aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/gv/egiz/moazs
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/gv/egiz/moazs')
-rw-r--r--src/main/java/at/gv/egiz/moazs/backend/SignatureVerifier.java67
1 files changed, 38 insertions, 29 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/backend/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/backend/SignatureVerifier.java
index e9c5387..f9bbeb3 100644
--- a/src/main/java/at/gv/egiz/moazs/backend/SignatureVerifier.java
+++ b/src/main/java/at/gv/egiz/moazs/backend/SignatureVerifier.java
@@ -16,6 +16,23 @@ public class SignatureVerifier implements Consumer<byte[]> {
private static final Logger log = LoggerFactory.getLogger(SignatureVerifier.class);
private static final int OK_CODE = 0;
+ private static final String MOASPSS_FAILED_ERROR_MSG = "MOA SPSS could not find the signature. ";
+ private static final String SIGNATURE_CODE_ERROR_MSG = "Signature is not valid: Check code was %d. ";
+ private static final String CERT_CODE_ERROR_MSG = "Certificate chain is not valid: Check code was %d. ";
+ private static final String MANIFEST_CODE_ERROR_MSG = "Signature Manifest is not valid: Check code was %d. ";
+ private static final String XMLMANIFEST_CODE_ERROR_MSG = "XmlDSIGManifest is not valid: Check code was %d. ";
+ private static final String XML_SIGNATURE_RESPONSE_TEMPLATE =
+ " XmlDsigSubjectName: %s\n" +
+ " SignatureManifestCheckCode: %s\n" +
+ " XmlDSIGManifestCheckCode: %s\n" +
+ " CertificateCheckCode: %s\n" +
+ " SignatureCheckCode: %s\n" +
+ " SigningDateTime: %s\n" +
+ " isXmlDSIGManigest: %s\n" +
+ " isPublicAuthority: %s\n" +
+ " isQualifiedCertificate: %s\n" +
+ " getPublicAuthorityCode: %s\n";
+ private static final String MOASIG_SERVICE_ERROR_MSG = "MOA SPSS could not accept the XML signature. ";
private final ISignatureVerificationService service;
private final String trustProfile;
@@ -40,29 +57,24 @@ public class SignatureVerifier implements Consumer<byte[]> {
try {
var response = service.verifyXMLSignature(signedXMLdocument, trustProfile);
- if (log.isDebugEnabled()) {
- print(response);
- }
+ debug(response);
if (response == null) {
- throw moaZSException("MOA SPSS could not find the signature. ");
+ throw moaZSException(MOASPSS_FAILED_ERROR_MSG);
}
var builder = new StringBuilder();
if (response.getSignatureCheckCode() != OK_CODE) {
- builder.append(format("Signature is not valid; SignatureCheckCode was %d. ",
- response.getSignatureCheckCode()));
+ builder.append(format(SIGNATURE_CODE_ERROR_MSG, response.getSignatureCheckCode()));
}
if (response.getCertificateCheckCode() != OK_CODE) {
- builder.append(format("Certificate chain is not valid; CertificateCheckCode was %d. ",
- response.getCertificateCheckCode()));
+ builder.append(format(CERT_CODE_ERROR_MSG, response.getCertificateCheckCode()));
}
if (response.getSignatureManifestCheckCode() != OK_CODE) {
- var signatureManifestErrorMsg = format("Signature Manifest is not valid; " +
- "SignatureManifestCheckCode was %d. ", response.getSignatureManifestCheckCode());
+ var signatureManifestErrorMsg = format(MANIFEST_CODE_ERROR_MSG, response.getSignatureManifestCheckCode());
if (isManifestCheckActive) {
builder.append(signatureManifestErrorMsg);
} else {
@@ -71,8 +83,7 @@ public class SignatureVerifier implements Consumer<byte[]> {
}
if (response.isXmlDSIGManigest() && response.getXmlDSIGManifestCheckCode() != OK_CODE) {
- var xmlDSIGManifestErrorMsg = format("XmlDSIGManifest Manifest is not valid; " +
- "XmlDSIGManifest was %d. ", response.getXmlDSIGManifestCheckCode());
+ var xmlDSIGManifestErrorMsg = format(XMLMANIFEST_CODE_ERROR_MSG, response.getXmlDSIGManifestCheckCode());
if (isManifestCheckActive) {
builder.append(xmlDSIGManifestErrorMsg);
} else {
@@ -87,30 +98,28 @@ public class SignatureVerifier implements Consumer<byte[]> {
}
} catch (MOASigServiceException e) {
- throw moaZSExceptionBuilder("Could not accept the XML signature.")
+ throw moaZSExceptionBuilder(MOASIG_SERVICE_ERROR_MSG)
.withCause(e)
.build();
}
}
- private void print(IXMLSignatureVerificationResponse response) {
- log.debug("Response:");
+ public static void debug(IXMLSignatureVerificationResponse response) {
+ if (log.isDebugEnabled()) {
+ var builder = new StringBuilder("Response: \n");
+ if (response == null) {
+ builder.append("null");
+ } else {
+ var objects = new Object[]{response.getXmlDsigSubjectName(), response.getSignatureManifestCheckCode(),
+ response.getXmlDSIGManifestCheckCode(), response.getCertificateCheckCode(),
+ response.getSignatureCheckCode(), response.getSigningDateTime(), response.isXmlDSIGManigest(),
+ response.isPublicAuthority(), response.isQualifiedCertificate(),
+ response.getPublicAuthorityCode()};
+ builder.append(String.format(XML_SIGNATURE_RESPONSE_TEMPLATE, objects));
+ }
- if (response == null) {
- log.debug("null");
- return;
+ log.debug(builder.toString());
}
-
- log.debug(" XmlDsigSubjectName: {}", response.getXmlDsigSubjectName());
- log.debug(" SignatureManifestCheckCode: {}", response.getSignatureManifestCheckCode());
- log.debug(" XmlDSIGManifestCheckCode: {}", response.getXmlDSIGManifestCheckCode());
- log.debug(" CertificateCheckCode: {}", response.getCertificateCheckCode());
- log.debug(" SignatureCheckCode: {}", response.getSignatureCheckCode());
- log.debug(" SigningDateTime: {}", response.getSigningDateTime());
- log.debug(" isXmlDSIGManigest: {}", response.isXmlDSIGManigest());
- log.debug(" isPublicAuthority: {}", response.isPublicAuthority());
- log.debug(" isQualifiedCertificate: {}", response.isQualifiedCertificate());
- log.debug(" getPublicAuthorityCode: {}", response.getPublicAuthorityCode());
}
}