From f51caf2aafe4a5bdc4383d08f74036f6be3cc31b Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Nov 2016 12:02:28 +0100 Subject: add first parts of new Trust-Status List module (version 2.0) integration - contains only API and WebService scheme updates but not functional integration --- .../gv/egovernment/moa/spss/api/SPSSFactory.java | 5 +- .../moa/spss/api/common/SignerInfo.java | 8 +++ .../egovernment/moa/spss/api/common/TslInfos.java | 41 ++++++++++++++++ .../moa/spss/api/impl/SPSSFactoryImpl.java | 4 +- .../moa/spss/api/impl/SignerInfoImpl.java | 15 +++++- .../moa/spss/api/xmlbind/ResponseBuilderUtils.java | 57 +++++++++++++++++++++- .../xmlbind/VerifyCMSSignatureResponseBuilder.java | 3 +- .../xmlbind/VerifyPDFSignatureResponseBuilder.java | 3 +- .../xmlbind/VerifyXMLSignatureResponseBuilder.java | 3 +- 9 files changed, 131 insertions(+), 8 deletions(-) create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TslInfos.java (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java index e48d5c3..aadaefb 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java @@ -49,6 +49,7 @@ import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; import at.gv.egovernment.moa.spss.api.common.MetaInfo; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.api.common.Transform; +import at.gv.egovernment.moa.spss.api.common.TslInfos; import at.gv.egovernment.moa.spss.api.common.X509IssuerSerial; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; import at.gv.egovernment.moa.spss.api.common.XPathFilter; @@ -1178,6 +1179,7 @@ public abstract class SPSSFactory { * @param sscdSourceTSL true, if the SSCD information comes from the TSL, * otherwise false. * @param issuerCountryCode contains the signer certificate issuer country code. + * @param tslInfos contains information from Trust-Status List for the signer certificate * @return The SignerInfo containing the above data. * * @pre signerCertSubjectName != null @@ -1193,7 +1195,8 @@ public abstract class SPSSFactory { boolean sscd, boolean sscdSourceTSL, String issuerCountryCode, - Date signingTime); + Date signingTime, + TslInfos tslInfos); /** * Create a new X509IssuerSerial object. diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java index 53850d8..bb3dfdf 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/SignerInfo.java @@ -91,4 +91,12 @@ public interface SignerInfo { public String getPublicAuhtorityID(); public Date getSigningTime(); + + /** + * Gets information from the Trust-Status List for this certificate + * + * @return {@link TslInfos} if the certificate is on the Trust-Status List, otherwise null + */ + public TslInfos getTslInfos(); + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TslInfos.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TslInfos.java new file mode 100644 index 0000000..9718ada --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/TslInfos.java @@ -0,0 +1,41 @@ +package at.gv.egovernment.moa.spss.api.common; + +import java.util.List; + +/** + * Trust-Status list information for a specific certificate + * All informations and identifiers are according to the Trust-Status List specification + * + * @author tlenz + * + */ +public interface TslInfos { + + /** + * Gets the issuer country of the TSL + * + * @return + */ + public String getTslIssuerCountry(); + + /** + * Gets the Service-Type Status of the TSP, which issues the analyzed certificate + * + * @return + */ + public String getServiceTypeStatus(); + + /** + * Gets the Service-Type Identifier of the TSP, which issues the analyzed certificate + * + * @return + */ + public String getServiceTypeIdentifier(); + + /** + * Gets additional qualifiers for the analyzed certificate + * + * @return + */ + public List getQualifiers(); +} diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java index b540c18..ea8d295 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java @@ -49,6 +49,7 @@ import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; import at.gv.egovernment.moa.spss.api.common.MetaInfo; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.api.common.Transform; +import at.gv.egovernment.moa.spss.api.common.TslInfos; import at.gv.egovernment.moa.spss.api.common.X509IssuerSerial; import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation; import at.gv.egovernment.moa.spss.api.common.XPathFilter; @@ -522,7 +523,7 @@ public class SPSSFactoryImpl extends SPSSFactory { public SignerInfo createSignerInfo(X509Certificate signerCertificate, boolean qualifiedCertificate, boolean qcSourceTSL, boolean publicAuthority, String publicAuthorityID, boolean sscd, boolean sscdSourceTSL, - String issuerCountryCode, Date signingTime) { + String issuerCountryCode, Date signingTime, TslInfos tslInfos) { SignerInfoImpl signerInfo = new SignerInfoImpl(); signerInfo.setSignerCertificate(signerCertificate); signerInfo.setQualifiedCertificate(qualifiedCertificate); @@ -533,6 +534,7 @@ public class SPSSFactoryImpl extends SPSSFactory { signerInfo.setSSCDSourceTSL(sscdSourceTSL); signerInfo.setIssuerCountryCode(issuerCountryCode); signerInfo.setSigningTime(signingTime); + signerInfo.setTslInfos(tslInfos); return signerInfo; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java index cd7bc40..69dad89 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SignerInfoImpl.java @@ -28,6 +28,7 @@ import java.security.cert.X509Certificate; import java.util.Date; import