diff options
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java')
-rw-r--r-- | moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java | 403 |
1 files changed, 228 insertions, 175 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java index 4903391..23570cc 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java @@ -11,185 +11,238 @@ import at.gv.egovernment.moaspss.logging.Logger; import iaik.esi.sva.validation.ValidationReport; import iaik.server.ConfigurationException; import iaik.server.modules.AdESVerificationResult; -import iaik.server.modules.ResultCode; -import iaik.server.modules.ResultCodeInvalid; -import iaik.server.modules.ResultCodeValid; import iaik.server.modules.SignatureVerificationProfile; import iaik.server.modules.SignatureVerificationResult; +import iaik.server.modules.resultcodes.ResultCode; +import iaik.server.modules.resultcodes.ResultCodeError; +import iaik.server.modules.resultcodes.ResultCodeInvalid; +import iaik.server.modules.resultcodes.ResultCodeSkipped; +import iaik.server.modules.resultcodes.ResultCodeValid; public class AdESResultUtils { - public static Integer getResultCode(Integer adesCode) { - return adesCode; - } - - public static ExtendedCertificateCheckResult getExtendedResult(iaik.server.modules.ResultCode resultCode) { - ExtendedCertificateCheckResult check = null; - - int majorCode = -1; - String majorInfo = ""; - int minorCode = -1; - String minorInfo = ""; - - Logger.debug("Generating extendend validation result: " + resultCode.toString()); - - if (resultCode instanceof ResultCodeValid) { - majorCode = SignatureVerificationResult.VALID; - majorInfo = "VALID"; - } else if (resultCode instanceof ResultCodeInvalid) { - majorCode = SignatureVerificationResult.INVALID; - majorInfo = "INVALID"; - } else { - majorCode = SignatureVerificationResult.INDETERMINATE; - majorInfo = "INDETERMINATE"; - } - - if (resultCode.getCode() != null) { - minorCode = resultCode.getCode(); - if (resultCode.getCode().equals(ResultCode.CODE_CHAIN_CONSTRAINTS_FAILURE)) { - minorInfo = "CHAIN_CONSTRAINTS_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_CRYPTO_CONSTRAINTS_FAILURE)) { - minorInfo = "CRYPTO_CONSTRAINTS_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_CRYPTO_CONSTRAINTS_FAILURE_NO_POE)) { - minorInfo = "CRYPTO_CONSTRAINTS_FAILURE_NO_POE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_EXPIRED)) { - minorInfo = "EXPIRED"; - } else if (resultCode.getCode().equals(ResultCode.CODE_FORMAT_FAILURE)) { - minorInfo = "FORMAT_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_GENERIC)) { - minorInfo = "GENERIC"; - } else if (resultCode.getCode().equals(ResultCode.CODE_HASH_FAILURE)) { - minorInfo = "HASH_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_NO_CERTIFICATE_CHAIN_FOUND)) { - minorInfo = "NO_CERTIFICATE_CHAIN_FOUND"; - } else if (resultCode.getCode().equals(ResultCode.CODE_NO_POE)) { - minorInfo = "NO_POE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_NO_POLICY)) { - minorInfo = "NO_POLICY"; - } else if (resultCode.getCode().equals(ResultCode.CODE_NOT_YET_VALID)) { - minorInfo = "NOT_YET_VALID"; - } else if (resultCode.getCode().equals(ResultCode.CODE_OUT_OF_BOUNDS_NO_POE)) { - minorInfo = "OUT_OF_BOUNDS_NO_POE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_POLICY_PROCESSING_ERROR)) { - minorInfo = "POLICY_PROCESSING_ERROR"; - } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED)) { - minorInfo = "REVOKED"; - } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED_CA_NO_POE)) { - minorInfo = "REVOKED_CA_NO_POE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED_NO_POE)) { - minorInfo = "REVOKED_NO_POE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_SIG_CONSTRAINTS_FAILURE)) { - minorInfo = "SIG_CONSTRAINTS_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_SIG_CRYPTO_FAILURE)) { - minorInfo = "SIG_CRYPTO_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_SIGNED_DATA_NOT_FOUND)) { - minorInfo = "SIGNED_DATA_NOT_FOUND"; - } else