From 00e4e0cbaf7fe6b2ecb08011995f00e503981911 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 13 Feb 2018 11:27:02 +0100 Subject: add infos about signature and hash algorithms into responses --- .../gv/egiz/asic/api/ASiCVerificationResult.java | 9 ++--- .../egiz/asic/impl/AsicSignedFilesContainer.java | 39 ++++++++++++++++++++++ .../asic/impl/verifier/ExtendedCAdESVerifier.java | 8 +++-- .../asic/impl/verifier/ExtendedXAdESVerifier.java | 7 ++-- .../asic/impl/verifier/SimpleCAdESVerifier.java | 7 ++-- .../asic/impl/verifier/SimpleXAdESVerifier.java | 7 ++-- .../VerifyASICSignatureResponseBuilder.java | 16 +++++++-- 7 files changed, 74 insertions(+), 19 deletions(-) create mode 100644 moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java (limited to 'moaSig/moa-asic/src/main/java/at/gv/egiz') diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java index a350f18..ce8f374 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/api/ASiCVerificationResult.java @@ -1,5 +1,6 @@ package at.gv.egiz.asic.api; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; @@ -11,22 +12,22 @@ import java.util.List; */ public class ASiCVerificationResult { - private List signedFiles = new ArrayList(); + private List signedFiles = new ArrayList(); private VerifyCMSSignatureResponse cmsResult = null; private VerifyXMLSignatureResponse xmlResult = null; - public ASiCVerificationResult(List references, VerifyCMSSignatureResponse cmsResult) { + public ASiCVerificationResult(List references, VerifyCMSSignatureResponse cmsResult) { this.signedFiles = references; this.cmsResult = cmsResult; } - public ASiCVerificationResult(List references, VerifyXMLSignatureResponse xmlResult) { + public ASiCVerificationResult(List references, VerifyXMLSignatureResponse xmlResult) { this.signedFiles = references; this.xmlResult = xmlResult; } - public List getSignedFiles() { + public List getSignedFiles() { return signedFiles; } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java new file mode 100644 index 0000000..c21960d --- /dev/null +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/AsicSignedFilesContainer.java @@ -0,0 +1,39 @@ +package at.gv.egiz.asic.impl; + +public class AsicSignedFilesContainer { + + private String uri = null; + private String hashAlg = null; + + + /** + * Container element with ASIC signed files information + * + * @param uri Identifier of the file + * @param hashAlg Hash algorithm that is used to hash the file + */ + public AsicSignedFilesContainer(String uri, String hashAlg) { + this.uri = uri; + this.hashAlg = hashAlg; + + } + + /** + * Get file identifier + * + * @return + */ + public String getUri() { + return uri; + } + + /** + * Get hash algorithm that is used to hash the file + * + * @return + */ + public String getHashAlg() { + return hashAlg; + } + +} diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java index 9f16035..c227a9d 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java @@ -6,6 +6,7 @@ import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; @@ -73,14 +74,14 @@ public class ExtendedCAdESVerifier extends CAdESVerifier { // verify all references boolean allReferencesValid = true; - List signedFiles = new ArrayList(); + List signedFiles = new ArrayList(); Iterator dataObjectReferenceTypeIterator = asiCManifestType.getDataObjectReference().iterator(); while (dataObjectReferenceTypeIterator.hasNext()) { DataObjectReferenceType dataObjectReferenceType = dataObjectReferenceTypeIterator.next(); String mdURI = dataObjectReferenceType.getDigestMethod().getAlgorithm(); String uri = dataObjectReferenceType.getURI(); - signedFiles.add(uri); + signedFiles.add(new AsicSignedFilesContainer(uri, mdURI)); Iterator dataEntryIterator = asic.getDataEntries().iterator(); @@ -149,7 +150,8 @@ public class ExtendedCAdESVerifier extends CAdESVerifier { signatureCheck, orig.getCertificateCheck(), orig.getAdESFormResults(), - orig.getExtendedCertificateCheck()); + orig.getExtendedCertificateCheck(), + orig.getSignatureAlgorithm()); responseElements.add(responseElement); } VerifyCMSSignatureResponse verifyCMSSignatureResponse = SPSSFactory.getInstance(). diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java index c07efd9..86918bf 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedXAdESVerifier.java @@ -7,6 +7,7 @@ import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOARuntimeException; @@ -132,14 +133,14 @@ public class ExtendedXAdESVerifier extends XAdESVerifier { //JAXBContext jc = JAXBContext.newInstance( "at.gv.egiz.asic" ); //JAXBElement