignature = asic.getSignaturesEntries().get(0); - - XAdESSignaturesType xAdESSignaturesType = null; - try { - xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); - } catch (Throwable ex) { - logger.warn("Failed to process xml signature: ex"); - throw new MOAApplicationException("asic.0003", null, ex); - } - - if (xAdESSignaturesType == null) { - throw new MOAApplicationException("asic.0003", null); - } - - int signatureSize = xAdESSignaturesType.getSignature().size(); - - try { - xadesSignature.getContents().reset(); - } catch (IOException e) { - throw new MOARuntimeException("asic.0003", null, e); - } - Map namespaces = new HashMap(); - - namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); - namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); - - for (int i = 0; i < signatureSize; i++) { - - List<AsicSignedFilesContainer> signedFiles = new ArrayList<AsicSignedFilesContainer>(); - - Iterator<ReferenceType> it = xAdESSignaturesType.getSignature().get(i).getSignedInfo().getReference().iterator(); - while (it.hasNext()) { - ReferenceType refType = it.next(); - if (!refType.getURI().startsWith("#")) { - signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod().getAlgorithm())); - } - } - - boolean addAll = signedFiles.isEmpty() && asic.getDataEntries().size() == 1; - - Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); - - Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); - List supplementsList = new ArrayList(); - while (dataEntryIterator.hasNext()) { - ASiCEntry dataEntry = dataEntryIterator.next(); - String uriName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") - .replaceAll("\\+", "%20") - .replaceAll("\\%21", "!") - .replaceAll("\\%27", "'") - //.replaceAll("\\%28", "(") - //.replaceAll("\\%29", ")") - .replaceAll("\\%7E", "~"); - - Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), uriName); - XMLDataObjectAssociation association = SPSSFactoryImpl.getInstance().createXMLDataObjectAssociation(null, dataContent); - SupplementProfile profile = SPSSFactoryImpl.getInstance().createSupplementProfile(association); - supplementsList.add(profile); - - if (addAll) { - signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); - } - } - String location = "(//ds:Signature)[" + (i + 1) + "]"; - - VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation( - location, namespaces); - - VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation); - - VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest( - date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); - - response.add(new ASiCVerificationResult(signedFiles, - XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); - } - } catch(UnsupportedEncodingException e) { - logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); - throw new MOARuntimeException("asic.0003", null, e); + private static final Logger logger = LoggerFactory.getLogger(SimpleXAdESVerifier.class); + + @Override + public void verify(ASiC asic, String trustProfileID, Date date, List<ASiCVerificationResult> response) + throws MOAException { + // XAdES + try { + final ASiCEntry xadesSignature = asic.getSignaturesEntries().get(0); + + XAdESSignaturesType xAdESSignaturesType = null; + try { + xAdESSignaturesType = JAXB.unmarshal(xadesSignature.getContents(), XAdESSignaturesType.class); + } catch (final Throwable ex) { + logger.warn("Failed to process xml signature: ex"); + throw new MOAApplicationException("asic.0003", null, ex); + } + + if (xAdESSignaturesType == null) { + throw new MOAApplicationException("asic.0003", null); + } + + final int signatureSize = xAdESSignaturesType.getSignature().size(); + + try { + xadesSignature.getContents().reset(); + } catch (final IOException e) { + throw new MOARuntimeException("asic.0003", null, e); + } + final Map namespaces = new HashMap(); + + namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); + namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); + + for (int i = 0; i < signatureSize; i++) { + + final List<AsicSignedFilesContainer> signedFiles = new ArrayList<>(); + + final Iterator<ReferenceType> it = xAdESSignaturesType.getSignature().get(i).getSignedInfo() + .getReference().iterator(); + while (it.hasNext()) { + final ReferenceType refType = it.next(); + if (!refType.getURI().startsWith("#")) { + signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod() + .getAlgorithm())); + } } - } - @Override - public boolean handles(ASiC asic) { - return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); + final boolean addAll = signedFiles.isEmpty() && asic.getDataEntries().size() == 1; + + final Iterator<ASiCEntry> dataEntryIterator = asic.getDataEntries().iterator(); + + final Content content = SPSSFactory.getInstance().createContent(xadesSignature.getContents(), null); + final List supplementsList = new ArrayList(); + while (dataEntryIterator.hasNext()) { + final ASiCEntry dataEntry = dataEntryIterator.next(); + final String uriName = URLEncoder.encode(dataEntry.getEntryName(), "UTF-8") + .replaceAll("\\+", "%20") + .replaceAll("\\%21", "!") + .replaceAll("\\%27", "'") + // .replaceAll("\\%28", "(") + // .replaceAll("\\%29", ")") + .replaceAll("\\%7E", "~"); + + final Content dataContent = SPSSFactory.getInstance().createContent(dataEntry.getContents(), + uriName); + final XMLDataObjectAssociation association = SPSSFactory.getInstance() + .createXMLDataObjectAssociation(null, dataContent); + final SupplementProfile profile = SPSSFactory.getInstance().createSupplementProfile(association); + supplementsList.add(profile); + + if (addAll) { + signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); + } + } + final String location = "(//ds:Signature)[" + (i + 1) + "]"; + + final VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance() + .createVerifySignatureLocation( + location, namespaces); + + final VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo( + content, verifySignatureLocation); + + final VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance() + .createVerifyXMLSignatureRequest( + date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); + + response.add(new ASiCVerificationResult(signedFiles, + XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest))); + } + } catch (final UnsupportedEncodingException e) { + logger.error("UTF8 encoding not supported by system. MOA will not work on this system!", e); + throw new MOARuntimeException("asic.0003", null, e); } + } + + @Override + public boolean handles(ASiC asic) { + return super.handles(asic) && ASiCFormat.ASiCS.equals(asic.getFormat()); + } }
\ No newline at end of file diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java index 904ad4e..2074464 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/XAdESVerifier.java @@ -1,54 +1,54 @@ package at.gv.egiz.asic.impl.verifier; +import java.io.InputStream; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + import at.gv.egiz.asic.api.ASiC; -import at.gv.egiz.asic.api.ASiCEntry; -import at.gv.egiz.asic.api.ASiCVerificationResult; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.common.Content; -import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; -import at.gv.egovernment.moa.spss.api.impl.SPSSFactoryImpl; -import at.gv.egovernment.moa.spss.api.xmlverify.*; -import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; -import java.io.InputStream; -import java.util.*; - /** * Created by Andreas Fitzek on 6/17/16. */ public abstract class XAdESVerifier extends BaseVerifier { - @Override - public boolean handles(ASiC asic) { - return asic.isXAdES(); - } + @Override + public boolean handles(ASiC asic) { + return asic.isXAdES(); + } - protected VerifyXMLSignatureResponse runXMLVerification(InputStream signedData, InputStream xmlSignature, - String trustProfileID, Date date, List supplementsList, - String location, Map namespaces) throws MOAException { + protected VerifyXMLSignatureResponse runXMLVerification(InputStream signedData, InputStream xmlSignature, + String trustProfileID, Date date, List supplementsList, + String location, Map namespaces) throws MOAException { - if(namespaces == null) { - namespaces = new HashMap(); + if (namespaces == null) { + namespaces = new HashMap(); - namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); - namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); - } + namespaces.put("asic", "http://uri.etsi.org/02918/v1.2.1#"); + namespaces.put("ds", "http://www.w3.org/2000/09/xmldsig#"); + } - Content content = SPSSFactory.getInstance().createContent(xmlSignature, null); + final Content content = SPSSFactory.getInstance().createContent(xmlSignature, null); - VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance().createVerifySignatureLocation( - location, namespaces); + final