diff options
Diffstat (limited to 'moaSig/moa-sig-lib')
6 files changed, 83 insertions, 86 deletions
diff --git a/moaSig/moa-sig-lib/build.gradle b/moaSig/moa-sig-lib/build.gradle index 34fec09..1dd0897 100644 --- a/moaSig/moa-sig-lib/build.gradle +++ b/moaSig/moa-sig-lib/build.gradle @@ -1,48 +1,55 @@ -apply plugin: 'java-library-distribution' -apply plugin: 'maven-publish' +plugins { + id 'java-library' + id 'distribution' + id 'maven-publish' +} + +java { + sourceCompatibility = JavaVersion.VERSION_17 + targetCompatibility = JavaVersion.VERSION_17 +} distributions { main { - distributionBaseName = 'moa-spss-lib' + distributionBaseName.set('moa-spss-lib') } } -dependencies { - implementation project(':common') - testImplementation project(path: ':common', configuration: 'testArtifacts') - - api fileTree(dir: '../libs', include: '*.jar') - //api fileTree(dir: '../libs_debug', include: '*.jar') - - api group: 'at.gv.egovernment.moa.sig', name: 'tsl-lib', version: '2.1.5' - api 'commons-logging:commons-logging:1.2' - api 'commons-io:commons-io:2.16.1' - api 'commons-codec:commons-codec:1.16.0' - api 'org.apache.axis:axis-jaxrpc:1.4' - api 'org.xerial:sqlite-jdbc:3.46.1.0' - api 'javax.activation:activation:1.1.1' - api 'jakarta.xml.bind:jakarta.xml.bind-api:3.0.1' - api 'com.sun.xml.bind:jaxb-core:3.0.2' - api 'com.sun.xml.bind:jaxb-impl:3.0.2' - api 'org.postgresql:postgresql:42.7.1' - api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.32' - api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.32' - api group: 'org.apache.pdfbox', name: 'pdfbox-app', version: '2.0.32' - api group: 'org.apache.pdfbox', name: 'preflight', version: '2.0.32' - api group: 'org.apache.pdfbox', name: 'preflight-app', version: '2.0.32' - api group: 'org.apache.commons', name: 'commons-lang3', version: '3.16.0' - api group: 'org.apache.httpcomponents', name: 'httpclient-cache', version: '4.5.14' - api group: 'org.slf4j', name: 'jcl-over-slf4j', version: '1.7.36' - - testImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-migrationsupport', version: '5.10.1' - testImplementation group: 'org.junit.platform', name: 'junit-platform-engine', version: '1.10.1' - testImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-engine', version: '5.10.1' - testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.13' +dependencies { + implementation project(':common') + + api fileTree(dir: '../libs', include: ['*.jar']) + // api fileTree(dir: '../libs_debug', include: ['*.jar']) + + api 'at.gv.egovernment.moa.sig:tsl-lib:2.2.0-SNAPSHOT' + api 'commons-logging:commons-logging:1.3.5' + api 'commons-io:commons-io:2.20.0' + api 'commons-codec:commons-codec:1.19.0' + api 'org.apache.axis:axis-jaxrpc:1.4' + api 'org.xerial:sqlite-jdbc:3.50.3.0' + api 'jakarta.activation:jakarta.activation-api:2.1.3' + api 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.2' + api 'com.sun.xml.bind:jaxb-impl:4.0.5' + api 'org.postgresql:postgresql:42.7.7' + + api 'org.apache.pdfbox:pdfbox:2.0.34' + api 'org.apache.pdfbox:pdfbox-tools:2.0.34' + api 'org.apache.pdfbox:pdfbox-app:2.0.34' + api 'org.apache.pdfbox:preflight:2.0.34' + api 'org.apache.pdfbox:preflight-app:2.0.34' + api 'org.apache.commons:commons-lang3:3.18.0' + api 'org.apache.httpcomponents.client5:httpclient5-cache:5.4.4' + api 'org.slf4j:jcl-over-slf4j:2.0.17' + + + testImplementation project(path: ':common', configuration: 'testArtifacts') + testImplementation 'org.junit.jupiter:junit-jupiter-migrationsupport:5.13.4' + testImplementation 'org.junit.jupiter:junit-jupiter-engine:5.13.4' + testImplementation 'ch.qos.logback:logback-classic:1.5.18' } -task releases(type: Copy) { - //from jar.outputs - from distZip.outputs - //from distTar.outputs - into rootDir.toString() + "/releases/" + version +tasks.register('releases', Copy) { + dependsOn(tasks.named('distZip')) // Ensure distZip runs first + from(tasks.named('distZip')) + into layout.projectDirectory.dir("releases/${version}") } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java index 1a0791b..19b3a12 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -86,7 +86,7 @@ public class CMSSignatureVerificationInvoker { /** * Return the only instance of this class. - * + * * @return The only instance of this class. */ public static synchronized CMSSignatureVerificationInvoker getInstance() { @@ -98,7 +98,7 @@ public class CMSSignatureVerificationInvoker { /** * Create a new <code>CMSSignatureVerificationInvoker</code>. - * + * * Protected to disallow multiple instances. */ protected CMSSignatureVerificationInvoker() { @@ -106,7 +106,7 @@ public class CMSSignatureVerificationInvoker { /** * Verify a CMS signature. - * + * * @param request The <code>VerifyCMSSignatureRequest</code> containing