From 00e4e0cbaf7fe6b2ecb08011995f00e503981911 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 13 Feb 2018 11:27:02 +0100 Subject: add infos about signature and hash algorithms into responses --- .../gv/egovernment/moa/spss/api/SPSSFactory.java | 6 ++-- .../VerifyCMSSignatureResponseElement.java | 2 ++ .../egovernment/moa/spss/api/common/InputData.java | 9 +++++ .../moa/spss/api/impl/InputDataBinaryImpl.java | 12 ++++++- .../moa/spss/api/impl/InputDataXMLImpl.java | 12 ++++++- .../moa/spss/api/impl/SPSSFactoryImpl.java | 6 ++-- .../VerifyCMSSignatureResponseElementImpl.java | 13 +++++++ .../api/impl/VerifyXMLSignatureResponseImpl.java | 11 ++++++ .../moa/spss/api/xmlbind/ResponseBuilderUtils.java | 20 +++++++++++ .../xmlbind/VerifyCMSSignatureResponseBuilder.java | 5 +++ .../xmlbind/VerifyPDFSignatureResponseBuilder.java | 7 ++++ .../xmlbind/VerifyXMLSignatureResponseBuilder.java | 11 ++++++ .../api/xmlverify/VerifyXMLSignatureResponse.java | 2 ++ .../invoke/CMSSignatureVerificationInvoker.java | 13 ++++--- .../invoke/VerifyCMSSignatureResponseBuilder.java | 21 +++++++++--- .../invoke/VerifyXMLSignatureResponseBuilder.java | 40 ++++++++++++++++------ .../invoke/XMLSignatureVerificationInvoker.java | 2 +- 17 files changed, 166 insertions(+), 26 deletions(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java index a39edf4..36d5461 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java @@ -580,7 +580,8 @@ public abstract class SPSSFactory { CheckResult signatureCheck, CheckResult certificateCheck, List adesResult, - ExtendedCertificateCheckResult extendedCertificateCheckResult); + ExtendedCertificateCheckResult extendedCertificateCheckResult, + String usedAlgorithm); // // Factory methods for verifying XML signatures @@ -871,7 +872,8 @@ public abstract class SPSSFactory { List xmlDsigManifestChecks, CheckResult certificateCheck, List adesFormResults, - ExtendedCertificateCheckResult extCheckResult); + ExtendedCertificateCheckResult extCheckResult, + String signatureAlgorithm); /** * Create a new ReferencesCheckResult object. diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java index 6b08471..38106e7 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java @@ -67,4 +67,6 @@ public interface VerifyCMSSignatureResponseElement { public List getAdESFormResults(); public ExtendedCertificateCheckResult getExtendedCertificateCheck(); + + public String getSignatureAlgorithm(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java index 8c940cd..8f8a714 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/InputData.java @@ -68,4 +68,13 @@ public interface InputData extends Content * SignatureManifest respectively. */ public int getReferringReferenceNumber(); + + + /** + * Returns an identifier of the hash algorithm that is used to hash this {@link InputData} + * + * @return + */ + public String getHashAlgorithm(); + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java index 27f6f85..4b5659e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java @@ -62,6 +62,8 @@ public class InputDataBinaryImpl implements ContentBinary, InputData */ protected int referringReferenceNumber_; + protected String hashAlg = null; + /** * Creates a new instance. * @@ -70,14 +72,17 @@ public class InputDataBinaryImpl implements ContentBinary, InputData * @param partOf see {@link InputData} * * @param referringReferenceNumber see {@link InputData} + * + * @param hashAlg see {@link InputData} */ - public InputDataBinaryImpl(Content wrapped, String partOf, int referringReferenceNumber) throws MOARuntimeException + public InputDataBinaryImpl(Content wrapped, String partOf, int referringReferenceNumber, String hashAlg) throws MOARuntimeException { if (wrapped.getContentType() != Content.BINARY_CONTENT) throw new MOARuntimeException("9901", null); wrapped_ = (ContentBinary) wrapped; partOf_ = partOf; referringReferenceNumber_ = referringReferenceNumber; + this.hashAlg = hashAlg; } /** @@ -120,4 +125,9 @@ public class InputDataBinaryImpl implements ContentBinary, InputData return referringReferenceNumber_; } +@Override +public String getHashAlgorithm() { + return this.hashAlg; +} + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java index 432e1a2..e89976e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java @@ -62,6 +62,8 @@ public class InputDataXMLImpl implements ContentXML, InputData */ protected int referringReferenceNumber_; + protected String hashAlg = null; + /** * Creates a new instance. * @@ -70,14 +72,17 @@ public class InputDataXMLImpl implements ContentXML, InputData * @param partOf see {@link InputData} * * @param referringReferenceNumber see {@link InputData} + * + * @param hashAlg see {@link InputData} */ - public InputDataXMLImpl(Content wrapped, String partOf, int referringReferenceNumber) + public InputDataXMLImpl(Content wrapped, String partOf, int referringReferenceNumber, String hashAlg) { if (wrapped.getContentType() != Content.XML_CONTENT) throw new MOARuntimeException("9901", null); wrapped_ = (ContentXML) wrapped; partOf_ = partOf; referringReferenceNumber_ = referringReferenceNumber; + this.hashAlg = hashAlg; } /** @@ -120,4 +125,9 @@ public class InputDataXMLImpl implements ContentXML, InputData return referringReferenceNumber_; } +@Override +public String getHashAlgorithm() { + return this.hashAlg; +} + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java index b9fad4f..d743f16 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java @@ -283,13 +283,14 @@ public class SPSSFactoryImpl extends SPSSFactory { public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(SignerInfo signerInfo, CheckResult signatureCheck, CheckResult certificateCheck, List adesResult, - ExtendedCertificateCheckResult extendedCertificateCheckResult) { + ExtendedCertificateCheckResult extendedCertificateCheckResult, String usedAlgorithm) { VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement = new VerifyCMSSignatureResponseElementImpl(); verifyCMSSignatureResponseElement.setSignerInfo(signerInfo); verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck); verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck); verifyCMSSignatureResponseElement.setAdESFormResults(adesResult); verifyCMSSignatureResponseElement.setExtendedCertificateCheck(extendedCertificateCheckResult); + verifyCMSSignatureResponseElement.setSignatureAlgorithm(usedAlgorithm); return verifyCMSSignatureResponseElement; } @@ -380,11 +381,12 @@ public class SPSSFactoryImpl extends SPSSFactory { public VerifyXMLSignatureResponse createVerifyXMLSignatureResponse(SignerInfo signerInfo, List hashInputDatas, List referenceInputDatas, ReferencesCheckResult signatureCheck, ReferencesCheckResult signatureManifestCheck, List xmlDsigManifestChecks, CheckResult certificateCheck, - List adesFormResults, ExtendedCertificateCheckResult extCheckResult) { + List adesFormResults, ExtendedCertificateCheckResult extCheckResult, String signatureAlgorithm) { VerifyXMLSignatureResponseImpl verifyXMLSignatureResponse = new VerifyXMLSignatureResponseImpl(); verifyXMLSignatureResponse.setSignerInfo(signerInfo); verifyXMLSignatureResponse.setHashInputDatas(hashInputDatas); verifyXMLSignatureResponse.setReferenceInputDatas(referenceInputDatas); + verifyXMLSignatureResponse.setSignatureAlgorithm(signatureAlgorithm); verifyXMLSignatureResponse.setSignatureCheck(signatureCheck); verifyXMLSignatureResponse.setSignatureManifestCheck(signatureManifestCheck); verifyXMLSignatureResponse.setXMLDsigManifestChecks(xmlDsigManifestChecks); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java index 9b7881c..1d40627 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java @@ -51,6 +51,8 @@ public class VerifyCMSSignatureResponseElementImpl private List adesResults = null; + private String usedAlgorithm = null; + /** * Sets a SignerInfo element according to CMS. * @@ -106,5 +108,16 @@ public class VerifyCMSSignatureResponseElementImpl public ExtendedCertificateCheckResult getExtendedCertificateCheck() { return extendedResult; } + + @Override + public String getSignatureAlgorithm() { + return usedAlgorithm; + } + + public void setSignatureAlgorithm(String usedAlgorithm) { + this.usedAlgorithm = usedAlgorithm; + } + + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java index 60ac3be..0047d44 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java @@ -70,6 +70,8 @@ public class VerifyXMLSignatureResponseImpl implements VerifyXMLSignatureRespons /** Information about the certificate check. */ private CheckResult certificateCheck; + private