From 01299bf25b53a4f632c20b87714d5e1b314450da Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 18 Feb 2025 10:38:34 +0100 Subject: feat(sign): add RSASSA-PSS support --- release-infos/handbook/conf/moa-spss/spss.config.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'release-infos') diff --git a/release-infos/handbook/conf/moa-spss/spss.config.xml b/release-infos/handbook/conf/moa-spss/spss.config.xml index e1d61a6..ce7f2bd 100644 --- a/release-infos/handbook/conf/moa-spss/spss.config.xml +++ b/release-infos/handbook/conf/moa-spss/spss.config.xml @@ -61,7 +61,7 @@ - + KG_allgemein SKM_allgemein @@ -95,6 +95,7 @@ 1.4.2 + -- cgit v1.2.3 From 52075630df265b3a867801b58d8f80170d0dcdd0 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 6 Aug 2025 12:06:46 +0200 Subject: chore(core): update IAIK libs and clean-up old --- moaSig/libs/iaik_cms-6.0_moa.jar | Bin 501606 -> 0 bytes moaSig/libs/iaik_cms-6.1_moa.jar | Bin 0 -> 413434 bytes moaSig/libs/iaik_eccelerate-6.3.0_eval.jar | Bin 807993 -> 0 bytes moaSig/libs/iaik_eccelerate-6.3.2_eval.jar | Bin 0 -> 806569 bytes moaSig/libs/iaik_eccelerate_addon-6.3.0_eval.jar | Bin 98152 -> 0 bytes moaSig/libs/iaik_eccelerate_addon-6.3.2_eval.jar | Bin 0 -> 96721 bytes .../test/integration/PadesIntegrationTest.java | 80 ++++++++++----------- release-infos/endorsed_libs/serializer-2.7.1.jar | Bin 278281 -> 0 bytes release-infos/endorsed_libs/xalan-2.7.1.jar | Bin 3176148 -> 0 bytes release-infos/endorsed_libs/xercesImpl-2.12.2.jar | Bin 1446149 -> 0 bytes release-infos/endorsed_libs/xml-apis-1.4.01.jar | Bin 220536 -> 0 bytes release-infos/ext_libs/iaikPkcs11Provider.jar | Bin 528244 -> 0 bytes release-infos/ext_libs/iaikPkcs11Wrapper.jar | Bin 1503554 -> 0 bytes release-infos/ext_libs/iaik_Pkcs11Provider.jar | Bin 0 -> 528244 bytes release-infos/ext_libs/iaik_Pkcs11Wrapper.jar | Bin 0 -> 1931617 bytes release-infos/pkcs11/pkcs11-natives.zip | Bin 0 -> 291568 bytes .../unix/linux-x86/debug/libpkcs11wrapper.so | Bin 382140 -> 0 bytes .../unix/linux-x86/release/libpkcs11wrapper.so | Bin 187060 -> 0 bytes .../unix/linux-x86_64/debug/libpkcs11wrapper.so | Bin 410952 -> 0 bytes .../unix/linux-x86_64/release/libpkcs11wrapper.so | Bin 207520 -> 0 bytes .../macosx_universal/debug/libpkcs11wrapper.jnilib | Bin 603957 -> 0 bytes .../release/libpkcs11wrapper.jnilib | Bin 455621 -> 0 bytes .../pkcs11/windows/win-x86/debug/pkcs11wrapper.dll | Bin 613038 -> 0 bytes .../windows/win-x86/release/pkcs11wrapper.dll | Bin 251488 -> 0 bytes .../windows/win-x86_64/debug/pkcs11wrapper.dll | Bin 656400 -> 0 bytes .../windows/win-x86_64/release/pkcs11wrapper.dll | Bin 262536 -> 0 bytes 26 files changed, 38 insertions(+), 42 deletions(-) delete mode 100644 moaSig/libs/iaik_cms-6.0_moa.jar create mode 100644 moaSig/libs/iaik_cms-6.1_moa.jar delete mode 100644 moaSig/libs/iaik_eccelerate-6.3.0_eval.jar create mode 100644 moaSig/libs/iaik_eccelerate-6.3.2_eval.jar delete mode 100644 moaSig/libs/iaik_eccelerate_addon-6.3.0_eval.jar create mode 100644 moaSig/libs/iaik_eccelerate_addon-6.3.2_eval.jar delete mode 100644 release-infos/endorsed_libs/serializer-2.7.1.jar delete mode 100644 release-infos/endorsed_libs/xalan-2.7.1.jar delete mode 100644 release-infos/endorsed_libs/xercesImpl-2.12.2.jar delete mode 100644 release-infos/endorsed_libs/xml-apis-1.4.01.jar delete mode 100644 release-infos/ext_libs/iaikPkcs11Provider.jar delete mode 100644 release-infos/ext_libs/iaikPkcs11Wrapper.jar create mode 100644 release-infos/ext_libs/iaik_Pkcs11Provider.jar create mode 100644 release-infos/ext_libs/iaik_Pkcs11Wrapper.jar create mode 100644 release-infos/pkcs11/pkcs11-natives.zip delete mode 100755 release-infos/pkcs11/unix/linux-x86/debug/libpkcs11wrapper.so delete mode 100755 release-infos/pkcs11/unix/linux-x86/release/libpkcs11wrapper.so delete mode 100755 release-infos/pkcs11/unix/linux-x86_64/debug/libpkcs11wrapper.so delete mode 100755 release-infos/pkcs11/unix/linux-x86_64/release/libpkcs11wrapper.so