From d440b9ddd4fd0132977f39d9e91ca6144b64fdb3 Mon Sep 17 00:00:00 2001 From: Christof Rabensteiner Date: Thu, 13 Jun 2019 10:30:56 +0200 Subject: Refactor: Move Signature Verification in Dedicated Package --- .../java/at/gv/egiz/moazs/config/MoaSigConfig.java | 4 +-- .../egiz/moazs/msg/MoaSPSSSignatureVerifier.java | 34 ---------------------- .../at/gv/egiz/moazs/msg/SignatureVerifier.java | 13 --------- .../moazs/pipeline/SameThreadDeliveryPipeline.java | 2 +- .../moazs/verify/MoaSPSSSignatureVerifier.java | 34 ++++++++++++++++++++++ .../at/gv/egiz/moazs/verify/SignatureVerifier.java | 13 +++++++++ .../egiz/moazs/SameThreadDeliveryPipelineTest.java | 2 +- 7 files changed, 51 insertions(+), 51 deletions(-) delete mode 100644 src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java delete mode 100644 src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java create mode 100644 src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java create mode 100644 src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java diff --git a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java index 6a5eb39..c611f9e 100644 --- a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java +++ b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java @@ -2,8 +2,8 @@ package at.gv.egiz.moazs.config; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService; -import at.gv.egiz.moazs.msg.MoaSPSSSignatureVerifier; -import at.gv.egiz.moazs.msg.SignatureVerifier; +import at.gv.egiz.moazs.verify.MoaSPSSSignatureVerifier; +import at.gv.egiz.moazs.verify.SignatureVerifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; diff --git a/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java deleted file mode 100644 index 6058279..0000000 --- a/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java +++ /dev/null @@ -1,34 +0,0 @@ -package at.gv.egiz.moazs.msg; - -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class MoaSPSSSignatureVerifier implements SignatureVerifier { - - private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class); - - private final ISignatureVerificationService service; - - private final String trustProfile; - - public MoaSPSSSignatureVerifier(ISignatureVerificationService service, - String trustProfile) { - this.service = service; - this.trustProfile = trustProfile; - } - - @Override - public boolean verify(byte[] signedXMLdocument) { - - try { - var response = service.verifyXMLSignature(signedXMLdocument, trustProfile); - return response != null; - } catch (MOASigServiceException e) { - MoaSPSSSignatureVerifier.log.error("Could not verify the XML signature.", e); - return false; - } - - } -} diff --git a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java deleted file mode 100644 index bf9a2d0..0000000 --- a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java +++ /dev/null @@ -1,13 +0,0 @@ -package at.gv.egiz.moazs.msg; - -@FunctionalInterface -public interface SignatureVerifier { - - /** - * Verifies the signature of a signed XML document. - * @param signedXMLdocument - * @return true if the signature is valid; false if there is no signature, if the signature is invalid, - * or if an exception occured. - */ - boolean verify(byte[] signedXMLdocument); -} diff --git a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java index 130e147..9f2b6d4 100644 --- a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java +++ b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java @@ -3,7 +3,7 @@ package at.gv.egiz.moazs.pipeline; import at.gv.egiz.moazs.MoaZSException; import at.gv.egiz.moazs.msg.MsgClientFactory; -import at.gv.egiz.moazs.msg.SignatureVerifier; +import at.gv.egiz.moazs.verify.SignatureVerifier; import at.gv.egiz.moazs.msg.StoreSOAPBodyBinaryInRepositoryInterceptor; import at.gv.egiz.moazs.repository.DeliveryRepository; import at.gv.egiz.moazs.scheme.Mzs2MsgConverter; diff --git a/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java new file mode 100644 index 0000000..518cdb3 --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/verify/MoaSPSSSignatureVerifier.java @@ -0,0 +1,34 @@ +package at.gv.egiz.moazs.verify; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class MoaSPSSSignatureVerifier implements SignatureVerifier { + + private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class); + + private final ISignatureVerificationService service; + + private final String trustProfile; + + public MoaSPSSSignatureVerifier(ISignatureVerificationService service, + String trustProfile) { + this.service = service; + this.trustProfile = trustProfile; + } + + @Override + public boolean verify(byte[] signedXMLdocument) { + + try { + var response = service.verifyXMLSignature(signedXMLdocument, trustProfile); + return response != null; + } catch (MOASigServiceException e) { + MoaSPSSSignatureVerifier.log.error("Could not verify the XML signature.", e); + return false; + } + + } +} diff --git a/src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java new file mode 100644 index 0000000..01e90c8 --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/verify/SignatureVerifier.java @@ -0,0 +1,13 @@ +package at.gv.egiz.moazs.verify; + +@FunctionalInterface +public interface SignatureVerifier { + + /** + * Verifies the signature of a signed XML document. + * @param signedXMLdocument + * @return true if the signature is valid; false if there is no signature, if the signature is invalid, + * or if an exception occured. + */ + boolean verify(byte[] signedXMLdocument); +} diff --git a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java index c132abf..768f376 100644 --- a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java +++ b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java @@ -2,7 +2,7 @@ package at.gv.egiz.moazs; import at.gv.egiz.moazs.msg.MsgClient; import at.gv.egiz.moazs.msg.MsgClientFactory; -import at.gv.egiz.moazs.msg.MoaSPSSSignatureVerifier; +import at.gv.egiz.moazs.verify.MoaSPSSSignatureVerifier; import at.gv.egiz.moazs.msg.StoreSOAPBodyBinaryInRepositoryInterceptor; import at.gv.egiz.moazs.pipeline.DeliveryPipeline; import at.gv.egiz.moazs.pipeline.SameThreadDeliveryPipeline; -- cgit v1.2.3