String signatureAlgorithm = null; + /** * Sets information about the signer certificate. * @@ -189,4 +191,13 @@ public class VerifyXMLSignatureResponseImpl implements VerifyXMLSignatureRespons return extendedResult; } + public String getSignatureAlgorithm() { + return signatureAlgorithm; + } + + public void setSignatureAlgorithm(String signatureAlgorithm) { + this.signatureAlgorithm = signatureAlgorithm; + } + + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java index 91dc6b9..a21e693 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java @@ -389,6 +389,26 @@ public class ResponseBuilderUtils { } } + public static void addSignatureAlgorithm(Document response, + Element root, + String algorithm) { + if(algorithm != null) { + Element extElem = response.createElementNS(MOA_NS_URI, "SignatureAlgorithm"); + extElem.appendChild(response.createTextNode(algorithm)); + root.appendChild(extElem); + } + } + + public static void addHashAlgorithm(Document response, + Element root, + String algorithm) { + if(algorithm != null) { + Element extElem = response.createElementNS(MOA_NS_URI, "HashAlgorithm"); + extElem.appendChild(response.createTextNode(algorithm)); + root.appendChild(extElem); + } +} + public static void addExtendendResult(Document response, Element root, ExtendedCertificateCheckResult result) { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java index 30bf3c4..de39948 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java @@ -132,6 +132,11 @@ public class VerifyCMSSignatureResponseBuilder { responseElem, signerInfo.getSigningTime()); } + ResponseBuilderUtils.addSignatureAlgorithm(responseDoc, + responseElem, + responseElement.getSignatureAlgorithm()); + + ResponseBuilderUtils.addCodeInfoElement( responseDoc, responseElem, diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java index 0ca6f8f..8b10191 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java @@ -123,11 +123,18 @@ public class VerifyPDFSignatureResponseBuilder { responseElem, signerInfo.getSigningTime()); + } else { Logger.info("Find signature result with no 'SignerInfo'. Maybe a signature verification Failed"); } + + ResponseBuilderUtils.addSignatureAlgorithm(responseDoc, + responseElem, + responseElement.getSignatureAlgorithm()); + + ResponseBuilderUtils.addCodeInfoElement( responseDoc, responseElem, diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java index 0042464..82d01c0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java @@ -35,6 +35,7 @@ import org.w3c.dom.NodeList; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.util.Base64Utils; import at.gv.egovernment.moaspss.util.Constants; +import at.gv.egovernment.moaspss.util.MiscUtil; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.common.Content; @@ -134,6 +135,9 @@ public class VerifyXMLSignatureResponseBuilder { } } + //add hash algorithm + ResponseBuilderUtils.addSignatureAlgorithm(responseDoc, responseElem, response.getSignatureAlgorithm()); + // add the SignatureCheck addReferencesCheckResult("SignatureCheck", response.getSignatureCheck()); @@ -204,6 +208,11 @@ public class VerifyXMLSignatureResponseBuilder { contentElem.setAttributeNS(null, "ReferringSigReference", Integer.toString(inputData.getReferringReferenceNumber())); + if (MiscUtil.isNotEmpty(inputData.getHashAlgorithm())) { + contentElem.setAttribute("HashAlgorithm", inputData.getHashAlgorithm()); + + } + switch (inputData.getContentType()) { case Content.XML_CONTENT: ContentXML contentXml = (ContentXML) inputData; @@ -236,6 +245,7 @@ public class VerifyXMLSignatureResponseBuilder { responseElem.appendChild(contentElem); break; } + } /** @@ -267,6 +277,7 @@ public class VerifyXMLSignatureResponseBuilder { } ResponseBuilderUtils.addCodeInfoElement(responseDoc, responseElem, elementName, checkResult.getCode(), info); + } /** diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java index 0ed12bf..0f42903 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureResponse.java @@ -92,4 +92,6 @@ public interface VerifyXMLSignatureResponse { public List getAdESFormResults(); public ExtendedCertificateCheckResult getExtendedCertificateCheck(); + + public String getSignatureAlgorithm(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java index 42d34fc..b2c6717 