aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2016-06-07 14:57:27 +0200
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2016-06-07 14:57:27 +0200
commit606fd125e82b532f2e75dc787edb1f535dacfae9 (patch)
tree72b81de83914e2df3823015310192eef1f21fe87
parent4d0c73640c083a800060863309129960f44fc281 (diff)
downloadmoa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.tar.gz
moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.tar.bz2
moa-sig-606fd125e82b532f2e75dc787edb1f535dacfae9.zip
3.0.0-RC2 signature form results adapted
-rw-r--r--moaSig/build.gradle2
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java137
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java60
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java70
4 files changed, 107 insertions, 162 deletions
diff --git a/moaSig/build.gradle b/moaSig/build.gradle
index b7ed724..2b3b909 100644
--- a/moaSig/build.gradle
+++ b/moaSig/build.gradle
@@ -21,7 +21,7 @@ subprojects {
testCompile 'junit:junit:4.8.2'
}
- version = '3.0.0-RC1'
+ version = '3.0.0-RC2'
jar {
manifest.attributes provider: 'EGIZ'
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 0480316..f5d2826 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -35,31 +35,29 @@ import java.util.List;
import at.gv.egovernment.moa.spss.MOAApplicationException;
import at.gv.egovernment.moa.spss.MOAException;
-import at.gv.egovernment.moa.spss.MOARuntimeException;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference;
import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
-import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl;
import at.gv.egovernment.moa.spss.server.config.TrustProfile;
import at.gv.egovernment.moa.spss.server.logging.IaikLog;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.AdESResultUtils;
import at.gv.egovernment.moa.spss.util.CertificateUtils;
import at.gv.egovernment.moa.spss.util.QCSSCDResult;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
import iaik.server.ConfigurationException;
+import iaik.server.modules.AdESConstants;
import iaik.server.modules.AdESFormVerificationResult;
-import iaik.server.modules.AdESVerificationResult;
import iaik.server.modules.IAIKException;
import iaik.server.modules.IAIKRuntimeException;
import iaik.server.modules.SignatureVerificationProfile;
-import iaik.server.modules.SignatureVerificationResult;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModule;
import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
@@ -159,8 +157,10 @@ public class CMSSignatureVerificationInvoker {
// while (input.read(buf) > 0);
if(request.isExtended()) {
+ Logger.info("Running extended validation");
results = module.verifyPAdESSignature(signingTime);
} else {
+ Logger.info("Running not extended validation");
results = module.verifySignature(signingTime);
}
@@ -182,8 +182,10 @@ public class CMSSignatureVerificationInvoker {
;
if(request.isExtended()) {
+ Logger.info("Running extended validation");
results = module.verifyCAdESSignature(signingTime);
} else {
+ Logger.info("Running not extended validation");
results = module.verifySignature(signingTime);
}
// results = module.verifySignature(signingTime);
@@ -257,12 +259,13 @@ public class CMSSignatureVerificationInvoker {
CMSSignatureVerificationResult cmsResult = null;
List adesResults = null;
if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
+ Logger.info("Got ExtendedCMSSignatureVerificationResult");
ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
cmsResult = result.getCMSSignatureVerificationResult();
try {
adesResults = getAdESResult(result);
} catch (ConfigurationException e) {
- Logger.warn("Failed to provide extended validation results", e);
+ Logger.warn("Failed to provide extended validation results: " + e.getMessage());
}
if (adesResults != null) {
@@ -272,6 +275,7 @@ public class CMSSignatureVerificationInvoker {
}
}
} else {
+ Logger.info("Got CMSSignatureVerificationResult");
cmsResult = (CMSSignatureVerificationResult) resultObject;
}
@@ -301,53 +305,6 @@ public class CMSSignatureVerificationInvoker {
qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
}
- private void handleCMSEXTResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
- TrustProfile trustProfile) throws MOAException {
- QCSSCDResult qcsscdresult = new QCSSCDResult();
-
- CMSSignatureVerificationResult cmsResult = null;
- List adesResults = null;
- if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
- ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
-
- adesResults = getAdESResult(result.getFormVerificationResult());
-
- if (adesResults != null) {
- Iterator adesIterator = adesResults.iterator();
- while (adesIterator.hasNext()) {
- Logger.info("ADES Formresults: " + adesIterator.next().toString());
- }
- }
- cmsResult = result.getCMSSignatureVerificationResult();
- } else {
- cmsResult = (CMSSignatureVerificationResult) resultObject;
- }
-
- String issuerCountryCode = null;
- // QC/SSCD check
-
- List list = cmsResult.getCertificateValidationResult().getCertificateChain();
- if (list != null) {
- X509Certificate[] chain = new X509Certificate[list.size()];
