aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/gv/egiz
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/gv/egiz')
-rw-r--r--src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java29
-rw-r--r--src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java31
2 files changed, 58 insertions, 2 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java
new file mode 100644
index 0000000..e96d851
--- /dev/null
+++ b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java
@@ -0,0 +1,29 @@
+package at.gv.egiz.moazs.config;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class MoaSigConfig {
+
+ private final String defaultTrustProfile;
+
+ public MoaSigConfig(@Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile,
+ @Value("${moa.spss.server.configuration}") String serverConfigUrl) {
+ this.defaultTrustProfile = defaultTrustProfile;
+ System.getProperties().setProperty("moa.spss.server.configuration", serverConfigUrl);
+ }
+
+ @Bean
+ public String moaSPSSServerDefaultTrustProfile() {
+ return defaultTrustProfile;
+ }
+
+ @Bean
+ public ISignatureVerificationService moaSigVerifyService() {
+ return new SignatureVerificationService();
+ }
+}
diff --git a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java
index 12b1ccb..d6311c4 100644
--- a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java
+++ b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java
@@ -1,13 +1,40 @@
package at.gv.egiz.moazs.msg;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
@Component
public class SignatureVerifier {
- public boolean verify(byte[] signedXMLdocument) {
- return true;
+ private static final Logger log = LoggerFactory.getLogger(SignatureVerifier.class);
+
+ @Autowired
+ @Qualifier("moaSigVerifyService")
+ private final ISignatureVerificationService service;
+
+ @Autowired
+ @Qualifier("moaSPSSServerDefaultTrustProfile")
+ private final String trustProfile;
+ public SignatureVerifier(ISignatureVerificationService service,
+ String trustProfile) {
+ this.service = service;
+ this.trustProfile = trustProfile;
+ }
+
+ public boolean verify(byte[] signedXMLdocument) {
+ try {
+ var response = service.verifyXMLSignature(signedXMLdocument, trustProfile);
+ return response != null;
+ } catch (MOASigServiceException e) {
+ log.error("Could not verify the XML signature.", e);
+ return false;
+ }
}
}