From 4d0c73640c083a800060863309129960f44fc281 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Tue, 7 Jun 2016 12:16:36 +0200 Subject: a lot of changes --- .../moa/spss/api/xmlbind/RequestParserUtils.java | 10 +- .../moa/spss/server/init/SystemInitializer.java | 3 +- .../invoke/CMSSignatureVerificationInvoker.java | 110 ++++++++++++++++----- .../invoke/XMLSignatureVerificationInvoker.java | 46 ++++++++- .../moa/spss/tsl/timer/TSLUpdaterTimerTask.java | 6 +- 5 files changed, 139 insertions(+), 36 deletions(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java index 1d53a0c..99a64d9 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java @@ -192,14 +192,10 @@ public class RequestParserUtils { String xsdBoolean = dateTimeText.trim(); if ("".equals(xsdBoolean)) return defaultValue; - switch (xsdBoolean) { - case "true": - case "1": + if("true".equalsIgnoreCase(xsdBoolean) || + "1".equalsIgnoreCase(xsdBoolean)) { return true; - case "false": - case "0": - return false; - default: + } else { return false; } } else { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java index 094e446..28f0645 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java @@ -51,6 +51,7 @@ import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import at.gv.egovernment.moaspss.util.Constants; import at.gv.egovernment.moaspss.util.DOMUtils; +import iaik.asn1.ObjectID; import iaik.pki.store.certstore.CertStoreException; import iaik.pki.store.truststore.TrustStoreException; import iaik.server.ConfigurationData; @@ -197,7 +198,7 @@ public class SystemInitializer { Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e); } catch (Throwable e) { Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e); - throw e; + throw new RuntimeException(e); } finally { logger.info("Configuration initialized"); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java index c48cecd..0480316 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -23,41 +23,19 @@ package at.gv.egovernment.moa.spss.server.invoke; -import iaik.server.modules.AdESFormVerificationResult; -import iaik.server.modules.AdESVerificationResult; -import iaik.server.modules.IAIKException; -import iaik.server.modules.IAIKRuntimeException; -import iaik.server.modules.SignatureVerificationProfile; -import iaik.server.modules.cmsverify.CMSSignatureVerificationModule; -import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory; -import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile; -import iaik.server.modules.cmsverify.CMSSignatureVerificationResult; -import iaik.server.modules.cmsverify.ExtendedCMSSignatureVerificationResult; -import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile; -import iaik.server.modules.pdfverify.PDFSignatureVerificationResult; -import iaik.util.logging.Log; -import iaik.server.modules.pdfverify.ExtendedPDFSignatureVerificationResult; -import iaik.server.modules.pdfverify.PDFSignatureVerificationModule; -import iaik.x509.X509Certificate; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.math.BigDecimal; -import java.security.MessageDigest; import java.util.ArrayList; import java.util.Date; import java.util.Iterator; import java.util.List; -import org.apache.commons.codec.binary.Hex; -import org.apache.commons.io.HexDump; -import org.apache.commons.io.IOUtils; -import org.slf4j.LoggerFactory; - import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.MOARuntimeException; import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent; import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentExcplicit; import at.gv.egovernment.moa.spss.api.cmsverify.CMSContentReference; @@ -75,6 +53,23 @@ import at.gv.egovernment.moa.spss.util.QCSSCDResult; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import iaik.server.ConfigurationException; +import iaik.server.modules.AdESFormVerificationResult; +import iaik.server.modules.AdESVerificationResult; +import iaik.server.modules.IAIKException; +import iaik.server.modules.IAIKRuntimeException; +import iaik.server.modules.SignatureVerificationProfile; +import iaik.server.modules.SignatureVerificationResult; +import iaik.server.modules.cmsverify.CMSSignatureVerificationModule; +import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory; +import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile; +import iaik.server.modules.cmsverify.CMSSignatureVerificationResult; +import iaik.server.modules.cmsverify.ExtendedCMSSignatureVerificationResult; +import iaik.server.modules.pdfverify.ExtendedPDFSignatureVerificationResult; +import iaik.server.modules.pdfverify.PDFSignatureVerificationModule; +import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile; +import iaik.server.modules.pdfverify.PDFSignatureVerificationResult; +import iaik.x509.X509Certificate; /** * A class providing an interface to the @@ -264,7 +259,11 @@ public class CMSSignatureVerificationInvoker { if (resultObject instanceof ExtendedCMSSignatureVerificationResult) { ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject; cmsResult = result.getCMSSignatureVerificationResult(); - adesResults = getAdESResult(result.getFormVerificationResult()); + try { + adesResults = getAdESResult(result); + } catch (ConfigurationException e) { + Logger.warn("Failed to provide extended validation results", e); + } if (adesResults != null) { Iterator adesIterator = adesResults.iterator(); @@ -363,7 +362,12 @@ public class CMSSignatureVerificationInvoker { if (resultObject instanceof ExtendedPDFSignatureVerificationResult) { ExtendedPDFSignatureVerificationResult result = (ExtendedPDFSignatureVerificationResult) resultObject; cmsResult = result.getPDFSignatureVerificationResult(); - adesResults = getAdESResult(result.getFormVerificationResult()); + try { + adesResults = getAdESResult(result); + } catch (ConfigurationException e) { + Logger.warn("Failed to provide extended validation results", e); + //throw new MOARuntimeException("config.52", null); + } if (adesResults != null) { Iterator adesIterator = adesResults.iterator(); @@ -508,6 +512,46 @@ public class CMSSignatureVerificationInvoker { } + private List getAdESResult(ExtendedCMSSignatureVerificationResult adesFormVerification) throws ConfigurationException { + if (adesFormVerification == null) { + // no form