diff options
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java')
| -rw-r--r-- | src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java | 45 |
1 files changed, 32 insertions, 13 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java index 3437a6e..b4818cd 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java @@ -1099,6 +1099,7 @@ public class SignatureObject implements Serializable if (cert_store_dir.isDirectory())
{
String cert_file_name = cert_store_path + FILE_SEP + serial_number + CERT_FILE_EXTENSION;
+ logger_.debug("Adding cert (issuer=\"" + cert.getIssuerName() + "\", sn=\"" + cert.getSerialNumber() + "\") to certstore: \"" + cert_file_name + "\".");
// boolean store =
FileHelper.writeToFile(cert_file_name, cert.getCertString());
// System.err.println("store:" + store + ":" +
@@ -1114,6 +1115,16 @@ public class SignatureObject implements Serializable }
}
}
+
+ private X509Cert loadCertificateFromCertstore(String serialNumber, String issuer) {
+ String iss_hash = getIssuerFileHash(issuer);
+ String cert_store_path = certPath_ + iss_hash;
+ String cert_file_name = cert_store_path + FILE_SEP + serialNumber + CERT_FILE_EXTENSION;
+ if (logger_.isDebugEnabled()) {
+ logger_.debug("Trying to load cert (issuer=\"" + (issuer != null ? normalizeIssuer(issuer) : issuer) + "\", sn=\"" + serialNumber + "\") from certstore: \"" + cert_file_name + "\".");
+ }
+ return X509Cert.initByFilePath(cert_file_name);
+ }
/**
* This method load a X509v3 certificate from the filesystem. The reference to
@@ -1154,14 +1165,16 @@ public class SignatureObject implements Serializable X509Cert cert = null;
if (issuer != null && serialNumber != null)
{
- String iss_hash = getIssuerFileHash(issuer);
- String cert_store_path = certPath_ + iss_hash;
- String cert_file_name = cert_store_path + FILE_SEP + serialNumber + CERT_FILE_EXTENSION;
- if (logger_.isDebugEnabled())
- {
- logger_.debug("load certificate:" + cert_file_name);
+ cert = loadCertificateFromCertstore(serialNumber, issuer);
+ if (cert == null) {
+ logger_.debug("Certificate not found. Trying alternative normalization method.");
+ try {
+ Name issuerName = new RFC2253NameParser(issuer).parse();
+ cert = loadCertificateFromCertstore(serialNumber, issuerName.getRFC2253String(false));
+ } catch (RFC2253NameParserException e) {
+ logger_.error(e);
+ }
}
- cert = X509Cert.initByFilePath(cert_file_name);
if (cert == null)
{
@@ -1180,14 +1193,14 @@ public class SignatureObject implements Serializable storeNewCertificateInLocalStore(cert_data);
- // load the local cert
- cert = X509Cert.initByFilePath(cert_file_name);
-
+ cert = X509Cert.initByByteArray(cert_data);
if (cert == null)
{
logger_.debug("The certificate should be loaded here, but is null - something's wrong.");
}
}
+ } else {
+ logger_.warn("loadCertificate(\"" + serialNumber + "\", \"" + issuer + "\")");
}
return cert;
}
@@ -1220,9 +1233,15 @@ public class SignatureObject implements Serializable FileOutputStream fos = new FileOutputStream(save_file);
fos.write(cert_data);
fos.close();
- }
- catch (IOException e)
- {
+ // fixed by tknall: if serialnumber or issuername is omitted (binary signature) the
+ // certificate could not be found in the certstore. The fix sets the issuername and
+ // serialnumber as long the are known.
+ X509Cert cert = X509Cert.initByByteArray(cert_data);
+ if (cert.isX509Cert()) {
+ this.setSignationSerialNumber(cert.getSerialNumber());
+ this.setSignationIssuer(cert.getIssuerName());
+ }
+ } catch (IOException e) {
e.printStackTrace();
return;
}
|