From 191ba3411f2db0a48ae8d4243926b33a063bf769 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Wed, 2 Dec 2015 15:48:52 +0100 Subject: IAIK Moa CAdES added, cms verification not working --- .../webservice/CMSVerifySignatureBinding.java | 9 ++ .../webservice/SignatureCreationService.java | 6 +- .../webservice/SignatureVerificationService.java | 6 +- .../binding/CMSVerifySignatureBindingImpl.java | 121 +++++++++++++++++++-- .../impl/SignatureVerificationServiceImpl.java | 48 +++++++- 5 files changed, 172 insertions(+), 18 deletions(-) (limited to 'moaSig/moa-sig/src/main/java') diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java index 0cc3389..d878b26 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java @@ -2,6 +2,8 @@ package at.gv.egovernment.moa.spss.server.webservice; import at.gv.egiz.moasig.VerifyCMSSignatureRequest; import at.gv.egiz.moasig.VerifyCMSSignatureResponseType; +import at.gv.egiz.moasig.VerifyPDFSignatureRequest; +import at.gv.egiz.moasig.VerifyPDFSignatureResponseType; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; @@ -9,6 +11,13 @@ public interface CMSVerifySignatureBinding { public at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest buildCMSRequest( VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws MOAApplicationException; + public at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest buildPDFRequest( + VerifyPDFSignatureRequest verifyPDFSignatureRequest) throws MOAApplicationException; + public VerifyCMSSignatureResponseType buildCMSResponse(VerifyCMSSignatureResponse response) throws MOAApplicationException; + + public VerifyPDFSignatureResponseType buildPDFResponse(VerifyCMSSignatureResponse response) + throws MOAApplicationException; + } diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java index 5da3dfc..5162f55 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java @@ -7,17 +7,17 @@ import javax.jws.WebService; @WebService(name = "SignatureCreationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") public interface SignatureCreationService { - @WebMethod(action = "createXMLSignature", operationName = "createXMLSignature") + @WebMethod(action = "XMLSignatureCreate", operationName = "XMLSignatureCreate") public at.gv.egiz.moasig.CreateXMLSignatureResponseType createXMLSignature( @WebParam(name = "CreateXMLSignatureRequest") at.gv.egiz.moasig.CreateXMLSignatureRequest createXMLSignatureRequest) throws Exception; - @WebMethod(action = "createCMSSignature", operationName = "createCMSSignature") + @WebMethod(action = "CMSSignatureCreate", operationName = "CMSSignatureCreate") public at.gv.egiz.moasig.CreateCMSSignatureResponseType createCMSSignature( @WebParam(name = "CreateCMSSignatureRequest") at.gv.egiz.moasig.CreateCMSSignatureRequest createCMSSignatureRequest) throws Exception; - @WebMethod(action = "createPDFSignature", operationName = "createPDFSignature") + @WebMethod(action = "PDFSignatureCreate", operationName = "PDFSignatureCreate") public at.gv.egiz.moasig.CreatePDFSignatureResponseType createPDFSignature( @WebParam(name = "CreatePDFSignatureRequest") at.gv.egiz.moasig.CreatePDFSignatureRequest createPDFSignatureRequest) throws Exception; diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java index dd78aea..65de3bf 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java @@ -7,17 +7,17 @@ import javax.jws.WebService; @WebService(name = "SignatureVerificationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") public interface SignatureVerificationService { - @WebMethod(action = "verifyXMLSignature", operationName = "verifyXMLSignature") + @WebMethod(action = "XMLSignatureVerify", operationName = "XMLSignatureVerify") public at.gv.egiz.moasig.VerifyXMLSignatureResponseType verifyXMLSignature( @WebParam(name = "VerifyXMLSignatureRequest") at.gv.egiz.moasig.VerifyXMLSignatureRequest verifyXMLSignatureRequest) throws Exception; - @WebMethod(action = "verifyCMSSignature", operationName = "verifyCMSSignature") + @WebMethod(action = "CMSSignatureVerify", operationName = "CMSSignatureVerify") public at.gv.egiz.moasig.VerifyCMSSignatureResponseType verifyCMSSignature( @WebParam(name = "VerifyCMSSignatureRequest") at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws Exception; - @WebMethod(action = "verifyPDFSignature", operationName = "verifyPDFSignature") + @WebMethod(action = "PDFSignatureVerify", operationName = "PDFSignatureVerify") public at.gv.egiz.moasig.VerifyPDFSignatureResponseType verifyPDFSignature( @WebParam(name = "VerifyPDFSignatureRequest") at.gv.egiz.moasig.VerifyPDFSignatureRequest verifyPDFSignatureRequest) throws Exception; diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java index 3799fde..7a49d6a 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java @@ -2,14 +2,19 @@ package at.gv.egovernment.moa.spss.server.webservice.binding; import java.io.ByteArrayInputStream; import