-
- Iterator it = list.iterator();
- int i = 0;
- while (it.hasNext()) {
- chain[i] = (X509Certificate) it.next();
- i++;
- }
-
- qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
-
- // get signer certificate issuer country code
- issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
-
- }
-
- responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
- qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
- }
-
private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
TrustProfile trustProfile) throws MOAException {
QCSSCDResult qcsscdresult = new QCSSCDResult();
@@ -360,6 +317,7 @@ public class CMSSignatureVerificationInvoker {
PDFSignatureVerificationResult cmsResult = null;
List adesResults = null;
if (resultObject instanceof ExtendedPDFSignatureVerificationResult) {
+ Logger.info("Got ExtendedPDFSignatureVerificationResult");
ExtendedPDFSignatureVerificationResult result = (ExtendedPDFSignatureVerificationResult) resultObject;
cmsResult = result.getPDFSignatureVerificationResult();
try {
@@ -377,6 +335,7 @@ public class CMSSignatureVerificationInvoker {
}
cmsResult = result.getPDFSignatureVerificationResult();
} else {
+ Logger.info("Got PDFSignatureVerificationResult");
cmsResult = (PDFSignatureVerificationResult) resultObject;
}
@@ -519,14 +478,17 @@ public class CMSSignatureVerificationInvoker {
}
List adesList = new ArrayList();
-
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
- SignatureVerificationProfile.LEVEL_LTA, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+ Logger.info("Checking AdES Results:");
+
+ //AdESResultUtils.buildResult(adesFormVerification.getDetailedExtendedReport(), adesList);
+
+ //AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
+ // SignatureVerificationProfile.LEVEL_LTA, adesList);
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
SignatureVerificationProfile.LEVEL_LT, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
SignatureVerificationProfile.LEVEL_T, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
SignatureVerificationProfile.LEVEL_B, adesList);
return adesList;
@@ -540,7 +502,7 @@ public class CMSSignatureVerificationInvoker {
List adesList = new ArrayList();
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
+ /*checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
SignatureVerificationProfile.LEVEL_LTA, adesList);
checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
SignatureVerificationProfile.LEVEL_LT, adesList);
@@ -548,60 +510,15 @@ public class CMSSignatureVerificationInvoker {
SignatureVerificationProfile.LEVEL_T, adesList);
checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
SignatureVerificationProfile.LEVEL_B, adesList);
-
- return adesList;
- }
-
- private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
- if (adesFormVerification == null) {
- // no form information
- return null;
- }
-
- List adesList = new ArrayList();
-
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
- SignatureVerificationProfile.LEVEL_LTA, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+ */
+
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
SignatureVerificationProfile.LEVEL_LT, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
SignatureVerificationProfile.LEVEL_T, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
SignatureVerificationProfile.LEVEL_B, adesList);
-
+
return adesList;
}
-
- private void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException {
- if (subResult != null) {
- Logger.info("Checking Level: " + level);
- try {
- AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
- adESFormResultsImpl.setCode(subResult.getResultCode().getCode());
- adESFormResultsImpl.setInfo(subResult.getInfo());
- adESFormResultsImpl.setName(subResult.getName());
-
- adesList.add(adESFormResultsImpl);
- } catch (NullPointerException e) {
- Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
- }
- }
- }
-
- private void checkSubResult(AdESVerificationResult subResult, String level, List adesList) {
- if (subResult != null) {
- Logger.info("Checking Level: " + level);
- try {
- AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
- adESFormResultsImpl.setCode(subResult.getResultCode());
- adESFormResultsImpl.setInfo(subResult.getInfo());
- adESFormResultsImpl.setName(subResult.getName());
-
- adesList.add(adESFormResultsImpl);
- } catch (NullPointerException e) {
- Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
- }
- }
- }
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index bea66b0..5d7b852 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -64,6 +64,7 @@ import at.gv.egovernment.moa.spss.server.logging.IaikLog;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.util.AdESResultUtils;
import at.gv.egovernment.moa.spss.util.CertificateUtils;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moa.spss.util.QCSSCDResult;
@@ -74,8 +75,8 @@ import at.gv.egovernment.moaspss.logging.LoggingContextManager;
import at.gv.egovernment.moaspss.util.CollectionUtils;
import at.gv.egovernment.moaspss.util.Constants;
import iaik.server.ConfigurationException;