if (resultCode.getCode().equals(ResultCode.CODE_TIMESTAMP_ORDER_FAILURE)) { - minorInfo = "TIMESTAMP_ORDER_FAILURE"; - } else if (resultCode.getCode().equals(ResultCode.CODE_TRY_LATER)) { - minorInfo = "TRY_LATER"; - } else if (resultCode.getCode().equals(ResultCode.CODE_UNKNOWN_COMMITMENT_TYPE)) { - minorInfo = "UNKNOWN_COMMITMENT_TYPE"; - } else if (resultCode.getCode().equals(ResultCode.SUCCESS)) { - minorInfo = "SUCCESS"; - } - } - - check = new ExtendedCertificateCheckResultImpl(majorCode, majorInfo, minorCode, - minorInfo); - - return check; - - } - - public static List getAdESResult(iaik.server.modules.AdESFormVerificationResult adesFormVerification) { - if (adesFormVerification == null) { - // no form information - return null; - } - - List adesList = new ArrayList(); - - checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA), - SignatureVerificationProfile.LEVEL_LTA, adesList); - checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT), - SignatureVerificationProfile.LEVEL_LT, adesList); - checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T), - SignatureVerificationProfile.LEVEL_T, adesList); - checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B), - SignatureVerificationProfile.LEVEL_B, adesList); - - return adesList; - } - - public static void buildResult(ValidationReport report, List adesList) { - - if (report == null) { - return; - } - - AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); - adESFormResultsImpl.setCode(report.getStatus().ordinal()); - adESFormResultsImpl.setInfo(report.getLongText()); - adESFormResultsImpl.setName(report.getValidationName()); - - adesList.add(adESFormResultsImpl); - - if (report.getSubValidationReports() != null && !report.getSubValidationReports().isEmpty()) { - Iterator<ValidationReport> reportIt = report.getSubValidationReports().iterator(); - while (reportIt.hasNext()) { - buildResult(reportIt.next(), adesList); - } - } - - } - - public static void checkSubResult(AdESVerificationResult subResult, String level, List adesList) { - if (subResult != null) { - Logger.info("Checking Level: " + level); - try { - - AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); - adESFormResultsImpl.setCode(subResult.getResultCode()); - Logger.info("RESULT: " + String.valueOf(subResult.getResultCode())); - adESFormResultsImpl.setInfo(subResult.getInfo()); - adESFormResultsImpl.setName(level); - - adesList.add(adESFormResultsImpl); - } catch (NullPointerException e) { - Logger.warn("Catching NullPointer Exception, of invalid Form Results", e); - } - } else { - Logger.info("Subresult Level: " + level + " not available"); - } - } - - public static void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) - throws ConfigurationException { - if (subResult != null) { - Logger.info("Checking Level: " + level); - try { - - AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); - ResultCode resultCode = subResult.getResultCode(); - if (resultCode instanceof ResultCodeValid) { - adESFormResultsImpl.setCode(SignatureVerificationResult.VALID);// .getResultCode().getCode())); - } else if (resultCode instanceof ResultCodeInvalid) { - adESFormResultsImpl.setCode(SignatureVerificationResult.INVALID); - } else { - adESFormResultsImpl.setCode(SignatureVerificationResult.INDETERMINATE); - } - Logger.info("RESULT: " + resultCode.toString()); - adESFormResultsImpl.setInfo(subResult.getInfo()); - adESFormResultsImpl.setName(level); - - adesList.add(adESFormResultsImpl); - } catch (NullPointerException e) { - Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e); - } - } else { - Logger.info("Subresult Level: " + level + " not available"); - } - } + private static final int MAJORRESULTCODESKIPPED = new Integer(3); + private static final int MAJORRESULTCODEERROR = new Integer(4); + + public static Integer getResultCode(Integer adesCode) { + return adesCode; + } + + public static ExtendedCertificateCheckResult getExtendedResult( + iaik.server.modules.resultcodes.ResultCode