package at.gv.egovernment.moa.spss.util; import java.util.ArrayList; import java.util.Iterator; import java.util.List; import at.gv.egovernment.moa.spss.api.common.ExtendedCertificateCheckResult; import at.gv.egovernment.moa.spss.api.impl.AdESFormResultsImpl; import at.gv.egovernment.moa.spss.api.impl.ExtendedCertificateCheckResultImpl; import at.gv.egovernment.moaspss.logging.Logger; import iaik.esi.sva.validation.ValidationReport; import iaik.server.ConfigurationException; import iaik.server.modules.AdESVerificationResult; import iaik.server.modules.SignatureVerificationProfile; import iaik.server.modules.SignatureVerificationResult; import iaik.server.modules.resultcodes.ResultCode; import iaik.server.modules.resultcodes.ResultCodeError; import iaik.server.modules.resultcodes.ResultCodeInvalid; import iaik.server.modules.resultcodes.ResultCodeSkipped; import iaik.server.modules.resultcodes.ResultCodeValid; public class AdESResultUtils { private static final int MAJORRESULTCODESKIPPED = new Integer(3); private static final int MAJORRESULTCODEERROR = new Integer(4); public static Integer getResultCode(Integer adesCode) { return adesCode; } public static ExtendedCertificateCheckResult getExtendedResult( iaik.server.modules.resultcodes.ResultCode resultCode) { ExtendedCertificateCheckResult check = null; int majorCode = -1; String majorInfo = ""; int minorCode = -1; String minorInfo = ""; Logger.debug("Generating extendend validation result: " + resultCode.toString()); if (resultCode instanceof ResultCodeValid) { majorCode = SignatureVerificationResult.VALID; majorInfo = "VALID"; } else if (resultCode instanceof ResultCodeInvalid) { majorCode = SignatureVerificationResult.INVALID; majorInfo = "INVALID"; } else if (resultCode instanceof ResultCodeSkipped) { majorCode = MAJORRESULTCODESKIPPED; majorInfo = "SKIPPED"; } else if (resultCode instanceof ResultCodeError) { majorCode = MAJORRESULTCODEERROR; majorInfo = "ERROR"; } else { majorCode = SignatureVerificationResult.INDETERMINATE; majorInfo = "INDETERMINATE"; } if (resultCode.getCode() != null) { minorCode = resultCode.getCode(); if (resultCode.getCode().equals(ResultCode.CODE_CHAIN_CONSTRAINTS_FAILURE)) { minorInfo = "CHAIN_CONSTRAINTS_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_CRYPTO_CONSTRAINTS_FAILURE)) { minorInfo = "CRYPTO_CONSTRAINTS_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_CRYPTO_CONSTRAINTS_FAILURE_NO_POE)) { minorInfo = "CRYPTO_CONSTRAINTS_FAILURE_NO_POE"; } else if (resultCode.getCode().equals(ResultCode.CODE_EXPIRED)) { minorInfo = "EXPIRED"; } else if (resultCode.getCode().equals(ResultCode.CODE_FORMAT_FAILURE)) { minorInfo = "FORMAT_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_GENERIC)) { minorInfo = "GENERIC"; } else if (resultCode.getCode().equals(ResultCode.CODE_HASH_FAILURE)) { minorInfo = "HASH_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_NO_CERTIFICATE_CHAIN_FOUND)) { minorInfo = "NO_CERTIFICATE_CHAIN_FOUND"; } else if (resultCode.getCode().equals(ResultCode.CODE_NO_POE)) { minorInfo = "NO_POE"; } else if (resultCode.getCode().equals(ResultCode.CODE_NO_POLICY)) { minorInfo = "NO_POLICY"; } else if (resultCode.getCode().equals(ResultCode.CODE_NOT_YET_VALID)) { minorInfo = "NOT_YET_VALID"; } else if (resultCode.getCode().equals(ResultCode.CODE_OUT_OF_BOUNDS_NO_POE)) { minorInfo = "OUT_OF_BOUNDS_NO_POE"; } else if (resultCode.getCode().equals(ResultCode.CODE_POLICY_PROCESSING_ERROR)) { minorInfo = "POLICY_PROCESSING_ERROR"; } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED)) { minorInfo = "REVOKED"; } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED_CA_NO_POE)) { minorInfo = "REVOKED_CA_NO_POE"; } else if (resultCode.getCode().equals(ResultCode.CODE_REVOKED_NO_POE)) { minorInfo = "REVOKED_NO_POE"; } else if (resultCode.getCode().equals(ResultCode.CODE_SIG_CONSTRAINTS_FAILURE)) { minorInfo = "SIG_CONSTRAINTS_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_SIG_CRYPTO_FAILURE)) { minorInfo = "SIG_CRYPTO_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_SIGNED_DATA_NOT_FOUND)) { minorInfo = "SIGNED_DATA_NOT_FOUND"; } else if (resultCode.getCode().equals(ResultCode.CODE_TIMESTAMP_ORDER_FAILURE)) { minorInfo = "TIMESTAMP_ORDER_FAILURE"; } else if (resultCode.getCode().equals(ResultCode.CODE_TRY_LATER)) { minorInfo = "TRY_LATER"; } else if (resultCode.getCode().equals(ResultCode.CODE_UNKNOWN_COMMITMENT_TYPE)) { minorInfo = "UNKNOWN_COMMITMENT_TYPE"; } else if (resultCode.getCode().equals(ResultCode.SUCCESS)) { minorInfo = "SUCCESS"; } else if (resultCode.getCode().equals(ResultCode.ERROR)) { minorInfo = "ERROR"; } else if (resultCode.getCode().equals(ResultCode.UNKNOWN_SUBFILTER)) { minorInfo = "UNKNOWN_SUBFILTER"; } else if (resultCode.getCode().equals(ResultCode.CODE_NO_SIGNER_CERTIFICATE_FOUND)) { minorInfo = "NO_SIGNER_CERTIFICATE_FOUND"; // pdf-as 3.x detection is removed from MOA-SP since 3.1.2 } else if (resultCode.getCode().equals(ResultCode.PDF_AS_SIGNATURE)) { // minorInfo = "PDF_AS_SIGNATURE"; minorInfo = "UNKNOWN_SUBFILTER"; minorCode = ResultCode.UNKNOWN_SUBFILTER; } } check = new ExtendedCertificateCheckResultImpl(majorCode, majorInfo, minorCode, minorInfo); return check; } public static List getAdESResult(iaik.server.modules.AdESFormVerificationResult adesFormVerification) { if (adesFormVerification == null) { // no form information return null; } final List adesList = new ArrayList(); // add only the completed form result to response final String completedForm = adesFormVerification.getCompleteForm(); Logger.info("Find complete Form: " + completedForm); /* * This code only returns the result of the completed form */ // if (MiscUtil.isNotEmpty(completedForm)) { // Logger.info("Form-validation found completed form: " + completedForm); // AdESVerificationResult subResult = adesFormVerification.getSubResult(completedForm); // checkSubResult(subResult, completedForm, adesList); // if (Logger.isDebugEnabled()) // Logger.debug("Detailed Result: \n" + subResult.getInfo()); // // } else // Logger.info("Form-valdition found NO completed form."); // // if (Logger.isDebugEnabled()) // Logger.debug("Full form-validation result: \n" + adesFormVerification.getInfo()); /* * This code returns the result for all forms */ // add results for all form types to response checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LTA), SignatureVerificationProfile.LEVEL_LTA, adesList); checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_LT), SignatureVerificationProfile.LEVEL_LT, adesList); checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_T), SignatureVerificationProfile.LEVEL_T, adesList); checkSubResult(adesFormVerification.getSubResult(SignatureVerificationProfile.LEVEL_B), SignatureVerificationProfile.LEVEL_B, adesList); return adesList; } public static void buildResult(ValidationReport report, List adesList) { if (report == null) { return; } final AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); adESFormResultsImpl.setCode(report.getStatus().ordinal()); adESFormResultsImpl.setInfo(report.getLongText()); adESFormResultsImpl.setName(report.getValidationName()); adesList.add(adESFormResultsImpl); if (report.getSubValidationReports() != null && !report.getSubValidationReports().isEmpty()) { final Iterator reportIt = report.getSubValidationReports().iterator(); while (reportIt.hasNext()) { buildResult(reportIt.next(), adesList); } } } public static void checkSubResult(AdESVerificationResult subResult, String level, List adesList) { if (subResult != null) { Logger.debug("Checking Level: " + level); try { final AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); adESFormResultsImpl.setCode(subResult.getResultCode()); Logger.debug("RESULT: " + String.valueOf(subResult.getResultCode())); adESFormResultsImpl.setInfo(subResult.getInfo()); adESFormResultsImpl.setName(level); adesList.add(adESFormResultsImpl); } catch (final NullPointerException e) { Logger.warn("Catching NullPointer Exception, of invalid Form Results", e); } } else { Logger.info("Subresult Level: " + level + " not available"); } } public static void checkSubResult(SignatureVerificationResult subResult, String level, List adesList) throws ConfigurationException { if (subResult != null) { Logger.debug("Checking Level: " + level); try { final AdESFormResultsImpl adESFormResultsImpl = new AdESFormResultsImpl(); final iaik.server.modules.resultcodes.ResultCode resultCode = subResult.getResultCode(); if (resultCode instanceof ResultCodeValid) { adESFormResultsImpl.setCode(SignatureVerificationResult.VALID);// .getResultCode().getCode())); } else if (resultCode instanceof ResultCodeInvalid) { adESFormResultsImpl.setCode(SignatureVerificationResult.INVALID); } else { adESFormResultsImpl.setCode(SignatureVerificationResult.INDETERMINATE); } Logger.debug("RESULT: " + resultCode.toString()); adESFormResultsImpl.setInfo(subResult.getInfo()); adESFormResultsImpl.setName(level); adesList.add(adESFormResultsImpl); } catch (final NullPointerException e) { Logger.warn("Catching NullPointer Exception, of invalid? Form Results", e); } } else { Logger.info("Subresult Level: " + level + " not available"); } } }