delete mode 100755 release-infos/pkcs11/unix/macosx_universal/debug/libpkcs11wrapper.jnilib delete mode 100755 release-infos/pkcs11/unix/macosx_universal/release/libpkcs11wrapper.jnilib delete mode 100755 release-infos/pkcs11/windows/win-x86/debug/pkcs11wrapper.dll delete mode 100755 release-infos/pkcs11/windows/win-x86/release/pkcs11wrapper.dll delete mode 100755 release-infos/pkcs11/windows/win-x86_64/debug/pkcs11wrapper.dll delete mode 100755 release-infos/pkcs11/windows/win-x86_64/release/pkcs11wrapper.dll (limited to 'release-infos') diff --git a/moaSig/libs/iaik_cms-6.0_moa.jar b/moaSig/libs/iaik_cms-6.0_moa.jar deleted file mode 100644 index f11b250..0000000 Binary files a/moaSig/libs/iaik_cms-6.0_moa.jar and /dev/null differ diff --git a/moaSig/libs/iaik_cms-6.1_moa.jar b/moaSig/libs/iaik_cms-6.1_moa.jar new file mode 100644 index 0000000..8f5b167 Binary files /dev/null and b/moaSig/libs/iaik_cms-6.1_moa.jar differ diff --git a/moaSig/libs/iaik_eccelerate-6.3.0_eval.jar b/moaSig/libs/iaik_eccelerate-6.3.0_eval.jar deleted file mode 100644 index 4422430..0000000 Binary files a/moaSig/libs/iaik_eccelerate-6.3.0_eval.jar and /dev/null differ diff --git a/moaSig/libs/iaik_eccelerate-6.3.2_eval.jar b/moaSig/libs/iaik_eccelerate-6.3.2_eval.jar new file mode 100644 index 0000000..7cf380f Binary files /dev/null and b/moaSig/libs/iaik_eccelerate-6.3.2_eval.jar differ diff --git a/moaSig/libs/iaik_eccelerate_addon-6.3.0_eval.jar b/moaSig/libs/iaik_eccelerate_addon-6.3.0_eval.jar deleted file mode 100644 index 182a150..0000000 Binary files a/moaSig/libs/iaik_eccelerate_addon-6.3.0_eval.jar and /dev/null differ diff --git a/moaSig/libs/iaik_eccelerate_addon-6.3.2_eval.jar b/moaSig/libs/iaik_eccelerate_addon-6.3.2_eval.jar new file mode 100644 index 0000000..9216303 Binary files /dev/null and b/moaSig/libs/iaik_eccelerate_addon-6.3.2_eval.jar differ diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index 9cee722..0c7bb63 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -9,9 +9,6 @@ import static org.junit.Assert.assertTrue; import java.io.FileInputStream; import java.io.IOException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.util.Base64; import java.util.Date; import org.apache.commons.io.IOUtils; @@ -31,19 +28,14 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElemen import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.iaik.cmsverify.PDFSignatureVerificationProfileImpl; import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; import at.gv.egovernment.moa.spss.server.logging.TransactionId; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; import iaik.pki.PKIFactory; import iaik.pki.PKIModule; -import iaik.pki.PKIResult; -import iaik.server.cmspdfverify.CMSVerifyUtils; import iaik.x509.X509Certificate; -import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; @RunWith(BlockJUnit4ClassRunner.class) public class PadesIntegrationTest extends AbstractIntegrationTest { @@ -51,16 +43,16 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { CMSSignatureVerificationInvoker cadesInvoker; @BeforeClass - public static void classInitializer() throws IOException, ConfigurationException, + public static void classInitializer() throws IOException, ConfigurationException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { jvmStateReset(); - + final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); System.setProperty("iaik.esi.sva.configuration.location", current + "/src/test/resources/moaspss_config/svaconfig.example"); - + moaSpssCore = SystemInitializer.init(); } @@ -162,7 +154,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 1, cmsResult.getExtendedCertificateCheck().getMajorCode()); - + // because was signed by using SHA1 after xxxx assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMinorCode()); @@ -170,9 +162,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); } - - - + + + @Ignore @Test public void padesLteTest() throws MOAException, IOException { @@ -188,10 +180,10 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { // verify result assertNotNull("verification result", result); - + } - + @Test public void padesAmtssignatur() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -203,7 +195,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { // perform test final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + // verify result assertNotNull("verification result", result); @@ -211,21 +203,21 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { .getResponseElements().get(0); assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); - + assertTrue("Amtssignatur", cmsResult.getSignerInfo().isPublicAuthority()); assertEquals("Amtssignatur", "L4AL", cmsResult.getSignerInfo().getPublicAuhtorityID()); - + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); - + assertEquals("CountryCode", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); - + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); - - // it's no valid CAdES signature because it does not include SignatureCertificateInfo extension + + // it's no valid CAdES signature because it does not include SignatureCertificateInfo extension assertEquals("ext. val major", 13, cmsResult.getExtendedCertificateCheck().getMinorCode()); - + assertNotNull("form val. result", cmsResult.getAdESFormResults()); assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); @@ -234,9 +226,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertEquals("Find wrong form val status", 2, ((AdESFormResults) el).getCode().longValue()); } - + } - + @Ignore @Test public void padesOwnTest() throws Exception { @@ -257,26 +249,30 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); assertEquals("Amtssignatur", "", cmsResult.getSignerInfo().getPublicAuhtorityID()); - + } - + @Ignore @Test public void pkixTest() throws Exception { - final String current = new java.io.File(".").getCanonicalPath(); - X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); - + final String current = new java.io.File(".").getCanonicalPath(); + X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); + PKIModule pkiModule = PKIFactory.getInstance().getPKIModule( new PKIProfileImpl(ConfigurationProvider.getInstance(), "MOAIDBuergerkarteAuthentisierungsDaten")); - PKIResult pkiResult = pkiModule.validateCertificate( - new Date(), - (X509Certificate) chain[0], - (X509Certificate[]) ArrayUtils.subarray(chain, 1, chain.length), - (boolean[])null, - new TransactionId("aabbccdd")); - + + //KeyUsageParams keyUsage = new KeyUsageParams(); + //keyUsage.addParam(new KeyUsageParam((boolean[]) null, KeyUsageParam.STRICT)); + + pkiModule.validateCertificate( + new Date(), + chain[0], + ArrayUtils.subarray(chain, 1, chain.length), + (boolean[]) null, + new TransactionId("aabbccdd")); + System.out.print("Finished"); - + } - + } diff --git a/release-infos/endorsed_libs/serializer-2.7.1.jar b/release-infos/endorsed_libs/serializer-2.7.1.jar deleted file mode 100644 index 99f98db..0000000 Binary files a/release-infos/endorsed_libs/serializer-2.7.1.jar and /dev/null differ diff --git a/release-infos/endorsed_libs/xalan-2.7.1.jar b/release-infos/endorsed_libs/xalan-2.7.1.jar deleted file mode 100644 index 458fa73..0000000 Binary files a/release-infos/endorsed_libs/xalan-2.7.1.jar and /dev/null differ diff --git a/release-infos/endorsed_libs/xercesImpl-2.12.2.jar b/release-infos/endorsed_libs/xercesImpl-2.12.2.jar deleted file mode 100644 index ccbae9f..0000000 Binary files a/release-infos/endorsed_libs/xercesImpl-2.12.2.jar and /dev/null differ diff --git a/release-infos/endorsed_libs/xml-apis-1.4.01.jar b/release-infos/endorsed_libs/xml-apis-1.4.01.jar deleted file mode 100644 index 4673346..0000000 Binary files a/release-infos/endorsed_libs/xml-apis-1.4.01.jar and /dev/null differ diff --git a/release-infos/ext_libs/iaikPkcs11Provider.jar b/release-infos/ext_libs/iaikPkcs11Provider.jar deleted file mode 100644 index 8d09063..0000000 Binary