at.gv.egovernment.moa.spss.api.common.SignerInfo; +import at.gv.egovernment.moa.spss.api.common.TslInfos; /** * Default implementation of SignerInfo. @@ -61,6 +62,7 @@ public class SignerInfoImpl implements SignerInfo { private String issuerCountryCode; private Date signingTime; + private TslInfos tslInfos; /** * Sets the signer certificate. @@ -167,5 +169,16 @@ public class SignerInfoImpl implements SignerInfo { return publicAuthorityID; } + @Override + public TslInfos getTslInfos() { + return this.tslInfos; + + } + -} + public void setTslInfos(TslInfos tslInfos) { + this.tslInfos = tslInfos; + + } + + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java index ef5a367..79a674e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java @@ -48,8 +48,10 @@ import iaik.utils.RFC2253NameParserException; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOASystemException; import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; +import at.gv.egovernment.moa.spss.api.common.TslInfos; import at.gv.egovernment.moaspss.util.Base64Utils; import at.gv.egovernment.moaspss.util.Constants; +import at.gv.egovernment.moaspss.util.MiscUtil; /** * Utility methods used by the verious ResponseBuilder classes. @@ -127,7 +129,8 @@ public class ResponseBuilderUtils { String publicAuthorityID, boolean isSSCD, String sscdSource, - String issuerCountryCode) + String issuerCountryCode, + TslInfos tslInfos) throws MOAApplicationException { Element signerInfoElem = response.createElementNS(MOA_NS_URI, "SignerInfo"); @@ -158,7 +161,53 @@ public class ResponseBuilderUtils { issuerCountryCodeElem = response.createElementNS(MOA_NS_URI, "IssuerCountryCode"); issuerCountryCodeElem.setTextContent(issuerCountryCode); } - + + //add TSL infos + Element tslInfoElement = null; + if (tslInfos != null) { + tslInfoElement = response.createElementNS(MOA_NS_URI, "TSLInformation"); + + //append TSL issuer country-code + if (MiscUtil.isNotEmpty(tslInfos.getTslIssuerCountry())); { + Element tslIssuerCountryCodeElem = response.createElementNS(MOA_NS_URI, "TSLIssuerCountryCode"); + tslIssuerCountryCodeElem.setTextContent(tslInfos.getTslIssuerCountry()); + tslInfoElement.appendChild(tslIssuerCountryCodeElem); + + } + + //append Service-Type Status + if (MiscUtil.isNotEmpty(tslInfos.getServiceTypeStatus())); { + Element tslServiceInfo = response.createElementNS(MOA_NS_URI, "ServiceTypeStatus"); + tslServiceInfo.setTextContent(tslInfos.getServiceTypeStatus()); + tslInfoElement.appendChild(tslServiceInfo); + + } + + //append Service-Type Identifier + if (MiscUtil.isNotEmpty(tslInfos.getServiceTypeIdentifier())); { + Element tslServiceInfo = response.createElementNS(MOA_NS_URI, "ServiceTypeIdentifier"); + tslServiceInfo.setTextContent(tslInfos.getServiceTypeIdentifier()); + tslInfoElement.appendChild(tslServiceInfo); + + } + + //append qualifiers + if (tslInfos.getQualifiers() != null && tslInfos.getQualifiers().size() > 0) { + Element tslQualifiers = response.createElementNS(MOA_NS_URI, "Qualifiers"); + + for (String el : tslInfos.getQualifiers()) { + Element tslQualifier = response.createElementNS(MOA_NS_URI, "Qualifier"); + tslQualifier.setTextContent(el); + tslQualifiers.appendChild(tslQualifier); + + } + + tslInfoElement.appendChild(tslQualifiers); + + } + + } + Element publicAuthorityElem = isPublicAuthority ? response.createElementNS(MOA_NS_URI, "PublicAuthority") @@ -215,6 +264,10 @@ public class ResponseBuilderUtils { if (issuerCountryCodeElem != null) x509DataElem.appendChild(issuerCountryCodeElem); + //add TSL infos to X509Date if TSL infos exists + if (tslInfoElement != null) + x509DataElem.appendChild(tslInfoElement); + signerInfoElem.appendChild(x509DataElem); root.appendChild(signerInfoElem); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java index b74ab38..30bf3c4 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java @@ -124,7 +124,8 @@ public class VerifyCMSSignatureResponseBuilder { signerInfo.getPublicAuhtorityID(), signerInfo.isSSCD(), signerInfo.getSSCDSource(), - signerInfo.getIssuerCountryCode()); + signerInfo.getIssuerCountryCode(), + signerInfo.getTslInfos()); if(this.includeSigningTime) { ResponseBuilderUtils.addSigningTime(responseDoc, diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java index f60d86f..f58b68a 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java @@ -110,7 +110,8 @@ public class VerifyPDFSignatureResponseBuilder { signerInfo.getPublicAuhtorityID(), signerInfo.isSSCD(), signerInfo.getSSCDSource(), - signerInfo.getIssuerCountryCode()); + signerInfo.getIssuerCountryCode(), + signerInfo.getTslInfos()); ResponseBuilderUtils.addSigningTime(responseDoc, responseElem, diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java index 716cca1..0042464 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java @@ -108,7 +108,8 @@ public class VerifyXMLSignatureResponseBuilder { response.getSignerInfo().isQualifiedCertificate(), response.getSignerInfo().getQCSource(), response.getSignerInfo().isPublicAuthority(), response.getSignerInfo().getPublicAuhtorityID(), response.getSignerInfo().isSSCD(), response.getSignerInfo().getSSCDSource(), - response.getSignerInfo().getIssuerCountryCode()); + response.getSignerInfo().getIssuerCountryCode(), + response.getSignerInfo().getTslInfos()); if(this.includeSigningTime) { ResponseBuilderUtils.addSigningTime(responseDoc, -- cgit v1.2.3