+import iaik.server.modules.AdESConstants;
import iaik.server.modules.AdESFormVerificationResult;
-import iaik.server.modules.AdESVerificationResult;
import iaik.server.modules.IAIKException;
import iaik.server.modules.IAIKRuntimeException;
import iaik.server.modules.SignatureVerificationProfile;
@@ -728,6 +729,7 @@ public class XMLSignatureVerificationInvoker {
List adesList = new ArrayList();
+ /*
checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
SignatureVerificationProfile.LEVEL_LTA, adesList);
checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
@@ -736,60 +738,16 @@ public class XMLSignatureVerificationInvoker {
SignatureVerificationProfile.LEVEL_T, adesList);
checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
SignatureVerificationProfile.LEVEL_B, adesList);
-
- return adesList;
- }
-
- private void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException {
- if (subResult != null) {
- Logger.info("Checking Level: " + level);
- try {
- AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
- adESFormResultsImpl.setCode(subResult.getResultCode().getCode());
- adESFormResultsImpl.setInfo(subResult.getInfo());
- adESFormResultsImpl.setName(subResult.getName());
-
- adesList.add(adESFormResultsImpl);
- } catch (NullPointerException e) {
- Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
- }
- }
- }
-
- private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
- if (adesFormVerification == null) {
- // no form information
- return null;
- }
-
- List adesList = new ArrayList();
-
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA),
- SignatureVerificationProfile.LEVEL_LTA, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT),
+ */
+
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.LONG_TERM_VALIDATION),
SignatureVerificationProfile.LEVEL_LT, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T),
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult(AdESConstants.ADES_T_VALIDATION),
SignatureVerificationProfile.LEVEL_T, adesList);
- checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B),
+ AdESResultUtils.checkSubResult(adesFormVerification.getSubResult("basic report"),
SignatureVerificationProfile.LEVEL_B, adesList);
-
+
return adesList;
}
- private void checkSubResult(AdESVerificationResult subResult, String level, List adesList) {
- if (subResult != null) {
- Logger.info("Checking Level: " + level);
- try {
- AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
- adESFormResultsImpl.setCode(subResult.getResultCode());
- adESFormResultsImpl.setInfo(subResult.getInfo());
- adESFormResultsImpl.setName(subResult.getName());
-
- adesList.add(adESFormResultsImpl);
- } catch (NullPointerException e) {
- Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
- }
- }
- }
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
new file mode 100644
index 0000000..90722b8
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
@@ -0,0 +1,70 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl;
+import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.esi.sva.validation.ValidationReport;
+import iaik.server.ConfigurationException;
+import iaik.server.modules.ResultCode;
+import iaik.server.modules.ResultCodeInvalid;
+import iaik.server.modules.ResultCodeValid;
+import iaik.server.modules.SignatureVerificationResult;
+
+public class AdESResultUtils {
+
+ public static Integer getResultCode(Integer adesCode) {
+ return adesCode;
+ }
+
+ public static void buildResult(ValidationReport report, List adesList) {
+
+ if(report == null) {
+ return;
+ }
+
+ AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
+ adESFormResultsImpl.setCode(report.getStatus().ordinal());
+ adESFormResultsImpl.setInfo(report.getLongText());
+ adESFormResultsImpl.setName(report.getValidationName());
+
+ adesList.add(adESFormResultsImpl);
+
+ if(report.getSubValidationReports() != null && !report.getSubValidationReports().isEmpty()) {
+ Iterator<ValidationReport> reportIt = report.getSubValidationReports().iterator();
+ while(reportIt.hasNext()) {
+ buildResult(reportIt.next(), adesList);
+ }
+ }
+
+ }
+
+ public static void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException {
+ if (subResult != null) {
+ Logger.info("Checking Level: " + level);
+ try {
+
+ AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl();
+ ResultCode resultCode = subResult.getResultCode();
+ if(resultCode instanceof ResultCodeValid) {
+ adESFormResultsImpl.setCode(SignatureVerificationResult.VALID);//.getResultCode().getCode()));
+ } else if(resultCode instanceof ResultCodeInvalid) {
+ adESFormResultsImpl.setCode(SignatureVerificationResult.INVALID);
+ } else {
+ adESFormResultsImpl.setCode(SignatureVerificationResult.INDETERMINATE);
+ }
+ Logger.info("RESULT: " + resultCode.toString());
+ adESFormResultsImpl.setInfo(subResult.getInfo());
+ adESFormResultsImpl.setName(level);
+
+ adesList.add(adESFormResultsImpl);
+ } catch (NullPointerException e) {
+ Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e);
+ }
+ } else {
+ Logger.info("Subresult Level: " + level + " not available");
+ }
+ }
+
+}