information + return null; + } + + List adesList = new ArrayList(); + + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA), + SignatureVerificationProfile.LEVEL_LTA, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT), + SignatureVerificationProfile.LEVEL_LT, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T), + SignatureVerificationProfile.LEVEL_T, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B), + SignatureVerificationProfile.LEVEL_B, adesList); + + return adesList; + } + + private List getAdESResult(ExtendedPDFSignatureVerificationResult adesFormVerification) throws ConfigurationException { + if (adesFormVerification == null) { + // no form information + return null; + } + + List adesList = new ArrayList(); + + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA), + SignatureVerificationProfile.LEVEL_LTA, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT), + SignatureVerificationProfile.LEVEL_LT, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T), + SignatureVerificationProfile.LEVEL_T, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B), + SignatureVerificationProfile.LEVEL_B, adesList); + + return adesList; + } + private List getAdESResult(AdESFormVerificationResult adesFormVerification) { if (adesFormVerification == null) { // no form information @@ -528,6 +572,22 @@ public class CMSSignatureVerificationInvoker { return adesList; } + private void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException { + if (subResult != null) { + Logger.info("Checking Level: " + level); + try { + AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); + adESFormResultsImpl.setCode(subResult.getResultCode().getCode()); + adESFormResultsImpl.setInfo(subResult.getInfo()); + adESFormResultsImpl.setName(subResult.getName()); + + adesList.add(adESFormResultsImpl); + } catch (NullPointerException e) { + Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e); + } + } + } + private void checkSubResult(AdESVerificationResult subResult, String level, List adesList) { if (subResult != null) { Logger.info("Checking Level: " + level); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index a8c3ea0..bea66b0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -73,11 +73,13 @@ import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import at.gv.egovernment.moaspss.util.CollectionUtils; import at.gv.egovernment.moaspss.util.Constants; +import iaik.server.ConfigurationException; import iaik.server.modules.AdESFormVerificationResult; import iaik.server.modules.AdESVerificationResult; import iaik.server.modules.IAIKException; import iaik.server.modules.IAIKRuntimeException; import iaik.server.modules.SignatureVerificationProfile; +import iaik.server.modules.SignatureVerificationResult; import iaik.server.modules.xml.DataObject; import iaik.server.modules.xml.XMLDataObject; import iaik.server.modules.xml.XMLSignature; @@ -233,7 +235,13 @@ public class XMLSignatureVerificationInvoker { } if(result != null) { - List adesResults = getAdESResult(result.getFormVerificationResult()); + List adesResults = null;//getAdESResult(result.getFormVerificationResult()); + + try { + adesResults = getAdESResult(result); + } catch (ConfigurationException e) { + Logger.warn("Failed to provide extended validation results", e); + } if (adesResults != null) { Iterator adesIterator = adesResults.iterator(); @@ -712,6 +720,42 @@ public class XMLSignatureVerificationInvoker { return filtered; } + private List getAdESResult(ExtendedXMLSignatureVerificationResult adesFormVerification) throws ConfigurationException { + if (adesFormVerification == null) { + // no form information + return null; + } + + List adesList = new ArrayList(); + + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA), + SignatureVerificationProfile.LEVEL_LTA, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT), + SignatureVerificationProfile.LEVEL_LT, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T), + SignatureVerificationProfile.LEVEL_T, adesList); + checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B), + SignatureVerificationProfile.LEVEL_B, adesList); + + return adesList; + } + + private void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException { + if (subResult != null) { + Logger.info("Checking Level: " + level); + try { + AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); + adESFormResultsImpl.setCode(subResult.getResultCode().getCode()); + adESFormResultsImpl.setInfo(subResult.getInfo()); + adESFormResultsImpl.setName(subResult.getName()); + + adesList.add(adESFormResultsImpl); + } catch (NullPointerException e) { + Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e); + } + } + } + private List getAdESResult(AdESFormVerificationResult adesFormVerification) { if (adesFormVerification == null) { // no form information diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java index 5139469..c42d406 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java @@ -1,5 +1,6 @@ package at.gv.egovernment.moa.spss.tsl.timer; +import iaik.asn1.ObjectID; import iaik.pki.store.certstore.CertStoreException; import iaik.pki.store.certstore.CertStoreParameters; import iaik.pki.store.truststore.TrustStoreException; @@ -114,6 +115,7 @@ public class TSLUpdaterTimerTask extends TimerTask { TrustStoreProfile[] trustStoreProfiles = new TrustStoreProfile[1]; trustStoreProfiles[0] = tsp; + Logger.debug(new LogMsg(msg.getMessage("config.43", new String[]{tp.getId()}))); tid = new TransactionId("TSLConfigurator-" + tp.getId()); @@ -193,11 +195,11 @@ public class TSLUpdaterTimerTask extends TimerTask { fis.close(); } - Logger.debug(new LogMsg("Add " + addCertificatesTSL.length + " certificates.")); + Logger.info(new LogMsg("Add " + addCertificatesTSL.length + " certificates to " + tp.getId() + " from TSL.")); storeUpdater.addCertificatesToTrustStores(addCertificatesTSL, tid); storeUpdater.addCertificatesToCertStores(addCertificatesTSL, tid); - Logger.debug(new LogMsg("Add " + addCertificates.length + " certificates.")); + Logger.info(new LogMsg("Add " + addCertificates.length + " certificates to " + tp.getId() + ".")); storeUpdater.addCertificatesToTrustStores(addCertificates, tid); storeUpdater.addCertificatesToCertStores(addCertificates, tid); } -- cgit v1.2.3