VerifySignatureLocation verifySignatureLocation = SPSSFactory.getInstance() + .createVerifySignatureLocation( + location, namespaces); - VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo(content, verifySignatureLocation); + final VerifySignatureInfo verifySignatureInfo = SPSSFactory.getInstance().createVerifySignatureInfo( + content, verifySignatureLocation); - VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance().createVerifyXMLSignatureRequest( - date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); + final VerifyXMLSignatureRequest verifyXMLSignatureRequest = SPSSFactory.getInstance() + .createVerifyXMLSignatureRequest( + date, verifySignatureInfo, supplementsList, null, false, trustProfileID, true); - return XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest); - } + return XMLSignatureVerificationInvoker.getInstance().verifyXMLSignature(verifyXMLSignatureRequest); + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureRequestParser.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureRequestParser.java index c06e30e..b152b6d 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureRequestParser.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureRequestParser.java @@ -21,31 +21,25 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egiz.asic.xmlbind; +import java.io.InputStream; +import java.util.Date; + +import org.w3c.dom.Element; + import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; -import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; -import at.gv.egovernment.moa.spss.api.common.MetaInfo; import at.gv.egovernment.moa.spss.api.xmlbind.RequestParserUtils; -import at.gv.egovernment.moaspss.util.*; -import org.w3c.dom.Element; - -import java.io.InputStream; -import java.math.BigDecimal; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; -import java.util.StringTokenizer; +import at.gv.egovernment.moaspss.util.Base64Utils; +import at.gv.egovernment.moaspss.util.Constants; +import at.gv.egovernment.moaspss.util.XPathUtils; /** * A parser to parse <code>VerifyCMSSignatureRequest</code> DOM trees into * <code>VerifyCMSSignatureRequest</code> API objects. - * + * * @author Patrick Peck * @version $Id$ */ @@ -61,48 +55,47 @@ public class VerifyASICSignatureRequestParser { private static final String ASIC_EXTENSION_XPATH = MOA + "ASICExtension"; private static final String TRUST_PROFILE_ID_XPATH = MOA + "TrustProfileID"; - /** The <code>SPSSFactory</code> for creating new API objects. */ - private SPSSFactory factory = SPSSFactory.getInstance(); + private final SPSSFactory factory = SPSSFactory.getInstance(); /** - * Parse a <code>VerifyCMSSignatureRequest</code> DOM element, as defined - * by the MOA schema. - * + * Parse a <code>VerifyCMSSignatureRequest</code> DOM element, as defined by the + * MOA schema. + * * @param requestElem The <code>VerifyCMSSignatureRequest</code> to parse. The - * request must have been successfully parsed against the schema for this - * method to succeed. - * @return A <code>VerifyCMSSignatureRequest</code> API objects containing - * the data from the DOM element. + * request must have been successfully parsed against the + * schema for this method to succeed. + * @return A <code>VerifyCMSSignatureRequest</code> API objects containing the + * data from the DOM element. * @throws MOAApplicationException An error occurred parsing the request. */ public VerifyASiCRequest parseASIC(Element requestElem) - throws MOAApplicationException { - Date dateTime = - RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH); + throws MOAApplicationException { + final Date dateTime = + RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH); + + final boolean extendedValidation = + RequestParserUtils.parseExtendedValidation(requestElem, EXTENDED_VALIDATION_XPATH, false); - boolean extendedValidation = - RequestParserUtils.parseExtendedValidation(requestElem, EXTENDED_VALIDATION_XPATH, false); - - String asicSignatureStr = - XPathUtils.getElementValue(requestElem, ASIC_SIGNATURE_XPATH, ""); + final String asicSignatureStr = + XPathUtils.getElementValue(requestElem, ASIC_SIGNATURE_XPATH, ""); - String asicExtensionStr = - XPathUtils.getElementValue(requestElem, ASIC_EXTENSION_XPATH, ""); + final String asicExtensionStr = + XPathUtils.getElementValue(requestElem, ASIC_EXTENSION_XPATH, ""); - String trustProfileID = - XPathUtils.getElementValue(requestElem, TRUST_PROFILE_ID_XPATH, null); - //Logger.info("CMSSignature: " + cmsSignatureStr); - InputStream asicSignature = - Base64Utils.decodeToStream(asicSignatureStr, true); + final String trustProfileID = + XPathUtils.getElementValue(requestElem, TRUST_PROFILE_ID_XPATH, null); + // Logger.info("CMSSignature: " + cmsSignatureStr); + final InputStream asicSignature = + Base64Utils.decodeToStream(asicSignatureStr, true); ASiCFormat format = null; - if("asics".equalsIgnoreCase(asicExtensionStr) || "scs".equalsIgnoreCase(asicExtensionStr) - || "application/vnd.etsi.asic-s+zip".equalsIgnoreCase(asicExtensionStr)) { + if ("asics".equalsIgnoreCase(asicExtensionStr) || "scs".equalsIgnoreCase(asicExtensionStr) + || "application/vnd.etsi.asic-s+zip".equalsIgnoreCase(asicExtensionStr)) { format = ASiCFormat.ASiCS; - } else if("asice".equalsIgnoreCase(asicExtensionStr) || "sce".equalsIgnoreCase(asicExtensionStr) - || "application/vnd.etsi.asic-e+zip".equalsIgnoreCase(asicExtensionStr)) { + } else if ("asice".equalsIgnoreCase(asicExtensionStr) || "sce".equalsIgnoreCase(asicExtensionStr) + || "application/vnd.etsi.asic-e+zip".equalsIgnoreCase(asicExtensionStr)) { format = ASiCFormat.ASiCE; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java index 67d8b05..34744ef 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java @@ -21,168 +21,172 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egiz.asic.xmlbind; +import java.util.Iterator; +import java.util.List; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; + import at.gv.egiz.asic.api.ASiCVerificationResult; import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.api.xmlbind.ResponseBuilderUtils; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureResponseBuilder; import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; -import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureResponseBuilder; import at.gv.egovernment.moaspss.util.Constants; import at.gv.egovernment.moaspss.util.MiscUtil; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import java.util.Iterator; -import java.util.List; - /** - * Convert a <code>VerifyCMSSignatureResponse</code> API object into its - * XML representation, according to the MOA XML schema. - * + * Convert a <code>VerifyCMSSignatureResponse</code> API object into its XML + * representation, according to the MOA XML schema. + * * @author Patrick Peck * @version $Id$ */ public class VerifyASICSignatureResponseBuilder { /** The XML document containing the response element. */ - private Document responseDoc; + private final Document responseDoc; /** The response <code>VerifyCMSSignatureResponse</code> DOM element. */ - private Element responseElem; + private final Element responseElem; /** * Create a new <code>VerifyCMSSignatureResponseBuilder</code>: * - * @throws MOASystemException An error occurred setting up the resulting - * XML document. + * @throws MOASystemException An error occurred setting up the resulting XML + * document. */ public VerifyASICSignatureResponseBuilder() throws MOASystemException { responseDoc = - ResponseBuilderUtils.createResponse("VerifyASICSignatureResponse"); + ResponseBuilderUtils.createResponse("VerifyASICSignatureResponse"); responseElem = responseDoc.getDocumentElement(); } - + /** - * Build a document containing a <code>VerifyCMSSignatureResponse</code> - * DOM element being the XML representation of the given + * Build a document containing a <code>VerifyCMSSignatureResponse</code> DOM + * element being the XML representation of the given * <code>VerifyCMSSignatureResponse</code> API object. - * - * @param response The <code>VerifyCMSSignatureResponse</code> to convert - * to XML. - * @return A document containing the <code>VerifyCMSSignatureResponse</code> - * DOM element. + * + * @param response The <code>VerifyCMSSignatureResponse</code> to convert to + * XML. + * @return A document containing the <code>VerifyCMSSignatureResponse</code> DOM + * element. * @throws MOAApplicationException An error occurred building the response. */ public Document build(List<ASiCVerificationResult> results) - throws MOAException { + throws MOAException { - Iterator<ASiCVerificationResult> iter = results.iterator(); + final Iterator<ASiCVerificationResult> iter = results.iterator(); - while(iter.hasNext()) { - ASiCVerificationResult