3.0.0-RC2 signature form results adapted

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2016-06-07 14:57:27 +0200
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2016-06-07 14:57:27 +0200
commit: 606fd125e82b532f2e75dc787edb1f535dacfae9 (patch)
tree: 72b81de83914e2df3823015310192eef1f21fe87
parent: 4d0c73640c083a800060863309129960f44fc281 (diff)
download: moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.tar.gz
moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.tar.bz2
moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.zip
4 files changed, 107 insertions, 162 deletions
diff --git a/moaSig/build.gradle b/moaSig/build.gradle
index b7ed724..2b3b909 100644
--- a/moaSig/build.gradle
+++ b/moaSig/build.gradle
@@ -21,7 +21,7 @@ subprojects {
         testCompile 'junit:junit:4.8.2'
     }
 
-    version = '3.0.0-RC1'
+    version = '3.0.0-RC2'
 
     jar {
         manifest.attributes provider: 'EGIZ'
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 0480316..f5d2826 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -35,31 +35,29 @@ import java.util.List;
 
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOAException;
-import at.gv.egovernment.moa.spss.MOARuntimeException;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
-import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl;
 import at.gv.egovernment.moa.spss.server.config.TrustProfile;
 import at.gv.egovernment.moa.spss.server.logging.IaikLog;
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.AdESResultUtils;
 import at.gv.egovernment.moa.spss.util.CertificateUtils;
 import at.gv.egovernment.moa.spss.util.QCSSCDResult;
 import at.gv.egovernment.moaspss.logging.Logger;
 import at.gv.egovernment.moaspss.logging.LoggingContext;
 import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 import iaik.server.ConfigurationException;
+import iaik.server.modules.AdESConstants;
 import iaik.server.modules.AdESFormVerificationResult;
-import iaik.server.modules.AdESVerificationResult;
 import iaik.server.modules.IAIKException;
 import iaik.server.modules.IAIKRuntimeException;
 import iaik.server.modules.SignatureVerificationProfile;
-import iaik.server.modules.SignatureVerificationResult;
 import iaik.server.modules.cmsverify.CMSSignatureVerificationModule;
 import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
 import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
@@ -159,8 +157,10 @@ public class CMSSignatureVerificationInvoker {
 
 				// while (input.read(buf) > 0);
 				if(request.isExtended()) {
+					Logger.info("Running extended validation");
 					results = module.verifyPAdESSignature(signingTime);
 				} else {
+					Logger.info("Running not extended validation");
 					results = module.verifySignature(signingTime);
 				}
 
@@ -182,8 +182,10 @@ public class CMSSignatureVerificationInvoker {
 					;
 				
 				if(request.isExtended()) {
+					Logger.info("Running extended validation");
 					results = module.verifyCAdESSignature(signingTime);
 				} else {
+					Logger.info("Running not extended validation");
 					results = module.verifySignature(signingTime);
 				}
 				// results = module.verifySignature(signingTime);
@@ -257,12 +259,13 @@ public class CMSSignatureVerificationInvoker {
 		CMSSignatureVerificationResult cmsResult = null;
 		List adesResults = null;
 		if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
+			Logger.info("Got ExtendedCMSSignatureVerificationResult");
 			ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
 			cmsResult = result.getCMSSignatureVerificationResult();
 			try {
 				adesResults = getAdESResult(result);
 			} catch (ConfigurationException e) {
-				Logger.warn("Failed to provide extended validation results", e);
+				Logger.warn("Failed to provide extended validation results: " + e.getMessage());
 			}
 
 			if (adesResults != null) {
@@ -272,6 +275,7 @@ public class CMSSignatureVerificationInvoker {
 				}
 			}
 		} else {
+			Logger.info("Got CMSSignatureVerificationResult");
 			cmsResult = (CMSSignatureVerificationResult) resultObject;
 		}
 
@@ -301,53 +305,6 @@ public class CMSSignatureVerificationInvoker {
 				qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
 	}
 
