aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-03-21 12:14:24 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-03-21 12:14:24 +0100
commit902bfea4afd98046fd1327942b8f5de96edaceb3 (patch)
tree0d6c3cf18f148b1c5956272eef01772545362678
parent740e0755f8093fb0a14a8273b487379c04ec19d3 (diff)
downloadmoa-id-spss-902bfea4afd98046fd1327942b8f5de96edaceb3.tar.gz
moa-id-spss-902bfea4afd98046fd1327942b8f5de96edaceb3.tar.bz2
moa-id-spss-902bfea4afd98046fd1327942b8f5de96edaceb3.zip
add QC validation
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java4
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties1
2 files changed, 5 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 0d39a4bc5..5f39abf73 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -130,6 +130,10 @@ public class VerifyXMLSignatureResponseValidator {
throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
}
+ //check QC
+ if (!verifyXMLSignatureResponse.isQualifiedCertificate())
+ throw new ValidateException("validator.71", null);
+
if (ignoreManifestValidationResult) {
Logger.debug("OA type is business service, thus ignoring DSIG manifest validation result");
} else {
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index ec787d745..0cb431df1 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -192,6 +192,7 @@ validator.67=Der Specialtext ({0}) stimmt nicht mit dem f\u00FCr diese Applikati
validator.68=SigningTime im AUTH-Block konnte nicht eruiert werden.
validator.69=SigningTime im AUTH-Block und Serverzeit weichen zu stark ab ({0}).
validator.70=Das einmale Tokken im signierten AuthBlock ({0}) stimmt nicht mit dem von generierten Tokken ({1}) \u00FCberein.
+validator.71=Das Signaturzertifikat ist nicht qualifiziert.
ssl.01=Validierung des SSL-Server-Endzertifikates hat fehlgeschlagen