From 9868b02903f950566206ee736bf5e9edbeeac5f3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 7 Feb 2019 12:47:00 +0100
Subject: add additional PAdES verification information and some more small
 updates

---
 .../gv/egovernment/moa/spss/api/SPSSFactory.java   |  6 ++--
 .../VerifyCMSSignatureResponseElement.java         |  4 +++
 .../moa/spss/api/impl/SPSSFactoryImpl.java         |  5 +++-
 .../VerifyCMSSignatureResponseElementImpl.java     | 23 ++++++++++++++++
 .../moa/spss/api/xmlbind/ResponseBuilderUtils.java | 32 ++++++++++++++++++++++
 .../xmlbind/VerifyPDFSignatureResponseBuilder.java | 19 ++++++++++---
 6 files changed, 82 insertions(+), 7 deletions(-)

(limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api')

diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
index 36d5461..d7cd10c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
@@ -566,7 +566,7 @@ public abstract class SPSSFactory {
    * Create a new <code>VerifyCMSSignatureResponseElement</code> object.
    * 
    * @param signerInfo Information about the signer certificate.
-   * @param signatureCheck Result of the singature value check.
+   * @param signatureCheck Result of the signature value check.
    * @param certificateCheck Result of the certificate status check.
     * @return The new <code>VerifyCMSSignatureResponseElement</code> containing
    * the above data.
@@ -581,7 +581,9 @@ public abstract class SPSSFactory {
     CheckResult certificateCheck, 
     List adesResult, 
     ExtendedCertificateCheckResult extendedCertificateCheckResult,
-    String usedAlgorithm);
+    String usedAlgorithm,
+    Boolean coversFullDocument,
+    int[] byteRangeOfSignature);
 
   //
   // Factory methods for verifying XML signatures
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
index 38106e7..ec540bf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
@@ -69,4 +69,8 @@ public interface VerifyCMSSignatureResponseElement {
   public ExtendedCertificateCheckResult getExtendedCertificateCheck();
   
   public String getSignatureAlgorithm();
+  
+  public Boolean getCoversFullDocument();
+  
+  public int[] getByteRangeOfSignature();
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
index d743f16..2525a2f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
@@ -283,7 +283,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
 
 	public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(SignerInfo signerInfo,
 			CheckResult signatureCheck, CheckResult certificateCheck, List adesResult, 
-		    ExtendedCertificateCheckResult extendedCertificateCheckResult, String usedAlgorithm) {
+		    ExtendedCertificateCheckResult extendedCertificateCheckResult, String usedAlgorithm, Boolean coversFullDocument,
+		    int[] byteRangeOfSignature) {
 		VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement = new VerifyCMSSignatureResponseElementImpl();
 		verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
 		verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
@@ -291,6 +292,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
 		verifyCMSSignatureResponseElement.setAdESFormResults(adesResult);
 		verifyCMSSignatureResponseElement.setExtendedCertificateCheck(extendedCertificateCheckResult);
 		verifyCMSSignatureResponseElement.setSignatureAlgorithm(usedAlgorithm);
+		verifyCMSSignatureResponseElement.setCoversFullDocument(coversFullDocument);
+		verifyCMSSignatureResponseElement.setByteRangeOfSignature(byteRangeOfSignature);
 		return verifyCMSSignatureResponseElement;
 	}
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
index 1d40627..3ea504b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
@@ -53,6 +53,10 @@ public class VerifyCMSSignatureResponseElementImpl
   
   private String usedAlgorithm = null;
   
+  private Boolean coversFullDocument = null;
+  
+  private int[] byteRangeOfSignature = null;
+  
   /**
    * Sets a SignerInfo element according to CMS.
    * 
@@ -117,6 +121,25 @@ public class VerifyCMSSignatureResponseElementImpl
 	public void setSignatureAlgorithm(String usedAlgorithm) {
 		this.usedAlgorithm = usedAlgorithm;
 	}
+
+	@Override
+	public Boolean getCoversFullDocument() {
+		return coversFullDocument;
+	}
+
+	public void setCoversFullDocument(Boolean coversFullDocument) {
+		this.coversFullDocument = coversFullDocument;
+	}
+
+	@Override
+	public int[] getByteRangeOfSignature() {
+		return byteRangeOfSignature;
+	}
+
+	public void setByteRangeOfSignature(int[] byteRangeOfSignature) {
+		this.byteRangeOfSignature = byteRangeOfSignature;
+	}
+	
 	
 	
   
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
index a21e693..a7113fd 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
@@ -38,6 +38,7 @@ import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 
+import org.apache.commons.lang3.StringUtils;
 import org.w3c.dom.DOMImplementation;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -399,6 +400,37 @@ public class ResponseBuilderUtils {
 	  }
   }
   
+  public static void addSignatureCoversFullPDF(Document response,
+        	Element root,
+        	Boolean  coversFull) {
+	  if( coversFull != null) {
+		  Element extElem = response.createElementNS(MOA_NS_URI, "SignatureCoversFullPDF");
+		  extElem.appendChild(response.createTextNode(String.valueOf(coversFull)));
+		  root.appendChild(extElem);
+	  }
+  }
+  
+  public static void addSignatureByteRange(Document response,
+        	Element root,
+        	int[] byteRange) {
+	  if(byteRange != null) {
+		  String byteRangeTextual = StringUtils.EMPTY;
+		  for (int el : byteRange)
+			  byteRangeTextual += "," + String.valueOf(el);
+		  
+		  Element extElem = response.createElementNS(MOA_NS_URI, "SignatureByteRange");
+		  extElem.appendChild(response.createTextNode(byteRangeTextual.substring(1)));
+		  root.appendChild(extElem);
+	  }
+  }
+  
+  public static Element createAndAddChildElement(Document response, Element root, String name) {
+	  Element element = response.createElementNS(MOA_NS_URI, name);
+	  root.appendChild(element);
+	  return element;
+	  
+  }
+    
   public static void addHashAlgorithm(Document response,
         	Element root,
         	String algorithm) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
index 8b10191..499f514 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
@@ -129,11 +129,9 @@ public class VerifyPDFSignatureResponseBuilder {
     	
     }
 
-
     ResponseBuilderUtils.addSignatureAlgorithm(responseDoc,
-            responseElem,
-            responseElement.getSignatureAlgorithm());
-    
+    		responseElem,
+            responseElement.getSignatureAlgorithm()); 
     
     ResponseBuilderUtils.addCodeInfoElement(
       responseDoc,
@@ -167,6 +165,19 @@ public class VerifyPDFSignatureResponseBuilder {
 		ResponseBuilderUtils.addExtendendResult(responseDoc, responseElem, responseElement.getExtendedCertificateCheck());
 	}
     
+    
+    //add additional PDF signature properteis
+    if (responseElement.getCoversFullDocument() != null || 
+    		responseElement.getByteRangeOfSignature() != null) {
+    	Element pdfSigProps = ResponseBuilderUtils.createAndAddChildElement(responseDoc, responseElem, "SignatureProperties");           	
+    	ResponseBuilderUtils.addSignatureCoversFullPDF(responseDoc,
+    			pdfSigProps,
+    			responseElement.getCoversFullDocument());    
+    	ResponseBuilderUtils.addSignatureByteRange(responseDoc,
+    			pdfSigProps,
+    			responseElement.getByteRangeOfSignature());
+    }
+    
   }
 
 }
-- 
cgit v1.2.3