aSiCVerificationResult = iter.next(); - addASiCResultElement(aSiCVerificationResult); + while (iter.hasNext()) { + final ASiCVerificationResult aSiCVerificationResult = iter.next(); + addASiCResultElement(aSiCVerificationResult); } - + return responseDoc; } - private void addASiCResultElement(ASiCVerificationResult aSiCVerificationResult) - throws MOAException { - Element asiCSignatureResultElem = responseDoc.createElementNS(Constants.MOA_NS_URI, "ASiCSignatureResult"); - - Iterator<AsicSignedFilesContainer> signedFiles = aSiCVerificationResult.getSignedFiles().iterator(); - while (signedFiles.hasNext()) { - AsicSignedFilesContainer signedFile = signedFiles.next(); - Element signedFilesElem = responseDoc.createElementNS(Constants.MOA_NS_URI, "signedFiles"); - signedFilesElem.setTextContent(signedFile.getUri()); - if (MiscUtil.isNotEmpty(signedFile.getHashAlg())) - signedFilesElem.setAttribute("hashAlgorithm", signedFile.getHashAlg()); - - asiCSignatureResultElem.appendChild(signedFilesElem); - } - - if(aSiCVerificationResult.getXmlResult() != null) { - VerifyXMLSignatureResponseBuilder verifyXMLSignatureResponseBuilder = new VerifyXMLSignatureResponseBuilder(this.responseDoc, "XMLSignatureResult", true); - asiCSignatureResultElem.appendChild(verifyXMLSignatureResponseBuilder.buildElement(aSiCVerificationResult.getXmlResult())); - } else if(aSiCVerificationResult.getCmsResult() != null) { - VerifyCMSSignatureResponseBuilder verifyCMSSignatureResponseBuilder = new VerifyCMSSignatureResponseBuilder(this.responseDoc, "CMSSignatureResult", true); - asiCSignatureResultElem.appendChild(verifyCMSSignatureResponseBuilder.buildElement(aSiCVerificationResult.getCmsResult())); - } - - responseElem.appendChild(asiCSignatureResultElem); + private void addASiCResultElement(ASiCVerificationResult aSiCVerificationResult) + throws MOAException { + final Element asiCSignatureResultElem = responseDoc.createElementNS(Constants.MOA_NS_URI, + "ASiCSignatureResult"); + + final Iterator<AsicSignedFilesContainer> signedFiles = aSiCVerificationResult.getSignedFiles().iterator(); + while (signedFiles.hasNext()) { + final AsicSignedFilesContainer signedFile = signedFiles.next(); + final Element signedFilesElem = responseDoc.createElementNS(Constants.MOA_NS_URI, "signedFiles"); + signedFilesElem.setTextContent(signedFile.getUri()); + if (MiscUtil.isNotEmpty(signedFile.getHashAlg())) { + signedFilesElem.setAttribute("hashAlgorithm", signedFile.getHashAlg()); + } + + asiCSignatureResultElem.appendChild(signedFilesElem); + } + + if (aSiCVerificationResult.getXmlResult() != null) { + final VerifyXMLSignatureResponseBuilder verifyXMLSignatureResponseBuilder = + new VerifyXMLSignatureResponseBuilder(this.responseDoc, "XMLSignatureResult", true); + asiCSignatureResultElem.appendChild(verifyXMLSignatureResponseBuilder.buildElement( + aSiCVerificationResult.getXmlResult())); + } else if (aSiCVerificationResult.getCmsResult() != null) { + final VerifyCMSSignatureResponseBuilder verifyCMSSignatureResponseBuilder = + new VerifyCMSSignatureResponseBuilder(this.responseDoc, "CMSSignatureResult", true); + asiCSignatureResultElem.appendChild(verifyCMSSignatureResponseBuilder.buildElement( + aSiCVerificationResult.getCmsResult())); } + responseElem.appendChild(asiCSignatureResultElem); + } + /** * Add an element to the response. - * + * * @param responseElement The element to add to the response. * @throws MOAApplicationException An error occurred adding the element. */ private void addResponseElement(VerifyCMSSignatureResponseElement responseElement) - throws MOAApplicationException { + throws MOAApplicationException { + + final SignerInfo signerInfo = responseElement.getSignerInfo(); + final CheckResult signatureCheck = responseElement.getSignatureCheck(); + final CheckResult certCheck = responseElement.getCertificateCheck(); - SignerInfo signerInfo = responseElement.getSignerInfo(); - CheckResult signatureCheck = responseElement.getSignatureCheck(); - CheckResult certCheck = responseElement.getCertificateCheck(); - ResponseBuilderUtils.addSignerInfo( - responseDoc, - responseElem, - signerInfo.getSignerCertificate(), - signerInfo.isQualifiedCertificate(), - signerInfo.getQCSource(), - signerInfo.isPublicAuthority(), - signerInfo.getPublicAuhtorityID(), - signerInfo.isSSCD(), - signerInfo.getSSCDSource(), - signerInfo.getIssuerCountryCode(), - signerInfo.getTslInfos()); + responseDoc, + responseElem, + signerInfo.getSignerCertificate(), + signerInfo.isQualifiedCertificate(), + signerInfo.getQCSource(), + signerInfo.isPublicAuthority(), + signerInfo.getPublicAuhtorityID(), + signerInfo.isSSCD(), + signerInfo.getSSCDSource(), + signerInfo.getIssuerCountryCode(), + signerInfo.getTslInfos()); ResponseBuilderUtils.addSignatureAlgorithm(responseDoc, - responseElem, - responseElement.getSignatureAlgorithm()); - + responseElem, + responseElement.getSignatureAlgorithm()); + ResponseBuilderUtils.addCodeInfoElement( - responseDoc, - responseElem, - "SignatureCheck", - signatureCheck.getCode(), - signatureCheck.getInfo()); + responseDoc, + responseElem, + "SignatureCheck", + signatureCheck.getCode(), + signatureCheck.getInfo()); ResponseBuilderUtils.addCodeInfoElement( - responseDoc, - responseElem, - "CertificateCheck", - certCheck.getCode(), - certCheck.getInfo()); - + responseDoc, + responseElem, + "CertificateCheck", + certCheck.getCode(), + certCheck.getInfo()); if (responseElement.getAdESFormResults() != null) { - Iterator formIterator = responseElement.getAdESFormResults().iterator(); - - while (formIterator.hasNext()) { - AdESFormResults adESFormResult = (AdESFormResults) formIterator.next(); - // add the CertificateCheck - ResponseBuilderUtils.addFormCheckElement(responseDoc, responseElem, "FormCheckResult", - adESFormResult.getCode().intValue(), adESFormResult.getName()); - - } - } - - if(responseElement.getExtendedCertificateCheck() != null) { - ResponseBuilderUtils.addExtendendResult(responseDoc, responseElem, responseElement.getExtendedCertificateCheck()); - } - + final Iterator formIterator = responseElement.getAdESFormResults().iterator(); + + while (formIterator.hasNext()) { + final AdESFormResults adESFormResult = (AdESFormResults) formIterator.next(); + // add the CertificateCheck + ResponseBuilderUtils.addFormCheckElement(responseDoc, responseElem, "FormCheckResult", + adESFormResult.getCode().intValue(), adESFormResult.getName()); + + } + } + + if (responseElement.getExtendedCertificateCheck() != null) { + ResponseBuilderUtils.addExtendendResult(responseDoc, responseElem, responseElement + .getExtendedCertificateCheck()); + } + } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASiCRequest.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASiCRequest.java index 37584a6..93218bc 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASiCRequest.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASiCRequest.java @@ -1,46 +1,46 @@ package at.gv.egiz.asic.xmlbind; -import at.gv.egiz.asic.api.ASiCFormat; - import java.io.InputStream; import java.util.Date; +import at.gv.egiz.asic.api.ASiCFormat; + /** * Created by Andreas Fitzek on 6/16/16. */ public class VerifyASiCRequest { - private Date date; - private InputStream asicInput; - private String trustProfile; - private ASiCFormat format; - private boolean extendedValidation; - - - public VerifyASiCRequest(ASiCFormat format, Date date, InputStream asicInput, String trustProfile, boolean extendedValidation) { - this.format = format; - this.date = date; - this.asicInput = asicInput; - this.trustProfile = trustProfile; - this.extendedValidation = extendedValidation; - } - - public Date getDate() { - return date; - } - - public InputStream getAsicInput() { - return asicInput; - } - - public String getTrustProfile() { - return trustProfile; - } - - public ASiCFormat getFormat() { - return format; - } - - public boolean isExtendedValidation() { - return extendedValidation; - } + private final Date date; + private final InputStream asicInput; + private final String trustProfile; + private final ASiCFormat format; + private final boolean extendedValidation; + + public VerifyASiCRequest(ASiCFormat format, Date date, InputStream asicInput, String trustProfile, + boolean extendedValidation) { + this.format = format; + this.date = date; + this.asicInput = asicInput; + this.trustProfile = trustProfile; + this.extendedValidation = extendedValidation; + } + + public Date getDate() { + return date; + } + + public InputStream getAsicInput() { + return asicInput; + } + + public String getTrustProfile() { + return trustProfile; + } + + public ASiCFormat getFormat() { + return format; + } + + public boolean isExtendedValidation() { + return extendedValidation; + } } |