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -268,9 +268,12 @@ public class CMSSignatureVerificationInvoker { CMSSignatureVerificationResult cmsResult = null; List adesResults = null; + boolean extendedVerification = false; + ExtendedCertificateCheckResult extCheckResult = null; if (resultObject instanceof ExtendedCMSSignatureVerificationResult) { Logger.info("Got ExtendedCMSSignatureVerificationResult"); + extendedVerification = true; ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject; cmsResult = result.getCMSSignatureVerificationResult(); adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult()); @@ -324,7 +327,7 @@ public class CMSSignatureVerificationInvoker { responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, extCheckResult, - qcsscdresult.getTslInfos()); + qcsscdresult.getTslInfos(), extendedVerification); } private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder, @@ -335,13 +338,15 @@ public class CMSSignatureVerificationInvoker { Logger.warn("Result Object is null!"); return; } - + PDFSignatureVerificationResult cmsResult = null; List adesResults = null; - + boolean extendedVerification = false; + ExtendedCertificateCheckResult extCheckResult = null; if (resultObject instanceof ExtendedPDFSignatureVerificationResult) { Logger.info("Got ExtendedPDFSignatureVerificationResult"); + extendedVerification = true; ExtendedPDFSignatureVerificationResult result = (ExtendedPDFSignatureVerificationResult) resultObject; cmsResult = result.getPDFSignatureVerificationResult(); adesResults = AdESResultUtils.getAdESResult(result.getFormVerificationResult()); @@ -405,7 +410,7 @@ public class CMSSignatureVerificationInvoker { responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, - extCheckResult, qcsscdresult.getTslInfos()); + extCheckResult, qcsscdresult.getTslInfos(), extendedVerification); } /** diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java index f4121b0..22bae71 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java @@ -83,7 +83,7 @@ public class VerifyCMSSignatureResponseBuilder { * @throws MOAException */ public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, - ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos) + ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification) throws MOAException { CertificateValidationResult certResult = @@ -99,6 +99,11 @@ public class VerifyCMSSignatureResponseBuilder { boolean qualifiedCertificate = checkQC; + //add signature algorithm name in case of extended validation + String sigAlgName = null; + if (extendedVerification) + sigAlgName = result.getSignatureAlgorithmName(); + // add SignerInfo element signerInfo = factory.createSignerInfo( @@ -126,7 +131,8 @@ public class VerifyCMSSignatureResponseBuilder { signatureCheck, certificateCheck, adesResults, - extendedCertificateCheckResult); + extendedCertificateCheckResult, + sigAlgName); responseElements.add(responseElement); } @@ -144,7 +150,7 @@ public class VerifyCMSSignatureResponseBuilder { * @throws MOAException */ public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, - ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos) + ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification) throws MOAException { CertificateValidationResult certResult = @@ -159,6 +165,12 @@ public class VerifyCMSSignatureResponseBuilder { boolean qualifiedCertificate = checkQC; + //add signature algorithm name in case of extended validation + String sigAlgName = null; + if (extendedVerification) + sigAlgName = result.getSignatureAlgorithmName(); + + //set code 99 if not certcheckresult exists int certificateCheckCode = 99; if (certResult != null) { @@ -192,7 +204,8 @@ public class VerifyCMSSignatureResponseBuilder { signatureCheck, certificateCheck, adesResults, - extendedCertificateCheckResult); + extendedCertificateCheckResult, + sigAlgName); responseElements.add(responseElement); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java index d8ebd85..22ef789 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java @@ -106,6 +106,9 @@ public class VerifyXMLSignatureResponseBuilder { private List adesFormResults = null; private ExtendedCertificateCheckResult extCheckResult = null; private Date signingTime; + + private String