aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/pdfas/InternalMoaVerifier.java
diff options
context:
space:
mode:
Diffstat (limited to 'moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/pdfas/InternalMoaVerifier.java')
-rw-r--r--moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/pdfas/InternalMoaVerifier.java128
1 files changed, 128 insertions, 0 deletions
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/pdfas/InternalMoaVerifier.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/pdfas/InternalMoaVerifier.java
new file mode 100644
index 0000000..f937495
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/pdfas/InternalMoaVerifier.java
@@ -0,0 +1,128 @@
+package at.gv.egovernment.moa.spss.server.pdfas;
+
+import java.io.ByteArrayInputStream;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.Configuration;
+import at.gv.egiz.pdfas.lib.api.verify.SignatureCheck;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter.SignatureVerificationLevel;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.lib.impl.verify.IVerifier;
+import at.gv.egiz.pdfas.lib.impl.verify.SignatureCheckImpl;
+import at.gv.egiz.pdfas.lib.impl.verify.VerifyResultImpl;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.impl.CMSContentExplicitImpl;
+import at.gv.egovernment.moa.spss.api.impl.CMSDataObjectImpl;
+import at.gv.egovernment.moa.spss.api.impl.MetaInfoImpl;
+import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
+import iaik.x509.X509Certificate;
+
+public class InternalMoaVerifier implements IVerifier {
+
+ public static final String MOA_TRUSTPROFILE = "internal.moa.trustprofile";
+
+ private String trustProfile;
+
+ private static final Logger logger = LoggerFactory.getLogger(InternalMoaVerifier.class);
+
+ @Override
+ public List<VerifyResult> verify(byte[] signature, byte[] signatureContent, Date verificationTime)
+ throws PdfAsException {
+
+ List<VerifyResult> verificationResultList = new ArrayList<VerifyResult>();
+
+ VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest = new VerifyCMSSignatureRequestImpl();
+ verifyCMSSignatureRequest.setDateTime(verificationTime);
+ verifyCMSSignatureRequest.setTrustProfileId(this.trustProfile);
+ verifyCMSSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature));
+
+ CMSContentExplicitImpl cmsContentExplicitImpl = new CMSContentExplicitImpl();
+ cmsContentExplicitImpl.setBinaryContent(new ByteArrayInputStream(signatureContent));
+
+ CMSDataObjectImpl cmsDataObjectImpl = new CMSDataObjectImpl();
+ cmsDataObjectImpl.setContent(cmsContentExplicitImpl);
+
+ MetaInfoImpl metaInfo = new MetaInfoImpl();
+ metaInfo.setMimeType("application/pdf");
+ metaInfo.setDescription("PDF Document");
+ cmsDataObjectImpl.setMetaInfo(metaInfo);
+
+ verifyCMSSignatureRequest.setDataObject(cmsDataObjectImpl);
+
+ verifyCMSSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES);
+
+ try {
+ VerifyCMSSignatureResponse verifyCMSSignatureResponse = CMSSignatureVerificationInvoker.getInstance()
+ .verifyCMSSignature(verifyCMSSignatureRequest);
+ Iterator iter;
+ for (iter = verifyCMSSignatureResponse.getResponseElements().iterator(); iter.hasNext();) {
+ VerifyCMSSignatureResponseElement responseElement = (VerifyCMSSignatureResponseElement) iter.next();
+ ExtendedVerifyResult verifyResult = new ExtendedVerifyResult();
+
+ verifyResult.setCertificateCheck(convertCheck(responseElement.getCertificateCheck()));
+ verifyResult.setValueCheckCode(convertCheck(responseElement.getSignatureCheck()));
+ verifyResult.setManifestCheckCode(new SignatureCheckImpl(99, null));
+ verifyResult.setQualifiedCertificate(responseElement.getSignerInfo().isQualifiedCertificate());
+ verifyResult.setVerificationDone(true);
+
+ if (responseElement.getSignerInfo().getSignerCertificate() instanceof X509Certificate) {
+ verifyResult.setSignerCertificate(
+ (X509Certificate) responseElement.getSignerInfo().getSignerCertificate());
+ } else {
+ verifyResult.setSignerCertificate(
+ new X509Certificate(responseElement.getSignerInfo().getSignerCertificate().getEncoded()));
+ }
+
+ verifyResult.setQcSource(responseElement.getSignerInfo().getQCSource());
+
+ verifyResult.setPublicAuthority(responseElement.getSignerInfo().isPublicAuthority());
+ verifyResult.setPublicAuthorityID(responseElement.getSignerInfo().getPublicAuhtorityID());
+ verifyResult.setSSCD(responseElement.getSignerInfo().isSSCD());
+ verifyResult.setSscdSource(responseElement.getSignerInfo().getSSCDSource());
+ verifyResult.setIssureCountryCode(responseElement.getSignerInfo().getIssuerCountryCode());
+
+ verificationResultList.add(verifyResult);
+ }
+ } catch (MOAException e) {
+ logger.error("Failed to verify CMS Signature with MOA", e);
+ throw new PdfAsException("Failed to verify CMS Signature with MOA", e);
+ } catch (CertificateEncodingException e) {
+ logger.error("Failed to verify CMS Signature with MOA", e);
+ throw new PdfAsException("Failed to verify CMS Signature with MOA", e);
+ } catch (CertificateException e) {
+ logger.error("Failed to verify CMS Signature with MOA", e);
+ throw new PdfAsException("Failed to verify CMS Signature with MOA", e);
+ }
+
+ return verificationResultList;
+ }
+
+ private SignatureCheck convertCheck(CheckResult checkResult) {
+ return new SignatureCheckImpl(checkResult.getCode(), null);
+ }
+
+ @Override
+ public void setConfiguration(Configuration config) {
+ this.trustProfile = config.getValue(MOA_TRUSTPROFILE);
+ }
+
+ @Override
+ public SignatureVerificationLevel getLevel() {
+ return SignatureVerificationLevel.FULL_VERIFICATION;
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 00:34:33 +0000