files a/release-infos/ext_libs/iaikPkcs11Provider.jar and /dev/null differ diff --git a/release-infos/ext_libs/iaikPkcs11Wrapper.jar b/release-infos/ext_libs/iaikPkcs11Wrapper.jar deleted file mode 100644 index 6543602..0000000 Binary files a/release-infos/ext_libs/iaikPkcs11Wrapper.jar and /dev/null differ diff --git a/release-infos/ext_libs/iaik_Pkcs11Provider.jar b/release-infos/ext_libs/iaik_Pkcs11Provider.jar new file mode 100644 index 0000000..8d09063 Binary files /dev/null and b/release-infos/ext_libs/iaik_Pkcs11Provider.jar differ diff --git a/release-infos/ext_libs/iaik_Pkcs11Wrapper.jar b/release-infos/ext_libs/iaik_Pkcs11Wrapper.jar new file mode 100644 index 0000000..4daae43 Binary files /dev/null and b/release-infos/ext_libs/iaik_Pkcs11Wrapper.jar differ diff --git a/release-infos/pkcs11/pkcs11-natives.zip b/release-infos/pkcs11/pkcs11-natives.zip new file mode 100644 index 0000000..1cc1603 Binary files /dev/null and b/release-infos/pkcs11/pkcs11-natives.zip differ diff --git a/release-infos/pkcs11/unix/linux-x86/debug/libpkcs11wrapper.so b/release-infos/pkcs11/unix/linux-x86/debug/libpkcs11wrapper.so deleted file mode 100755 index 778ac22..0000000 Binary files a/release-infos/pkcs11/unix/linux-x86/debug/libpkcs11wrapper.so and /dev/null differ diff --git a/release-infos/pkcs11/unix/linux-x86/release/libpkcs11wrapper.so b/release-infos/pkcs11/unix/linux-x86/release/libpkcs11wrapper.so deleted file mode 100755 index 0d3e88f..0000000 Binary files a/release-infos/pkcs11/unix/linux-x86/release/libpkcs11wrapper.so and /dev/null differ diff --git a/release-infos/pkcs11/unix/linux-x86_64/debug/libpkcs11wrapper.so b/release-infos/pkcs11/unix/linux-x86_64/debug/libpkcs11wrapper.so deleted file mode 100755 index f0d6399..0000000 Binary files a/release-infos/pkcs11/unix/linux-x86_64/debug/libpkcs11wrapper.so and /dev/null differ diff --git a/release-infos/pkcs11/unix/linux-x86_64/release/libpkcs11wrapper.so b/release-infos/pkcs11/unix/linux-x86_64/release/libpkcs11wrapper.so deleted file mode 100755 index 407e097..0000000 Binary files a/release-infos/pkcs11/unix/linux-x86_64/release/libpkcs11wrapper.so and /dev/null differ diff --git a/release-infos/pkcs11/unix/macosx_universal/debug/libpkcs11wrapper.jnilib b/release-infos/pkcs11/unix/macosx_universal/debug/libpkcs11wrapper.jnilib deleted file mode 100755 index 2778819..0000000 Binary files a/release-infos/pkcs11/unix/macosx_universal/debug/libpkcs11wrapper.jnilib and /dev/null differ diff --git a/release-infos/pkcs11/unix/macosx_universal/release/libpkcs11wrapper.jnilib b/release-infos/pkcs11/unix/macosx_universal/release/libpkcs11wrapper.jnilib deleted file mode 100755 index 0735243..0000000 Binary files a/release-infos/pkcs11/unix/macosx_universal/release/libpkcs11wrapper.jnilib and /dev/null differ diff --git a/release-infos/pkcs11/windows/win-x86/debug/pkcs11wrapper.dll b/release-infos/pkcs11/windows/win-x86/debug/pkcs11wrapper.dll deleted file mode 100755 index 98926ca..0000000 Binary files a/release-infos/pkcs11/windows/win-x86/debug/pkcs11wrapper.dll and /dev/null differ diff --git a/release-infos/pkcs11/windows/win-x86/release/pkcs11wrapper.dll b/release-infos/pkcs11/windows/win-x86/release/pkcs11wrapper.dll deleted file mode 100755 index d035759..0000000 Binary files a/release-infos/pkcs11/windows/win-x86/release/pkcs11wrapper.dll and /dev/null differ diff --git a/release-infos/pkcs11/windows/win-x86_64/debug/pkcs11wrapper.dll b/release-infos/pkcs11/windows/win-x86_64/debug/pkcs11wrapper.dll deleted file mode 100755 index 7ccecc3..0000000 Binary files a/release-infos/pkcs11/windows/win-x86_64/debug/pkcs11wrapper.dll and /dev/null differ diff --git a/release-infos/pkcs11/windows/win-x86_64/release/pkcs11wrapper.dll b/release-infos/pkcs11/windows/win-x86_64/release/pkcs11wrapper.dll deleted file mode 100755 index eab4129..0000000 Binary files a/release-infos/pkcs11/windows/win-x86_64/release/pkcs11wrapper.dll and /dev/null differ -- cgit v1.2.3