signatureAlgorithm = null; + /** * Get the VerifyMLSignatureResponse built so far. * @@ -121,7 +124,8 @@ public class VerifyXMLSignatureResponseBuilder { xmlDsigManifestChecks, certificateCheck, adesFormResults, - extCheckResult); + extCheckResult, + signatureAlgorithm); } public void setExtendedCertificateCheckResult(ExtendedCertificateCheckResult extCheckResult) { @@ -162,7 +166,8 @@ public class VerifyXMLSignatureResponseBuilder { boolean sscdSourceTSL, boolean isTSLEnabledTrustprofile, String issuerCountryCode, - TslInfos tslInfos) + TslInfos tslInfos, + boolean isExtendedValidation) throws MOAApplicationException { CertificateValidationResult certResult = @@ -178,6 +183,9 @@ public class VerifyXMLSignatureResponseBuilder { qualifiedCertificate = checkQC; + if (isExtendedValidation) + signatureAlgorithm = result.getSignatureAlgorithmName(); + // create the SignerInfo; signerInfo = factory.createSignerInfo( @@ -192,6 +200,9 @@ public class VerifyXMLSignatureResponseBuilder { result.getSigningTime(), tslInfos); + + + //TODO: add hash algo. infos // Create HashInputData Content objects referenceDataList = result.getReferenceDataList(); if (profile.includeHashInputData()) { @@ -364,7 +375,8 @@ public class VerifyXMLSignatureResponseBuilder { inputDatas.add(buildInputData( referenceData.getHashInputData(), containerType, - refererNumber)); + refererNumber, + referenceData.getHashAlgorithmName())); } } @@ -391,7 +403,8 @@ public class VerifyXMLSignatureResponseBuilder { inputDatas.add(buildInputData( referenceData.getReferenceInputData(), containerType, - refererNumber)); + refererNumber, + referenceData.getHashAlgorithmName())); } } @@ -407,11 +420,12 @@ public class VerifyXMLSignatureResponseBuilder { * * @param referringReferenceNumber see {@link InputData} * - * @return The corresponinding input data implementation. - * + * @param hashAlg see {@link InputData} + * + * @return The corresponinding input data implementation. * @throws MOAApplicationException An error occurred creating the result. */ - private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber) + private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber, String hashAlg) throws MOAApplicationException { if (dataObject instanceof BinaryDataObject) { @@ -419,7 +433,8 @@ public class VerifyXMLSignatureResponseBuilder { return new InputDataBinaryImpl( factory.createContent(binaryData.getInputStream(), null), partOf, - referringReferenceNumber); + referringReferenceNumber, + hashAlg); } else if (dataObject instanceof XMLDataObject) { XMLDataObject xmlData = (XMLDataObject) dataObject; List nodes = new ArrayList(); @@ -428,7 +443,8 @@ public class VerifyXMLSignatureResponseBuilder { return new InputDataXMLImpl( factory.createContent(new NodeListAdapter(nodes), null), partOf, - referringReferenceNumber); + referringReferenceNumber, + hashAlg); } else { // dataObject instanceof XMLNodeListDataObject // if the data in the NodeList can be converted back to valid XML, // write it as XMLContent; otherwise, write it as Base64Content @@ -443,7 +459,8 @@ public class VerifyXMLSignatureResponseBuilder { return new InputDataXMLImpl( factory.createContent(fragment.getChildNodes(), null), partOf, - referringReferenceNumber); + referringReferenceNumber, + hashAlg); } catch (Exception e) { // not successful -> fall through to the Base64Content } @@ -472,7 +489,8 @@ public class VerifyXMLSignatureResponseBuilder { return new InputDataBinaryImpl( factory.createContent(is, null), partOf, - referringReferenceNumber); + referringReferenceNumber, + hashAlg); } catch (Exception e) { throw new MOAApplicationException("2200", null); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index d3ad086..74c4f0b 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -304,7 +304,7 @@ public class XMLSignatureVerificationInvoker { // build the response responseBuilder.setResult(plainResult, profile, signatureManifestCheck, certificateCheck, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), - qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode, qcsscdresult.getTslInfos()); + qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode, qcsscdresult.getTslInfos(), request.getExtendedValidaiton()); return responseBuilder.getResponse(); } -- cgit v1.2.3