From 28f2f98fa819bee7aab0c6ec0c8327f53417a3b5 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 3 Apr 2020 14:36:08 +0200 Subject: fix possible nullPointerException CAdES verification lib in case of CAdES signature contains no certificate --- .../invoke/VerifyCMSSignatureResponseBuilder.java | 46 ++++++++++++---------- 1 file changed, 26 insertions(+), 20 deletions(-) (limited to 'moaSig/moa-sig-lib') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java index 2b2e2cf..37abc58 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java @@ -85,12 +85,10 @@ public class VerifyCMSSignatureResponseBuilder { public void addResult(CMSSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults, ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification) throws MOAException { + - CertificateValidationResult certResult = - result.getCertificateValidationResult(); - int signatureCheckCode = - result.getSignatureValueVerificationCode().intValue(); - int certificateCheckCode = certResult.getValidationResultCode().intValue(); + int signatureCheckCode = result.getSignatureValueVerificationCode().intValue(); + CertificateValidationResult certResult = result.getCertificateValidationResult(); VerifyCMSSignatureResponseElement responseElement; SignerInfo signerInfo; @@ -101,23 +99,31 @@ public class VerifyCMSSignatureResponseBuilder { //add signature algorithm name in case of extended validation String sigAlgName = null; - if (extendedVerification) + if (extendedVerification) { sigAlgName = result.getSignatureAlgorithmName(); + + } + + //set code 99 if not certcheckresult exists + int certificateCheckCode = 99; + if (certResult != null) { + certificateCheckCode = certResult.getValidationResultCode().intValue(); + + // add SignerInfo element + signerInfo = + factory.createSignerInfo( + (X509Certificate) certResult.getCertificateChain().get(0), + qualifiedCertificate, + qcSourceTSL, + certResult.isPublicAuthorityCertificate(), + certResult.getPublicAuthorityID(), + checkSSCD, + sscdSourceTSL, + issuerCountryCode, + result.getSigningTime(), + tslInfos); + } - // add SignerInfo element - signerInfo = - factory.createSignerInfo( - (X509Certificate) certResult.getCertificateChain().get(0), - qualifiedCertificate, - qcSourceTSL, - certResult.isPublicAuthorityCertificate(), - certResult.getPublicAuthorityID(), - checkSSCD, - sscdSourceTSL, - issuerCountryCode, - result.getSigningTime(), - tslInfos); - // add SignatureCheck element signatureCheck = factory.createCheckResult(signatureCheckCode, null); -- cgit v1.2.3