diff options
Diffstat (limited to 'src/main/java/at/gv/egiz/moazs/msg')
-rw-r--r-- | src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java | 34 | ||||
-rw-r--r-- | src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java | 47 |
2 files changed, 44 insertions, 37 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java new file mode 100644 index 0000000..6058279 --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java @@ -0,0 +1,34 @@ +package at.gv.egiz.moazs.msg; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class MoaSPSSSignatureVerifier implements SignatureVerifier { + + private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class); + + private final ISignatureVerificationService service; + + private final String trustProfile; + + public MoaSPSSSignatureVerifier(ISignatureVerificationService service, + String trustProfile) { + this.service = service; + this.trustProfile = trustProfile; + } + + @Override + public boolean verify(byte[] signedXMLdocument) { + + try { + var response = service.verifyXMLSignature(signedXMLdocument, trustProfile); + return response != null; + } catch (MOASigServiceException e) { + MoaSPSSSignatureVerifier.log.error("Could not verify the XML signature.", e); + return false; + } + + } +} diff --git a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java index d6311c4..bf9a2d0 100644 --- a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java +++ b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java @@ -1,40 +1,13 @@ package at.gv.egiz.moazs.msg; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.stereotype.Component; - -@Component -public class SignatureVerifier { - - private static final Logger log = LoggerFactory.getLogger(SignatureVerifier.class); - - @Autowired - @Qualifier("moaSigVerifyService") - private final ISignatureVerificationService service; - - @Autowired - @Qualifier("moaSPSSServerDefaultTrustProfile") - private final String trustProfile; - - public SignatureVerifier(ISignatureVerificationService service, - String trustProfile) { - this.service = service; - this.trustProfile = trustProfile; - } - - public boolean verify(byte[] signedXMLdocument) { - try { - var response = service.verifyXMLSignature(signedXMLdocument, trustProfile); - return response != null; - } catch (MOASigServiceException e) { - log.error("Could not verify the XML signature.", e); - return false; - } - } - +@FunctionalInterface +public interface SignatureVerifier { + + /** + * Verifies the signature of a signed XML document. + * @param signedXMLdocument + * @return true if the signature is valid; false if there is no signature, if the signature is invalid, + * or if an exception occured. + */ + boolean verify(byte[] signedXMLdocument); } |