From b89aa14c2cdf4ad39aa2c8411562959121e66ca0 Mon Sep 17 00:00:00 2001 From: rpiazzi Date: Tue, 30 Aug 2011 14:24:46 +0000 Subject: Bug-Fix for EMAIL/EMAILADDRESS problem in ZID documents git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@799 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/sig/SignatureObject.java | 83 +++++++++++++++++++--- 1 file changed, 74 insertions(+), 9 deletions(-) diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java index 6fffa84..8855b86 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java @@ -749,15 +749,26 @@ public class SignatureObject implements Serializable } // take rdn from textual representation RDNValuePair rdnVP = (RDNValuePair) rdnList.get(i); - result.append(rdnVP.getRdn()).append("="); - // take value from certificate but make sure that we do not have a BER encoding - if (rdnVP.getValue().startsWith("#")) { - // BER encoding -> take value from text representation - result.append(rdnVP.getValue()); - } else { - // no BER encoding -> take value from certificate - result.append(values[values.length - 1 - i].getAVA().getValueAsString()); - } + // Note: Do not take RDN from extraction but from certificate + // (Bug-Fix for EMAIL/EMAILADDRESS problem in ZID documents) + + // take value from certificate but make sure that we do not have a + // BER encoding + if (rdnVP.getValue().startsWith("#")) { + + // take rdn from textual representation + result.append(rdnVP.getRdn()).append("="); + // BER encoding -> take value from text representation + result.append(rdnVP.getValue()); + } else { + // no BER encoding -> take value from certificate + // also take RDN from certificate if possible + String certValue = values[values.length - 1 - i].getAVA() + .getValueAsString(); + String rdn = resolveRDN(nameFromCertificate, certValue, rdnVP.getRdn()); + result.append(rdn + "=").append(certValue); + } + } String merged = result.toString(); if (logger_.isDebugEnabled()) { @@ -775,6 +786,60 @@ public class SignatureObject implements Serializable return merged; } + /** + * This method tries to resolve the RDN corresponding to a given value from the certificate String. + * As values might occur multiple times for different RDNs, an unambiguous resolving cannot be assured. + * In case of ambiguity, the RDN extracted from text is returned by default. + * + * This method is a bug fix for a problem that caused the verification of ZID documents to fail as the RDN + * from the extracted text ("EMAILADDRESS") was different to the RDN in the certificate ("EMAIL") + * + * @param certString + * The String obtained from the certificate + * @param value + * The RDN's value + * @param extractedRDN + * The RDN extracted from the given text + * @return + * The resolved RDN from the certificate, or the RDN from text extraction + */ + private static String resolveRDN(String certString, String value, String extractedRDN) { + + if(!certString.contains(value)) { + + // given value cannot be found in certificate string + return extractedRDN; + } + + if(certString.indexOf(value) != certString.lastIndexOf(value)) { + + // given value is ambiguous - cannot resolve RDN from certificate string + return extractedRDN; + } + + String[] parts = certString.split(",|;"); + String val = value.trim(); + + for(int i=0; i