resultCode) { + ExtendedCertificateCheckResult check = null; + + int majorCode = -1; + String majorInfo = ""; + int minorCode = -1; + String minorInfo = ""; + + Logger.debug("Generating extendend validation result: " + resultCode.toString()); + + if (resultCode instanceof ResultCodeValid) { + majorCode = SignatureVerificationResult.VALID; + majorInfo = "VALID"; + + } else if (resultCode instanceof ResultCodeInvalid) { + majorCode = SignatureVerificationResult.INVALID; + majorInfo = "INVALID"; + + } else if (resultCode instanceof ResultCodeSkipped) { + majorCode = MAJORRESULTCODESKIPPED; + majorInfo = "SKIPPED"; + + } else if (resultCode instanceof ResultCodeError) { + majorCode = MAJORRESULTCODEERROR; + majorInfo = "ERROR"; + + } else { + majorCode = SignatureVerificationResult.INDETERMINATE; + majorInfo = "INDETERMINATE"; + } + + if (resultCode.getCode() != null) { + minorCode = resultCode.getCode(); + if (resultCode.getCode().equals(ResultCode.CODE_CHAIN_CONSTRAINTS_FAILURE)) { + minorInfo = "CHAIN_CONSTRAINTS_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_CRYPTO_CONSTRAINTS_FAILURE)) { + minorInfo = "CRYPTO_CONSTRAINTS_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_CRYPTO_CONSTRAINTS_FAILURE_NO_POE)) { + minorInfo = "CRYPTO_CONSTRAINTS_FAILURE_NO_POE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_EXPIRED)) { + minorInfo = "EXPIRED"; + } else if (resultCode.getCode().equals(ResultCode.CODE_FORMAT_FAILURE)) { + minorInfo = "FORMAT_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_GENERIC)) { + minorInfo = "GENERIC"; + } else if (resultCode.getCode().equals(ResultCode.CODE_HASH_FAILURE)) { + minorInfo = "HASH_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_NO_CERTIFICATE_CHAIN_FOUND)) { + minorInfo = "NO_CERTIFICATE_CHAIN_FOUND"; + } else if (resultCode.getCode().equals(ResultCode.CODE_NO_POE)) { + minorInfo = "NO_POE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_NO_POLICY)) { + minorInfo = "NO_POLICY"; + } else if (resultCode.getCode().equals(ResultCode.CODE_NOT_YET_VALID)) { + minorInfo = "NOT_YET_VALID"; + } else if (resultCode.getCode().equals(ResultCode.CODE_OUT_OF_BOUNDS_NO_POE)) { + minorInfo = "OUT_OF_BOUNDS_NO_POE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_POLICY_PROCESSING_ERROR)) { + minorInfo = "POLICY_PROCESSING_ERROR"; + } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED)) { + minorInfo = "REVOKED"; + } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED_CA_NO_POE)) { + minorInfo = "REVOKED_CA_NO_POE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED_NO_POE)) { + minorInfo = "REVOKED_NO_POE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_SIG_CONSTRAINTS_FAILURE)) { + minorInfo = "SIG_CONSTRAINTS_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_SIG_CRYPTO_FAILURE)) { + minorInfo = "SIG_CRYPTO_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_SIGNED_DATA_NOT_FOUND)) { + minorInfo = "SIGNED_DATA_NOT_FOUND"; + } else if (resultCode.getCode().equals(ResultCode.CODE_TIMESTAMP_ORDER_FAILURE)) { + minorInfo = "TIMESTAMP_ORDER_FAILURE"; + } else if (resultCode.getCode().equals(ResultCode.CODE_TRY_LATER)) { + minorInfo = "TRY_LATER"; + } else if (resultCode.getCode().equals(ResultCode.CODE_UNKNOWN_COMMITMENT_TYPE)) { + minorInfo = "UNKNOWN_COMMITMENT_TYPE"; + } else if (resultCode.getCode().equals(ResultCode.SUCCESS)) { + minorInfo = "SUCCESS"; + } else if (resultCode.getCode().equals(ResultCode.ERROR)) { + minorInfo = "ERROR"; + } else if (resultCode.getCode().equals(ResultCode.UNKNOWN_SUBFILTER)) { + minorInfo = "UNKNOWN_SUBFILTER"; + + // pdf-as 3.x detection is removed from MOA-SP since 3.1.2 + } else if (resultCode.getCode().equals(ResultCode.PDF_AS_SIGNATURE)) { + // minorInfo = "PDF_AS_SIGNATURE"; + minorInfo = "UNKNOWN_SUBFILTER"; + minorCode = ResultCode.UNKNOWN_SUBFILTER; + } + + } + + check = new ExtendedCertificateCheckResultImpl(majorCode, majorInfo, minorCode, + minorInfo); + + return check; + + } + + public static List