Refactor: Move Signature Verification in Dedicated Package

1 files changed, 34 insertions, 0 deletions

diff --git a/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java
new file mode 100644
index 0000000..518cdb3
--- /dev/null
+++ b/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java
@@ -0,0 +1,34 @@
+package at.gv.egiz.moazs.verify;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class MoaSPSSSignatureVerifier implements SignatureVerifier {
+
+    private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class);
+
+    private final ISignatureVerificationService service;
+
+    private final String trustProfile;
+
+    public MoaSPSSSignatureVerifier(ISignatureVerificationService service,
+                                    String trustProfile) {
+        this.service = service;
+        this.trustProfile = trustProfile;
+    }
+
+    @Override
+    public boolean verify(byte[] signedXMLdocument) {
+
+        try {
+            var response = service.verifyXMLSignature(signedXMLdocument, trustProfile);
+            return response != null;
+        } catch (MOASigServiceException e) {
+            MoaSPSSSignatureVerifier.log.error("Could not verify the XML signature.", e);
+            return false;
+        }
+
+    }
+}