xmlSignatureJaxb = jc.createUnmarshaller().unmarshal(node, SignatureType.class); //SignatureType xmlSignature = xmlSignatureJaxb.getValue(); - List signedFiles = new ArrayList(); + List signedFiles = new ArrayList(); //Iterator it = xmlSignature.getSignedInfo().getReference().iterator(); Iterator it = xmlSignatures.get(i).getSignedInfo().getReference().iterator(); while (it.hasNext()) { ReferenceType refType = it.next(); - if (!refType.getURI().startsWith("#")) { - signedFiles.add(refType.getURI()); + if (!refType.getURI().startsWith("#")) { + signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod().getAlgorithm())); } } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java index f10fe2f..f1756fa 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleCAdESVerifier.java @@ -4,6 +4,7 @@ import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; @@ -32,12 +33,12 @@ public class SimpleCAdESVerifier extends CAdESVerifier { //get first element ASiCEntry dataEntry = asic.getDataEntries().iterator().next(); - List signedFiles = new ArrayList(); - signedFiles.add(dataEntry.getEntryName()); + List signedFiles = new ArrayList(); + signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); VerifyCMSSignatureResponse verifyResponse = this.runCMSVerification(dataEntry.getContents(), cadesSignature.getContents(), trustProfileID, date); - + response.add(new ASiCVerificationResult(signedFiles, verifyResponse)); } diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java index a71462c..b378d5b 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/SimpleXAdESVerifier.java @@ -6,6 +6,7 @@ import at.gv.egiz.asic.api.ASiC; import at.gv.egiz.asic.api.ASiCEntry; import at.gv.egiz.asic.api.ASiCFormat; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOARuntimeException; @@ -67,13 +68,13 @@ public class SimpleXAdESVerifier extends XAdESVerifier { for (int i = 0; i < signatureSize; i++) { - List signedFiles = new ArrayList(); + List signedFiles = new ArrayList(); Iterator it = xAdESSignaturesType.getSignature().get(i).getSignedInfo().getReference().iterator(); while (it.hasNext()) { ReferenceType refType = it.next(); if (!refType.getURI().startsWith("#")) { - signedFiles.add(refType.getURI()); + signedFiles.add(new AsicSignedFilesContainer(refType.getURI(), refType.getDigestMethod().getAlgorithm())); } } @@ -99,7 +100,7 @@ public class SimpleXAdESVerifier extends XAdESVerifier { supplementsList.add(profile); if (addAll) { - signedFiles.add(dataEntry.getEntryName()); + signedFiles.add(new AsicSignedFilesContainer(dataEntry.getEntryName(), null)); } } String location = "(//ds:Signature)[" + (i + 1) + "]"; diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java index 50cd261..67d8b05 100644 --- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java +++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/xmlbind/VerifyASICSignatureResponseBuilder.java @@ -25,6 +25,7 @@ package at.gv.egiz.asic.xmlbind; import at.gv.egiz.asic.api.ASiCVerificationResult; +import at.gv.egiz.asic.impl.AsicSignedFilesContainer; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.MOASystemException; @@ -37,6 +38,8 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureResponseBuilder; import at.gv.egovernment.moaspss.util.Constants; +import at.gv.egovernment.moaspss.util.MiscUtil; + import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -96,11 +99,14 @@ public class VerifyASICSignatureResponseBuilder { throws MOAException { Element asiCSignatureResultElem = responseDoc.createElementNS(Constants.MOA_NS_URI, "ASiCSignatureResult"); - Iterator signedFiles = aSiCVerificationResult.getSignedFiles().iterator(); + Iterator signedFiles = aSiCVerificationResult.getSignedFiles().iterator(); while (signedFiles.hasNext()) { - String signedFile = signedFiles.next(); + AsicSignedFilesContainer signedFile = signedFiles.next(); Element signedFilesElem = responseDoc.createElementNS(Constants.MOA_NS_URI, "signedFiles"); - signedFilesElem.setTextContent(signedFile); + signedFilesElem.setTextContent(signedFile.getUri()); + if (MiscUtil.isNotEmpty(signedFile.getHashAlg())) + signedFilesElem.setAttribute("hashAlgorithm", signedFile.getHashAlg()); + asiCSignatureResultElem.appendChild(signedFilesElem); } @@ -141,6 +147,10 @@ public class VerifyASICSignatureResponseBuilder { signerInfo.getIssuerCountryCode(), signerInfo.getTslInfos()); + ResponseBuilderUtils.addSignatureAlgorithm(responseDoc, + responseElem, + responseElement.getSignatureAlgorithm()); + ResponseBuilderUtils.addCodeInfoElement( responseDoc, responseElem, -- cgit v1.2.3