-	private void handleCMSEXTResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
-			TrustProfile trustProfile) throws MOAException {
-		QCSSCDResult qcsscdresult = new QCSSCDResult();
-
-		CMSSignatureVerificationResult cmsResult = null;
-		List adesResults = null;
-		if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
-			ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
-
-			adesResults = getAdESResult(result.getFormVerificationResult());
-
-			if (adesResults != null) {
-				Iterator adesIterator = adesResults.iterator();
-				while (adesIterator.hasNext()) {
-					Logger.info("ADES Formresults: " + adesIterator.next().toString());
-				}
-			}
-			cmsResult = result.getCMSSignatureVerificationResult();
-		} else {
-			cmsResult = (CMSSignatureVerificationResult) resultObject;
-		}
-
-		String issuerCountryCode = null;
-		// QC/SSCD check
-
-		List list = cmsResult.getCertificateValidationResult().getCertificateChain();
-		if (list != null) {
-			X509Certificate[] chain = new X509Certificate[list.size()];
-
-			Iterator it = list.iterator();
-			int i = 0;
-			while (it.hasNext()) {
-				chain[i] = (X509Certificate) it.next();
-				i++;
-			}
-
-			qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
-
-			// get signer certificate issuer country code
-			issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
-
-		}
-
-		responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
-				qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
-	}
-
 	private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
 			TrustProfile trustProfile) throws MOAException {
 		QCSSCDResult qcsscdresult = new QCSSCDResult();
@@ -360,6 +317,7 @@ public class CMSSignatureVerificationInvoker {
 		PDFSignatureVerificationResult cmsResult = null;
 		List adesResults = null;
 		if (resultObject instanceof ExtendedPDFSignatureVerificationResult) {
+			Logger.info("Got ExtendedPDFSignatureVerificationResult");
 			ExtendedPDFSignatureVerificationResult result = (ExtendedPDFSignatureVerificationResult) resultObject;
 			cmsResult = result.getPDFSignatureVerificationResult();
 			try {
@@ -377,6 +335,7 @@ public class CMSSignatureVerificationInvoker {
 			}
 			cmsResult = result.getPDFSignatureVerificationResult();
 		} else {
+			Logger.info("Got PDFSignatureVerificationResult");
 			cmsResult = (PDFSignatureVerificationResult) resultObject;
 		}
 
@@ -519,14 +478,17 @@ public class CMSSignatureVerificationInvoker {
 		}
 
 		List adesList = new ArrayList();
-
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
-				SignatureVerificationProfile.LEVEL_LTA, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+		Logger.info("Checking AdES Results:");
+		
+		//AdESResultUtils.buildResult(adesFormVerification.getDetailedExtendedReport(), adesList);
+		
+		//AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
+		//		SignatureVerificationProfile.LEVEL_LTA, adesList);
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
 				SignatureVerificationProfile.LEVEL_LT, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
 				SignatureVerificationProfile.LEVEL_T, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
 				SignatureVerificationProfile.LEVEL_B, adesList);
 
 		return adesList;
@@ -540,7 +502,7 @@ public class CMSSignatureVerificationInvoker {
 
 		List adesList = new ArrayList();
 
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
+		/*checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
 				SignatureVerificationProfile.LEVEL_LTA, adesList);
 		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
 				SignatureVerificationProfile.LEVEL_LT, adesList);
@@ -548,60 +510,15 @@ public class CMSSignatureVerificationInvoker {
 				SignatureVerificationProfile.LEVEL_T, adesList);
 		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
 				SignatureVerificationProfile.LEVEL_B, adesList);
-
-		return adesList;
-	}
-	
-	private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
-		if (adesFormVerification == null) {
-			// no form information
-			return null;
-		}
-
-		List adesList = new ArrayList();
-
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
-				SignatureVerificationProfile.LEVEL_LTA, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+		*/
+		
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
 				SignatureVerificationProfile.LEVEL_LT, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
 				SignatureVerificationProfile.LEVEL_T, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
 				SignatureVerificationProfile.LEVEL_B, adesList);
-
+		
 		return adesList;
 	}
-
-	private void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException {
-		if (subResult != null) {
-			Logger.info("Checking Level: " + level);
-			try {
-				AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
-				adESFormResultsImpl.setCode(subResult.getResultCode().getCode());
-				adESFormResultsImpl.setInfo(subResult.getInfo());
-				adESFormResultsImpl.setName(subResult.getName());
-
-				adesList.add(adESFormResultsImpl);
-			} catch (NullPointerException e) {
-				Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
-			}
-		}
-	}
-	
-	private void checkSubResult(AdESVerificationResult subResult, String level, List adesList) {
-		if (subResult != null) {
-			Logger.info("Checking Level: " + level);
-			try {
-				AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
-				adESFormResultsImpl.setCode(subResult.getResultCode());
-				adESFormResultsImpl.setInfo(subResult.getInfo());
-				adESFormResultsImpl.setName(subResult.getName());
-
-				adesList.add(adESFormResultsImpl);
-			} catch (NullPointerException e) {
-				Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
-			}
-		}
-	}
-
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index bea66b0..5d7b852 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -64,6 +64,7 @@ import at.gv.egovernment.moa.spss.server.logging.IaikLog;
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.AdESResultUtils;
 import at.gv.egovernment.moa.spss.util.CertificateUtils;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.spss.util.QCSSCDResult;
@@ -74,8 +75,8 @@ import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 import at.gv.egovernment.moaspss.util.CollectionUtils;
 import at.gv.egovernment.moaspss.util.Constants;
 import iaik.server.ConfigurationException;
+import iaik.server.modules.AdESConstants;
 import iaik.server.modules.AdESFormVerificationResult;
-import iaik.server.modules.AdESVerificationResult;
 import iaik.server.modules.IAIKException;
 import iaik.server.modules.IAIKRuntimeException;
 import iaik.server.modules.SignatureVerificationProfile;
@@ -728,6 +729,7 @@ public class XMLSignatureVerificationInvoker {
 
