From 8574f931c169248c67c3a5946351f9072628af46 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 2 Jan 2017 16:35:43 +0100 Subject: first untested beta version with new TSL lib --- .../server/invoke/CMSSignatureVerificationInvoker.java | 10 ++++++---- .../moa/spss/server/invoke/IaikExceptionMapper.java | 16 ++-------------- .../server/invoke/VerifyCMSSignatureResponseBuilder.java | 11 +++++++---- .../server/invoke/XMLSignatureVerificationInvoker.java | 6 +++--- 4 files changed, 18 insertions(+), 25 deletions(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java index ba0474c..1508b42 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -42,6 +42,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.TrustProfile; import at.gv.egovernment.moa.spss.server.logging.IaikLog; import at.gv.egovernment.moa.spss.server.logging.TransactionId; @@ -304,7 +305,7 @@ public class CMSSignatureVerificationInvoker { i++; } - qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled()); + qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance()); // get signer certificate issuer country code issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0)); @@ -312,7 +313,8 @@ public class CMSSignatureVerificationInvoker { } responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), - qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, extCheckResult); + qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, extCheckResult, + qcsscdresult.getTslInfos()); } private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder, @@ -371,7 +373,7 @@ public class CMSSignatureVerificationInvoker { i++; } - qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled()); + qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance()); // get signer certificate issuer country code issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0)); @@ -380,7 +382,7 @@ public class CMSSignatureVerificationInvoker { responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, - extCheckResult); + extCheckResult, qcsscdresult.getTslInfos()); } /** diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java index 1136ff2..6e8448b 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/IaikExceptionMapper.java @@ -84,8 +84,7 @@ public class IaikExceptionMapper { { iaik.server.modules.xmlverify.SupplementException.class, "2230", MOAApplicationException.class }, { iaik.server.modules.xmlverify.TransformationException.class, "2265", MOAApplicationException.class }, { iaik.server.modules.xmlverify.TransformationParsingException.class, "2269", MOAApplicationException.class }, - { iaik.xml.crypto.tsl.ex.TSLEngineDiedException.class, "2290", MOAApplicationException.class }, - { iaik.xml.crypto.tsl.ex.TSLSearchException.class, "2290", MOAApplicationException.class } , + { at.gv.egovernment.moa.sig.tsl.exception.TslException.class, "2290", MOAApplicationException.class }, { iaik.server.modules.cmssign.CMSSignatureCreationException.class, "2300", MOAApplicationException.class } , @@ -157,20 +156,9 @@ public class IaikExceptionMapper { * @return A MOAException containing the message for the * given IAIKException. */ - public MOAException map(iaik.xml.crypto.tsl.ex.TSLSearchException tslSearchException) { + public MOAException map(at.gv.egovernment.moa.sig.tsl.exception.TslException tslSearchException) { return mapImpl(tslSearchException); } - - /** - * Map an iaik.xml.crypto.tsl.ex.TSLEngineDiedException to a MOAException. - * - * @param tslEngineDiedException The iaik.xml.crypto.tsl.ex.TSLEngineDiedException to map. - * @return A MOAException containing the message for the - * given IAIKException. - */ - public MOAException map(iaik.xml.crypto.tsl.ex.TSLEngineDiedException tslEngineDiedException) { - return mapImpl(tslEngineDiedException); - } /** * Map an IAIKException to a MOAException. diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java index fe2a9ad..5ada287 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java @@ -39,6 +39,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElemen import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; +import at.gv.egovernment.moa.spss.api.common.TslInfos; import at.gv.egovernment.moa.spss.server.config.TrustProfile; /** @@ -82,7 +83,7 @@ public class VerifyCMSSignatureResponseBuilder { * @throws MOAException */ public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, - ExtendedCertificateCheckResult extendedCertificateCheckResult) + ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos) throws MOAException { CertificateValidationResult certResult = @@ -109,7 +110,8 @@ public class VerifyCMSSignatureResponseBuilder { checkSSCD, sscdSourceTSL, issuerCountryCode, - result.getSigningTime()); + result.getSigningTime(), + tslInfos); // add SignatureCheck element signatureCheck = factory.createCheckResult(signatureCheckCode, null); @@ -142,7 +144,7 @@ public class VerifyCMSSignatureResponseBuilder { * @throws MOAException */ public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, - ExtendedCertificateCheckResult extendedCertificateCheckResult) + ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos) throws MOAException { CertificateValidationResult certResult = @@ -169,7 +171,8 @@ public class VerifyCMSSignatureResponseBuilder { checkSSCD, sscdSourceTSL, issuerCountryCode, - result.getSigningTime()); + result.getSigningTime(), + tslInfos); // add SignatureCheck element signatureCheck = factory.createCheckResult(signatureCheckCode, null); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index c3ebda4..827728c 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -277,8 +277,8 @@ public class XMLSignatureVerificationInvoker { chain[i] = (X509Certificate) it.next(); i++; } - - qcsscdresult = CertificateUtils.checkQCSSCD(chain, tp.isTSLEnabled()); + + qcsscdresult = CertificateUtils.checkQCSSCD(chain, plainResult.getSigningTime(), tp.isTSLEnabled(), config); } // get signer certificate issuer country code @@ -303,7 +303,7 @@ public class XMLSignatureVerificationInvoker { // build the response responseBuilder.setResult(plainResult, profile, signatureManifestCheck, certificateCheck, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), - qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode); + qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode, qcsscdresult.getTslInfos()); return responseBuilder.getResponse(); } -- cgit v1.2.3