java.io.InputStream; +import java.math.BigInteger; import java.util.ArrayList; import java.util.Date; import java.util.Iterator; import java.util.List; import java.util.StringTokenizer; +import at.gv.egiz.moasig.FormResultType; import at.gv.egiz.moasig.ObjectFactory; +import at.gv.egiz.moasig.PDFSignatureResultType; import at.gv.egiz.moasig.VerifyCMSSignatureResponseType; +import at.gv.egiz.moasig.VerifyPDFSignatureRequest; +import at.gv.egiz.moasig.VerifyPDFSignatureResponseType; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.api.SPSSFactory; import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; @@ -18,6 +23,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; +import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.webservice.CMSVerifySignatureBinding; import at.gv.egovernment.moa.util.CollectionUtils; @@ -33,7 +39,7 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws MOAApplicationException { Date dateTime = null; - if (verifyCMSSignatureRequest.getDateTime() == null) { + if (verifyCMSSignatureRequest.getDateTime() != null) { dateTime = verifyCMSSignatureRequest.getDateTime().toGregorianCalendar().getTime(); } @@ -49,7 +55,7 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding InputStream cmsSignature = new ByteArrayInputStream(verifyCMSSignatureRequest.getCMSSignature()); - return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, dataObject, trustProfileID); + return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, dataObject, trustProfileID, false); } /** @@ -62,6 +68,10 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding * VerifyCMSSignatureRequest DOM element. */ private int[] parseSignatories(at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) { + if(verifyCMSSignatureRequest.getSignatories().isEmpty()) { + return VerifyCMSSignatureRequest.ALL_SIGNATORIES; + } + Iterator signatoriesIterator = verifyCMSSignatureRequest.getSignatories().iterator(); List signatoriesList = new ArrayList(); @@ -91,8 +101,6 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding return signatories; } - - @Override public VerifyCMSSignatureResponseType buildCMSResponse(VerifyCMSSignatureResponse response) throws MOAApplicationException { @@ -120,11 +128,11 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding private void addResponseElement(VerifyCMSSignatureResponseType verifyCMSSignatureResponseType, VerifyCMSSignatureResponseElement responseElement) throws MOAApplicationException { + ObjectFactory of = new ObjectFactory(); SignerInfo signerInfo = responseElement.getSignerInfo(); CheckResult signatureCheck = responseElement.getSignatureCheck(); CheckResult certCheck = responseElement.getCertificateCheck(); - - ObjectFactory of = new ObjectFactory(); + verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck().add( of.createVerifyCMSSignatureResponseTypeSignerInfo(this.transformerUtils.buildSignerInfo(signerInfo))); verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck() @@ -132,8 +140,105 @@ public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding this.transformerUtils.buildCheckResult(signatureCheck))); verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck() - .add(of.createVerifyCMSSignatureResponseTypeCertificateCheck( - this.transformerUtils.buildCheckResult(certCheck))); + .add(of.createVerifyCMSSignatureResponseTypeCertificateCheck( + this.transformerUtils.buildCheckResult(certCheck))); + + if (responseElement.getAdESFormResults() != null) { + Iterator adesIterator = responseElement.getAdESFormResults().iterator(); + while (adesIterator.hasNext()) { + AdESFormResults adesResult = (AdESFormResults) adesIterator.next(); + FormResultType formResultType = new FormResultType(); + formResultType.setCode(BigInteger.valueOf(adesResult.getCode())); + formResultType.setName(adesResult.getName()); + + verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck().add( + of.createVerifyCMSSignatureResponseTypeFormCheckResult(formResultType)); + } + } + } + + /** + * Add an element to the response. + * + * @param responseElement + * The element to add to the response. + * @throws MOAApplicationException + * An error occurred adding the element. + */ + private void addResponseElement(VerifyPDFSignatureResponseType verifyPDFSignatureResponseType, + VerifyCMSSignatureResponseElement responseElement) throws MOAApplicationException { + + SignerInfo signerInfo = responseElement.getSignerInfo(); + CheckResult signatureCheck = responseElement.getSignatureCheck(); + CheckResult certCheck = responseElement.getCertificateCheck(); + + PDFSignatureResultType resultType = new PDFSignatureResultType(); + + if (responseElement.getAdESFormResults() != null) { + Iterator adesIterator = responseElement.getAdESFormResults().iterator(); + while (adesIterator.hasNext()) { + AdESFormResults adesResult = (AdESFormResults) adesIterator.next(); + FormResultType formResultType = new FormResultType(); + formResultType.setCode(BigInteger.valueOf(adesResult.getCode())); + formResultType.setName(adesResult.getName()); + resultType.getFormCheckResult().add(formResultType); + } + } + + resultType.setSignerInfo(this.transformerUtils.buildSignerInfo(signerInfo)); + resultType.setSignatureCheck(this.transformerUtils.buildCheckResult(signatureCheck)); + resultType.setCertificateCheck(this.transformerUtils.buildCheckResult(certCheck)); + + verifyPDFSignatureResponseType.getSignatureResult().add(resultType); + } + + /** + * Parse the Signatories attribute contained in the + * VerifyCMSSignatureRequest DOM element. + * + * @param requestElem + * The VerifyCMSSignatureRequest DOM element. + * @return The signatories contained in the given + * VerifyCMSSignatureRequest DOM element. + */ + private int[] parseSignatories(VerifyPDFSignatureRequest verifyPDFSignatureRequest) { + return VerifyCMSSignatureRequest.ALL_SIGNATORIES; + } + + @Override + public VerifyCMSSignatureRequest buildPDFRequest(VerifyPDFSignatureRequest verifyPDFSignatureRequest) + throws MOAApplicationException { + Date dateTime = null; + if (verifyPDFSignatureRequest.getDateTime() == null) { + dateTime = verifyPDFSignatureRequest.getDateTime().toGregorianCalendar().getTime(); + } + + int[] signatories = parseSignatories(verifyPDFSignatureRequest); + + String trustProfileID = null; + + if (verifyPDFSignatureRequest.getTrustProfileID() != null) { + trustProfileID = verifyPDFSignatureRequest.getTrustProfileID(); + } + + InputStream cmsSignature = new ByteArrayInputStream(verifyPDFSignatureRequest.getPDFSignature()); + + return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, null, trustProfileID, true); + } + + @Override + public VerifyPDFSignatureResponseType buildPDFResponse(VerifyCMSSignatureResponse response) + throws MOAApplicationException { + VerifyPDFSignatureResponseType verifyPDFSignatureResponseType = new VerifyPDFSignatureResponseType(); + + Iterator iter; + + for (iter = response.getResponseElements().iterator(); iter.hasNext();) { + VerifyCMSSignatureResponseElement responseElement = (VerifyCMSSignatureResponseElement) iter.next(); + addResponseElement(verifyPDFSignatureResponseType, responseElement); + } + + return verifyPDFSignatureResponseType; } } diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java index 0b16e2a..cbc4d2d 100644 --- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java +++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java @@ -129,15 +129,15 @@ public class SignatureVerificationServiceImpl implements SignatureVerificationSe } } - @Override - @WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") - public VerifyPDFSignatureResponseType verifyPDFSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest) + //@Override + //@WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") + private VerifyPDFSignatureResponseType verifyPDFASSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest) throws Exception { logger.info("verifyPDFSignature start"); try { logger.info("WebServiceContext: {}", context); ContextSetupAspect.setupContext(context.getMessageContext(), "verifyPDFSignature"); - + VerifyPDFRequest requestObj; VerifyPDFResponse responseObj; @@ -171,5 +171,45 @@ public class SignatureVerificationServiceImpl implements SignatureVerificationSe ContextSetupAspect.cleanContext(); } } + + @Override + @WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#") + public VerifyPDFSignatureResponseType verifyPDFSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest) + throws Exception { + logger.info("verifyPDFSignature start"); + try { + logger.info("WebServiceContext: {}", context); + ContextSetupAspect.setupContext(context.getMessageContext(), "verifyPDFSignature"); + + CMSSignatureVerificationInvoker invoker = CMSSignatureVerificationInvoker.getInstance(); + + at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest requestObj; + at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse responseObj; + + logger.trace(">>> preparsing Request"); + requestObj = this.cmsVerifySignatureBinding.buildPDFRequest(verifyPDFSignatureRequest); + logger.trace("<<< preparsed Request"); + + logger.trace(">>> verifying Signature"); + // invoke the core logic + responseObj = invoker.verifyCMSSignature(requestObj); + logger.trace("<<< verified Signature"); + + logger.trace(">>> building Response"); + // map back to XML + VerifyPDFSignatureResponseType response = this.cmsVerifySignatureBinding.buildPDFResponse(responseObj); + logger.trace("<<< built Response"); + + return response; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:" + + System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e)); + logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e); + throw new Exception(e.getMessage()); + } finally { + ContextSetupAspect.cleanContext(); + } + } } -- cgit v1.2.3