 		List adesList = new ArrayList();
 
+		/*
 		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
 				SignatureVerificationProfile.LEVEL_LTA, adesList);
 		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
@@ -736,60 +738,16 @@ public class XMLSignatureVerificationInvoker {
 				SignatureVerificationProfile.LEVEL_T, adesList);
 		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
 				SignatureVerificationProfile.LEVEL_B, adesList);
-
-		return adesList;
-	}
-
-	private void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException {
-		if (subResult != null) {
-			Logger.info("Checking Level: " + level);
-			try {
-				AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
-				adESFormResultsImpl.setCode(subResult.getResultCode().getCode());
-				adESFormResultsImpl.setInfo(subResult.getInfo());
-				adESFormResultsImpl.setName(subResult.getName());
-
-				adesList.add(adESFormResultsImpl);
-			} catch (NullPointerException e) {
-				Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
-			}
-		}
-	}
-	
-	private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
-		if (adesFormVerification == null) {
-			// no form information
-			return null;
-		}
-
-		List adesList = new ArrayList();
-
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
-				SignatureVerificationProfile.LEVEL_LTA, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+		*/
+		
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
 				SignatureVerificationProfile.LEVEL_LT, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
 				SignatureVerificationProfile.LEVEL_T, adesList);
-		checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+		AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
 				SignatureVerificationProfile.LEVEL_B, adesList);
-
+		
 		return adesList;
 	}
 
-	private void checkSubResult(AdESVerificationResult subResult, String level, List adesList) {
-		if (subResult != null) {
-			Logger.info("Checking Level: " + level);
-			try {
-				AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
-				adESFormResultsImpl.setCode(subResult.getResultCode());
-				adESFormResultsImpl.setInfo(subResult.getInfo());
-				adESFormResultsImpl.setName(subResult.getName());
-
-				adesList.add(adESFormResultsImpl);
-			} catch (NullPointerException e) {
-				Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
-			}
-		}
-	}
-
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
new file mode 100644
index 0000000..90722b8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
@@ -0,0 +1,70 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl;
+import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.esi.sva.validation.ValidationReport;
+import iaik.server.ConfigurationException;
+import iaik.server.modules.ResultCode;
+import iaik.server.modules.ResultCodeInvalid;
+import iaik.server.modules.ResultCodeValid;
+import iaik.server.modules.SignatureVerificationResult;
+
+public class AdESResultUtils {
+
+	public static Integer getResultCode(Integer adesCode) {
+		return adesCode;
+	}
+	
+	public static void buildResult(ValidationReport report,  List adesList) {
+		
+		if(report == null) {
+			return;
+		}
+		
+		AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();				
+		adESFormResultsImpl.setCode(report.getStatus().ordinal());
+		adESFormResultsImpl.setInfo(report.getLongText());
+		adESFormResultsImpl.setName(report.getValidationName());
+
+		adesList.add(adESFormResultsImpl);
+		
+		if(report.getSubValidationReports() != null && !report.getSubValidationReports().isEmpty()) {
+			Iterator<ValidationReport> reportIt = report.getSubValidationReports().iterator();
+			while(reportIt.hasNext()) {
+				buildResult(reportIt.next(), adesList);
+			}
+		}
+		
+	}
+	
+	public static void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException {
+		if (subResult != null) {
+			Logger.info("Checking Level: " + level);
+			try {
+				
+				AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();		
+				ResultCode resultCode = subResult.getResultCode();
+				if(resultCode instanceof ResultCodeValid) {
+					adESFormResultsImpl.setCode(SignatureVerificationResult.VALID);//.getResultCode().getCode()));
+				} else if(resultCode instanceof ResultCodeInvalid) {
+					adESFormResultsImpl.setCode(SignatureVerificationResult.INVALID);
+				} else {
+					adESFormResultsImpl.setCode(SignatureVerificationResult.INDETERMINATE);
+				}
+				Logger.info("RESULT: " + resultCode.toString());
+				adESFormResultsImpl.setInfo(subResult.getInfo());
+				adESFormResultsImpl.setName(level);
+
+				adesList.add(adESFormResultsImpl);
+			} catch (NullPointerException e) {
+				Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
+			}
+		} else {
+			Logger.info("Subresult Level: " + level + " not available");
+		}
+	}
+	
+}
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2016-06-07 14:57:27 +0200
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2016-06-07 14:57:27 +0200
commit	606fd125e82b532f2e75dc787edb1f535dacfae9 (patch)
tree	72b81de83914e2df3823015310192eef1f21fe87
parent	4d0c73640c083a800060863309129960f44fc281 (diff)
download	moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.tar.gz moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.tar.bz2 moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.zip