getAdESResult(iaik.server.modules.AdESFormVerificationResult adesFormVerification) { + if (adesFormVerification == null) { + // no form information + return null; + } + + final List adesList = new ArrayList(); + + // add only the completed form result to response + final String completedForm = adesFormVerification.getCompleteForm(); + Logger.info("Find complete Form: " + completedForm); + + /* + * This code only returns the result of the completed form + */ +// if (MiscUtil.isNotEmpty(completedForm)) { +// Logger.info("Form-validation found completed form: " + completedForm); +// AdESVerificationResult subResult = adesFormVerification.getSubResult(completedForm); +// checkSubResult(subResult, completedForm, adesList); +// if (Logger.isDebugEnabled()) +// Logger.debug("Detailed Result: \n" + subResult.getInfo()); +// +// } else +// Logger.info("Form-valdition found NO completed form."); +// +// if (Logger.isDebugEnabled()) +// Logger.debug("Full form-validation result: \n" + adesFormVerification.getInfo()); + + /* + * This code returns the result for all forms + */ + // add results for all form types to response + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA), + SignatureVerificationProfile.LEVEL_LTA, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT), + SignatureVerificationProfile.LEVEL_LT, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T), + SignatureVerificationProfile.LEVEL_T, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B), + SignatureVerificationProfile.LEVEL_B, adesList); + + return adesList; + } + + public static void buildResult(ValidationReport report, List adesList) { + + if (report == null) { + return; + } + + final AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); + adESFormResultsImpl.setCode(report.getStatus().ordinal()); + adESFormResultsImpl.setInfo(report.getLongText()); + adESFormResultsImpl.setName(report.getValidationName()); + + adesList.add(adESFormResultsImpl); + + if (report.getSubValidationReports() != null && !report.getSubValidationReports().isEmpty()) { + final Iterator<ValidationReport> reportIt = report.getSubValidationReports().iterator(); + while (reportIt.hasNext()) { + buildResult(reportIt.next(), adesList); + } + } + + } + + public static void checkSubResult(AdESVerificationResult subResult, String level, List adesList) { + if (subResult != null) { + Logger.debug("Checking Level: " + level); + try { + + final AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); + adESFormResultsImpl.setCode(subResult.getResultCode()); + Logger.debug("RESULT: " + String.valueOf(subResult.getResultCode())); + adESFormResultsImpl.setInfo(subResult.getInfo()); + adESFormResultsImpl.setName(level); + + adesList.add(adESFormResultsImpl); + } catch (final NullPointerException e) { + Logger.warn("Catching NullPointer Exception, of invalid Form Results", e); + + } + } else { + Logger.info("Subresult Level: " + level + " not available"); + + } + } + + public static void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) + throws ConfigurationException { + if (subResult != null) { + Logger.debug("Checking Level: " + level); + try { + + final AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); + final iaik.server.modules.resultcodes.ResultCode resultCode = subResult.getResultCode(); + if (resultCode instanceof ResultCodeValid) { + adESFormResultsImpl.setCode(SignatureVerificationResult.VALID);// .getResultCode().getCode())); + } else if (resultCode instanceof ResultCodeInvalid) { + adESFormResultsImpl.setCode(SignatureVerificationResult.INVALID); + } else { + adESFormResultsImpl.setCode(SignatureVerificationResult.INDETERMINATE); + } + Logger.debug("RESULT: " + resultCode.toString()); + adESFormResultsImpl.setInfo(subResult.getInfo()); + adESFormResultsImpl.setName(level); + + adesList.add(adESFormResultsImpl); + } catch (final NullPointerException e) { + Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e); + } + } else { + Logger.info("Subresult Level: " + level + " not available"); + } + } } |