aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/gv/egiz/moazs/verify
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/gv/egiz/moazs/verify')
-rw-r--r--src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java111
-rw-r--r--src/main/java/at/gv/egiz/moazs/verify/MsgResponseVerifier.java54
-rw-r--r--src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java13
3 files changed, 0 insertions, 178 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java
deleted file mode 100644
index 5220c3b..0000000
--- a/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java
+++ /dev/null
@@ -1,111 +0,0 @@
-package at.gv.egiz.moazs.verify;
-
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.data.IXMLSignatureVerificationResponse;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import static at.gv.egiz.moazs.MoaZSException.moaZSException;
-import static at.gv.egiz.moazs.MoaZSException.moaZSExceptionBuilder;
-import static java.lang.String.*;
-
-public class MoaSPSSSignatureVerifier implements SignatureVerifier {
-
- private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class);
-
- private final ISignatureVerificationService service;
-
- private final String trustProfile;
-
- private final boolean isManifestCheckActive;
-
- private static final int OK_CODE = 0;
-
- public MoaSPSSSignatureVerifier(ISignatureVerificationService service,
- String trustProfile, boolean isManifestCheckActive) {
- this.service = service;
- this.trustProfile = trustProfile;
- this.isManifestCheckActive = isManifestCheckActive;
- }
-
- @Override
- public void verify(byte[] signedXMLdocument) {
-
- try {
- var response = service.verifyXMLSignature(signedXMLdocument, trustProfile);
-
- if (log.isDebugEnabled()) {
- print(response);
- }
-
- if (response == null) {
- throw moaZSException("MOA SPSS could not find the signature. ");
- }
-
- var builder = new StringBuilder();
-
- if (response.getSignatureCheckCode() != OK_CODE) {
- builder.append(format("Signature is not valid; SignatureCheckCode was %d. ",
- response.getSignatureCheckCode()));
- }
-
- if (response.getCertificateCheckCode() != OK_CODE) {
- builder.append(format("Certificate chain is not valid; CertificateCheckCode was %d. ",
- response.getCertificateCheckCode()));
- }
-
- if (response.getSignatureManifestCheckCode() != OK_CODE) {
- var signatureManifestErrorMsg = format("Signature Manifest is not valid; " +
- "SignatureManifestCheckCode was %d. ", response.getSignatureManifestCheckCode());
- if (isManifestCheckActive) {
- builder.append(signatureManifestErrorMsg);
- } else {
- log.warn(signatureManifestErrorMsg);
- }
- }
-
- if (response.isXmlDSIGManigest() && response.getXmlDSIGManifestCheckCode() != OK_CODE) {
- var xmlDSIGManifestErrorMsg = format("XmlDSIGManifest Manifest is not valid; " +
- "XmlDSIGManifest was %d. ", response.getXmlDSIGManifestCheckCode());
- if (isManifestCheckActive) {
- builder.append(xmlDSIGManifestErrorMsg);
- } else {
- log.warn(xmlDSIGManifestErrorMsg);
- }
- }
-
- var msg = builder.toString();
-
- if(msg.length() > 0) {
- throw moaZSException(msg);
- }
-
- } catch (MOASigServiceException e) {
- throw moaZSExceptionBuilder("Could not verify the XML signature.")
- .withCause(e)
- .build();
- }
-
- }
-
- private void print(IXMLSignatureVerificationResponse response) {
- log.debug("Response:");
-
- if (response == null) {
- log.debug("null");
- return;
- }
-
- log.debug(" XmlDsigSubjectName: {}", response.getXmlDsigSubjectName());
- log.debug(" SignatureManifestCheckCode: {}", response.getSignatureManifestCheckCode());
- log.debug(" XmlDSIGManifestCheckCode: {}", response.getXmlDSIGManifestCheckCode());
- log.debug(" CertificateCheckCode: {}", response.getCertificateCheckCode());
- log.debug(" SignatureCheckCode: {}", response.getSignatureCheckCode());
- log.debug(" SigningDateTime: {}", response.getSigningDateTime());
- log.debug(" isXmlDSIGManigest: {}", response.isXmlDSIGManigest());
- log.debug(" isPublicAuthority: {}", response.isPublicAuthority());
- log.debug(" isQualifiedCertificate: {}", response.isQualifiedCertificate());
- log.debug(" getPublicAuthorityCode: {}", response.getPublicAuthorityCode());
- }
-}
diff --git a/src/main/java/at/gv/egiz/moazs/verify/MsgResponseVerifier.java b/src/main/java/at/gv/egiz/moazs/verify/MsgResponseVerifier.java
deleted file mode 100644
index 9c8b17c..0000000
--- a/src/main/java/at/gv/egiz/moazs/verify/MsgResponseVerifier.java
+++ /dev/null
@@ -1,54 +0,0 @@
-package at.gv.egiz.moazs.verify;
-
-import at.gv.egiz.moazs.MoaZSException;
-import at.gv.egiz.moazs.repository.DeliveryRepository;
-import at.gv.egiz.moazs.scheme.MsgResponse;
-import at.gv.egiz.moazs.service.MsgService;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import static at.gv.egiz.moazs.MoaZSException.moaZSExceptionBuilder;
-import static java.lang.String.format;
-
-@Component
-public class MsgResponseVerifier {
-
- private static final Logger log = LoggerFactory.getLogger(MsgService.class);
- public static final String MOASP_SIGNATURE_INVALID_ERROR_MSG = "Signature of Msg Response " +
- "with AppDeliveryID=%s is not valid.";
-
- private final DeliveryRepository repository;
- private final SignatureVerifier verifier;
-
- @Autowired
- public MsgResponseVerifier(DeliveryRepository repository, SignatureVerifier verifier) {
- this.repository = repository;
- this.verifier = verifier;
- }
-
- public MsgResponse verify(String responseID) {
-
- var response = repository.retrieveResponse(responseID).get();
- var builder = moaZSExceptionBuilder().withAllParametersInAnswer(response.getAnswer());
-
- var binaryResponse = repository.retrieveBinaryResponse(responseID).get();
-
- try {
- verifier.verify(binaryResponse);
- return response;
- } catch (MoaZSException ex) {
- log.error(ex.getMessage(), ex);
- var wrappingEx = builder
- .withMessage(format(MOASP_SIGNATURE_INVALID_ERROR_MSG, response.getAppDeliveryID()))
- .withErrorCode(MoaZSException.ERROR_MOASP_SIGNATURE_INVALID)
- .withCause(ex)
- .build();
-
- return response.generateError(wrappingEx);
- }
-
- }
-
-}
diff --git a/src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java
deleted file mode 100644
index a31c4cf..0000000
--- a/src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package at.gv.egiz.moazs.verify;
-
-@FunctionalInterface
-public interface SignatureVerifier {
-
- /**
- * Verifies the signature of a signed XML document. Throws a at.gv.egiz.moazs.MoaZSException exception
- * if the validation fails.
- * @param signedXMLdocument
- * @throws at.gv.egiz.moazs.MoaZSException
- */
- void verify(byte[] signedXMLdocument);
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 09:36:21 +0000