diff options
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java')
-rw-r--r-- | moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java | 259 |
1 files changed, 133 insertions, 126 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java index 7ebea52..813d28e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java @@ -21,13 +21,8 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.invoke; -import iaik.server.modules.cmsverify.CMSSignatureVerificationResult; -import iaik.server.modules.pdfverify.PDFSignatureVerificationResult; -import iaik.server.cmspdfverify.CertificateValidationResult; - import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.List; @@ -41,28 +36,35 @@ import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.api.common.TslInfos; import at.gv.egovernment.moa.spss.server.config.TrustProfile; +import iaik.server.cmspdfverify.CertificateValidationResult; +import iaik.server.modules.cmsverify.CMSSignatureVerificationResult; +import iaik.server.modules.pdfverify.PDFSignatureVerificationResult; /** * A class to build a <code>VerifyCMSSignatureResponse</code> object. - * - * <p>Via subsequent calls to <code>addResult()</code> a number of results from - * a CMS signature verification can be added to the response.</p> - * - * <p>The <code>getResponseElement()</code> method then returns the - * <code>VerifyCMSSignatureResponse</code> built so far.</p> - * + * + * <p> + * Via subsequent calls to <code>addResult()</code> a number of results from a + * CMS signature verification can be added to the response. + * </p> + * + * <p> + * The <code>getResponseElement()</code> method then returns the + * <code>VerifyCMSSignatureResponse</code> built so far. + * </p> + * * @author Patrick Peck * @version $Id$ */ public class VerifyCMSSignatureResponseBuilder { /** The <code>SPSSFactory</code> for creating API objects. */ - private SPSSFactory factory = SPSSFactory.getInstance(); + private final SPSSFactory factory = SPSSFactory.getInstance(); /** The elements making up the response. */ - private List responseElements = new ArrayList(); + private final List responseElements = new ArrayList(); /** * Get the <code>VerifyCMSSignatureResponse</code> built so far. - * + * * @return The <code>VerifyCMSSignatureResponse</code> built so far. */ public VerifyCMSSignatureResponse getResponse() { @@ -71,141 +73,146 @@ public class VerifyCMSSignatureResponseBuilder { /** * Add a verification result to the response. - * - * @param result The result to add. - * @param trustprofile The actual trustprofile - * @param checkQCFromTSL <code>true</code>, if the TSL check verifies the - * certificate as qualified, otherwise <code>false</code>. - * @param checkSSCD <code>true</code>, if the TSL check verifies the - * signature based on a SSDC, otherwise <code>false</code>. - * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from the TSL, - * otherwise <code>false</code>. - * @throws MOAException + * + * @param result The result to add. + * @param trustprofile The actual trustprofile + * @param checkQCFromTSL <code>true</code>, if the TSL check verifies the + * certificate as qualified, otherwise <code>false</code>. + * @param checkSSCD <code>true</code>, if the TSL check verifies the + * signature based on a SSDC, otherwise + * <code>false</code>. + * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from + * the TSL, otherwise <code>false</code>. + * @throws MOAException */ - public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, - ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification) - throws MOAException { - - - int signatureCheckCode = result.getSignatureValueVerificationCode().intValue(); - CertificateValidationResult certResult = result.getCertificateValidationResult(); - + public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, + boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, + List adesResults, + ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, + boolean extendedVerification) + throws MOAException { + + final int signatureCheckCode = result.getSignatureValueVerificationCode().intValue(); + final CertificateValidationResult certResult = result.getCertificateValidationResult(); + VerifyCMSSignatureResponseElement responseElement; SignerInfo signerInfo = null; CheckResult signatureCheck; CheckResult certificateCheck; - boolean qualifiedCertificate = checkQC; - - //add signature algorithm name in case of extended validation + final boolean qualifiedCertificate = checkQC; + + // add signature algorithm name in case of extended validation String sigAlgName = null; if (extendedVerification) { - sigAlgName = result.getSignatureAlgorithmName(); - + sigAlgName = result.getSignatureAlgorithmName(); + } - - //set code 99 if not certcheckresult exists + + // set code 99 if not certcheckresult exists int certificateCheckCode = 99; if (certResult != null) { - certificateCheckCode = certResult.getValidationResultCode().intValue(); - - // add SignerInfo element - signerInfo = - factory.createSignerInfo( - (X509Certificate) certResult.getCertificateChain().get(0), - qualifiedCertificate, - qcSourceTSL, - certResult.isPublicAuthorityCertificate(), - certResult.getPublicAuthorityID(), - checkSSCD, - sscdSourceTSL, - issuerCountryCode, - result.getSigningTime(), - tslInfos); + certificateCheckCode = certResult.getValidationResultCode().intValue(); + + // add SignerInfo element + signerInfo = + factory.createSignerInfo( + (X509Certificate) certResult.getCertificateChain().get(0), + qualifiedCertificate, + qcSourceTSL, + certResult.isPublicAuthorityCertificate(), + certResult.getPublicAuthorityID(), + checkSSCD, + sscdSourceTSL, + issuerCountryCode, + result.getSigningTime(), + tslInfos); } - + // add SignatureCheck element signatureCheck = factory.createCheckResult(signatureCheckCode, null); // add CertificateCheck element certificateCheck = factory.createCheckResult(certificateCheckCode, null); - + // build the response element responseElement = - factory.createVerifyCMSSignatureResponseElement( - signerInfo, - signatureCheck, - certificateCheck, - adesResults, - extendedCertificateCheckResult, - sigAlgName, - null, - null); + factory.createVerifyCMSSignatureResponseElement( + signerInfo, + signatureCheck, + certificateCheck, + adesResults, + extendedCertificateCheckResult, + sigAlgName, + null, + null); responseElements.add(responseElement); } - -/** - * - * @param result - * @param trustProfile - * @param checkQC - * @param qcSourceTSL - * @param checkSSCD - * @param sscdSourceTSL - * @param issuerCountryCode - * @param adesResults - * @param extendedCertificateCheckResult - * @param tslInfos - * @param extendedVerification - * @throws MOAException - */ - public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, - ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification) - throws MOAException { - - CertificateValidationResult certResult = - result.getCertificateValidationResult(); - int signatureCheckCode = - result.getSignatureValueVerificationCode().intValue(); - + + /** + * + * @param result + * @param trustProfile + * @param checkQC + * @param qcSourceTSL + * @param checkSSCD + * @param sscdSourceTSL + * @param issuerCountryCode + * @param adesResults + * @param extendedCertificateCheckResult + * @param tslInfos + * @param extendedVerification + * @throws MOAException + */ + public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, + boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, + List adesResults, + ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, + boolean extendedVerification) + throws MOAException { + + final CertificateValidationResult certResult = + result.getCertificateValidationResult(); + final int signatureCheckCode = + result.getSignatureValueVerificationCode().intValue(); + VerifyCMSSignatureResponseElement responseElement; SignerInfo signerInfo = null; CheckResult signatureCheck; CheckResult certificateCheck; - boolean qualifiedCertificate = checkQC; - - //add signature algorithm name in case of extended validation + final boolean qualifiedCertificate = checkQC; + + // add signature algorithm name in case of extended validation String sigAlgName = null; Boolean coversFullDoc = null; int[] sigByteRange = null; - + if (extendedVerification) { - sigAlgName = result.getSignatureAlgorithmName(); - coversFullDoc = result.byteRangeCoversWholeDocument(); - sigByteRange = result.getByteRange(); - - } + sigAlgName = result.getSignatureAlgorithmName(); + coversFullDoc = result.byteRangeCoversWholeDocument(); + sigByteRange = result.getByteRange(); + } - //set code 99 if not certcheckresult exists + // set code 99 if not certcheckresult exists int certificateCheckCode = 99; if (certResult != null) { - certificateCheckCode = certResult.getValidationResultCode().intValue(); - - // add SignerInfo element - signerInfo = - factory.createSignerInfo( - (X509Certificate) certResult.getCertificateChain().get(0), - qualifiedCertificate, - qcSourceTSL, - certResult.isPublicAuthorityCertificate(), - certResult.getPublicAuthorityID(), - checkSSCD, - sscdSourceTSL, - issuerCountryCode, - result.getSigningTime(), - tslInfos); + certificateCheckCode = certResult.getValidationResultCode().intValue(); + + // add SignerInfo element + signerInfo = + factory.createSignerInfo( + (X509Certificate) certResult.getCertificateChain().get(0), + qualifiedCertificate, + qcSourceTSL, + certResult.isPublicAuthorityCertificate(), + certResult.getPublicAuthorityID(), + checkSSCD, + sscdSourceTSL, + issuerCountryCode, + result.getSigningTime(), + tslInfos); } // add SignatureCheck element @@ -213,18 +220,18 @@ public class VerifyCMSSignatureResponseBuilder { // add CertificateCheck element certificateCheck = factory.createCheckResult(certificateCheckCode, null); - + // build the response element responseElement = - factory.createVerifyCMSSignatureResponseElement( - signerInfo, - signatureCheck, - certificateCheck, - adesResults, - extendedCertificateCheckResult, - sigAlgName, - coversFullDoc, - sigByteRange); + factory.createVerifyCMSSignatureResponseElement( + signerInfo, + signatureCheck, + certificateCheck, + adesResults, + extendedCertificateCheckResult, + sigAlgName, + coversFullDoc, + sigByteRange); responseElements.add(responseElement); } |