the CMS * signature, as well as additional data needed for verification. * @return Element A <code>VerifyCMSSignatureResponse</code> containing the @@ -118,7 +118,7 @@ public class CMSSignatureVerificationInvoker { final CMSSignatureVerificationProfileFactory profileFactory = new CMSSignatureVerificationProfileFactory( request); - final VerifyCMSSignatureResponseBuilder responseBuilder = new VerifyCMSSignatureResponseBuilder(); + final TransactionContext context = TransactionContextManager.getInstance().getTransactionContext(); final LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext(); InputStream signature; @@ -219,7 +219,7 @@ public class CMSSignatureVerificationInvoker { } } - final QCSSCDResult qcsscdresult = new QCSSCDResult(); + final VerifyCMSSignatureResponseBuilder responseBuilder = new VerifyCMSSignatureResponseBuilder(); // build the response: for each signatory add the result to the response signatories = request.getSignatories(); @@ -402,8 +402,8 @@ public class CMSSignatureVerificationInvoker { i++; } - qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile - .isTSLEnabled(), ConfigurationProvider.getInstance()); + qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), + trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance()); // get signer certificate issuer country code issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0)); @@ -419,7 +419,7 @@ public class CMSSignatureVerificationInvoker { /** * Get the signed content contained either in the request itself or given as a * reference to external data. - * + * * @param request The <code>VerifyCMSSignatureRequest</code> containing the * signed content (or the reference to the signed content). * @return InputStream A stream providing the signed content data, or diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index b97cc95..2973b36 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -110,34 +110,27 @@ import iaik.xml.crypto.utils.URIException; public class XMLSignatureVerificationInvoker { /** The single instance of this class. */ - private static XMLSignatureVerificationInvoker instance = null; + private static final XMLSignatureVerificationInvoker INSTANCE = new XMLSignatureVerificationInvoker(); - private static Set FILTERED_REF_TYPES; - - static { - FILTERED_REF_TYPES = new HashSet(); - FILTERED_REF_TYPES.add(DsigManifest.XML_DSIG_MANIFEST_TYPE); - FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE); - FILTERED_REF_TYPES.add(SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD); - FILTERED_REF_TYPES.add(XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties"); - FILTERED_REF_TYPES.add("http://uri.etsi.org/01903#SignedProperties"); - } + private static final Set<String> FILTERED_REF_TYPES = Set.of( + DsigManifest.XML_DSIG_MANIFEST_TYPE, + SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE, + SecurityLayerManifest.SECURITY_LAYER_MANIFEST_TYPE_OLD, + XMLConstants.NAMESPACE_ETSI_STRING + "SignedProperties", + "http://uri.etsi.org/01903#SignedProperties"); /** * Get the single instance of this class. - * + * * @return The single instance of this class. */ - public static synchronized XMLSignatureVerificationInvoker getInstance() { - if (instance == null) { - instance = new XMLSignatureVerificationInvoker(); - } - return instance; + public static XMLSignatureVerificationInvoker getInstance() { + return INSTANCE; } /** * Create a new <code>XMLSignatureCreationInvoker</code>. - * + * * Protected to disallow multiple instances. */ protected XMLSignatureVerificationInvoker() { @@ -146,8 +139,8 @@ public class XMLSignatureVerificationInvoker { /** * Process the <code>VerifyXMLSignatureRequest<code> message and invoke the * <code>XMLSignatureVerificationModule</code>. - * - * @param request A <code>VerifyXMLSignatureRequest<code> API object + * + * @param request A <code>VerifyXMLSignatureRequest<code> API object * containing the data for verifying an XML signature. * @return A <code>VerifyXMLSignatureResponse</code> containing the answert * to the <code>VerifyXMLSignatureRequest</code>. MOA schema @@ -307,16 +300,16 @@ public class XMLSignatureVerificationInvoker { /** * Checks if the signer certificate matches one of the allowed signer * certificates specified in the provided <code>trustProfile</code>. - * + * * @param result The result produced by the * <code>XMLSignatureVerificationModule</code>. - * + * * @param trustProfile The trust profile the signer certificate is validated * against. - * + * * @return The overal result of the certificate validation for the signer * certificate. - * + * * @throws MOAException if one of the signer certificates specified in the * <code>trustProfile</code> cannot be read from the file * system. @@ -392,7 +385,7 @@ public class XMLSignatureVerificationInvoker { /** * Select the <code>dsig:Signature</code> DOM element within the signature * environment. - * + * * @param signatureEnvironment The signature environment containing the * <code>dsig:Signature</code>. * @param request The <code>VerifyXMLSignatureRequest</code> @@ -425,7 +418,7 @@ public class XMLSignatureVerificationInvoker { /** * Build the supplemental data objects contained in the * <code>VerifyXMLSignatureRequest</code>. - * + * * @param supplements A <code>List</code> of * <code>XMLDataObjectAssociation</code>s containing the * supplement data. @@ -458,7 +451,7 @@ public class XMLSignatureVerificationInvoker { /** * Get the supplemental data contained in the * <code>VerifyXMLSignatureRequest</code>. - * + * * @param request The <code>VerifyXMLSignatureRequest</code> containing the * supplemental data. * @return A <code>List</code> of <code>XMLDataObjectAssociation</code> objects @@ -490,7 +483,7 @@ public class XMLSignatureVerificationInvoker { /** * Perform additional validations of the * <code>XMLSignatureVerificationResult</code>. - * + * * <p> * In particular, it is verified that: * <ul> @@ -500,7 +493,7 @@ public class XMLSignatureVerificationInvoker { * <li>The hash values of the <code>TransformParameter</code>s are valid.</li> * </ul> * </p> - * + * * @param request The <code>VerifyXMLSignatureRequest</code> containing the * signature to verify. * @param result The result produced by @@ -605,7 +598,7 @@ public class XMLSignatureVerificationInvoker { * Get all <code>Transform</code>s contained in all the * <code>VerifyTransformsInfoProfile</code>s of the given * <code>ReferenceInfo</code>. - * + * * @param refInfo The <code>ReferenceInfo</code> object containing the * transformations. * @return A <code>List</code> of <code>List</code>s. Each of the @@ -637,7 +630,7 @@ public class XMLSignatureVerificationInvoker { /** * Build the <code>Set</code> of all <code>TransformParameter</code> URIs. - * + * * @param transformParameters The <code>List</code> of * <code>TransformParameter</code>s, as provided to * the verification. @@ -658,7 +651,7 @@ public class XMLSignatureVerificationInvoker { /** * Build a mapping between <code>TransformParameter</code> URIs (a * <code>String</code> and <code>dsig:HashValue</code> (a <code>byte[]</code>). - * + * * @param request The <code>VerifyXMLSignatureRequest</code>. * @return Map The resulting mapping. * @throws MOAApplicationException An error occurred accessing one of the @@ -703,7 +696,7 @@ public class XMLSignatureVerificationInvoker { * Filter the <code>ReferenceInfo</code>s returned by the * <code>VerifyXMLSignatureResult</code> for comparison with the * <code>ReferenceInfo</code> elements in the request. - * + * * @param referenceInfos The <code>ReferenceInfo</code>s from the * <code>VerifyXMLSignatureResult</code>. * @return A <code>List</code> of all <code>ReferenceInfo</code>s whose type is diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java index 335bf68..a60590d 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/DeleteableDataSource.java @@ -1,6 +1,6 @@ package at.gv.egovernment.moa.spss.server.transaction; -import javax.activation.DataSource; +import jakarta.activation.DataSource; public interface DeleteableDataSource extends DataSource { void delete(); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java index 5746657..06326a0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java @@ -33,14 +33,13 @@ import java.util.Iterator; import java.util.Map.Entry; import java.util.Vector; -import javax.activation.DataSource; - import org.w3c.dom.Element; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moaspss.logging.Logger; import iaik.xml.crypto.utils.URI; +import jakarta.activation.DataSource; /** * Contains information about the current request. @@ -310,7 +309,7 @@ public class TransactionContext { } // not available in Axis 1.0 to 1.1 // File f = mmds.getDiskCacheFile(); -// if (f!=null) f.delete(); +// if (f!=null) f.delete(); if (mmds instanceof DeleteableDataSource) { ((DeleteableDataSource) mmds).delete(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java index b7580ac..35dca16 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java @@ -204,7 +204,6 @@ public class CertificateUtils { // QC evaluation flags boolean qc = false; boolean qcSourceTSL = false; - boolean qcDisallowedFromTSL = false; // SSCD/QSCD evaluation flags boolean sscd = false; @@ -254,7 +253,6 @@ public class CertificateUtils { TslConstants.SSCD_QUALIFIER_SHORT.NotQualified))) { qc = false; qcSourceTSL = false; - qcDisallowedFromTSL = true; Logger.info("TSL mark this certificate explicitly as 'NotQualified'!"); } |