@Override public List<String> getClaimedRoles() { final List<XmlDom> list = getElements("/ConstraintsParameters/MainSignature/MandatedSignedQProperties/ClaimedRoles/Role"); final List<String> claimedRoles = XmlDom.convertToStringList(list); return claimedRoles; }
@Override public List<String> getCertifiedRoles() { final List<XmlDom> list = getElements("/ConstraintsParameters/MainSignature/MandatedSignedQProperties/CertifiedRoles/Role"); final List<String> claimedRoles = XmlDom.convertToStringList(list); return claimedRoles; }
/** * This function returns the list of qualifiers for the given certificate. * * @param certificate The certificate * @return the {@code List} of qualifiers or an empty list if the certificate is null. */ public static List<String> getQualifiers(final XmlDom certificate) { if (certificate == null) { return new ArrayList<String>(); } final List<XmlDom> qualifiersDomList = certificate.getElements("./TrustedServiceProvider/Qualifiers/Qualifier"); final List<String> qualifiers = XmlDom.convertToStringList(qualifiersDomList); return qualifiers; }
@Override public SignaturePolicyConstraint getSignaturePolicyConstraint() { final String level = getValue("/ConstraintsParameters/MainSignature/AcceptablePolicies/@Level"); if (DSSUtils.isNotBlank(level)) { final SignaturePolicyConstraint constraint = new SignaturePolicyConstraint(level); final List<XmlDom> policyList = getElements("/ConstraintsParameters/MainSignature/AcceptablePolicies/Id"); final List<String> identifierList = XmlDom.convertToStringList(policyList); constraint.setIdentifiers(identifierList); constraint.setExpectedValue(identifierList.toString()); return constraint; } return null; }
@Override public Constraint getCommitmentTypeIndicationConstraint() { final String level = getValue("/ConstraintsParameters/MainSignature/MandatedSignedQProperties/CommitmentTypeIndication/@Level"); if (DSSUtils.isNotBlank(level)) { final Constraint constraint = new Constraint(level); final List<XmlDom> commitmentTypeIndications = getElements("/ConstraintsParameters/MainSignature/MandatedSignedQProperties/CommitmentTypeIndication/Identifier"); final List<String> identifierList = XmlDom.convertToStringList(commitmentTypeIndications); constraint.setExpectedValue(identifierList.toString()); constraint.setIdentifiers(identifierList); return constraint; } return null; }
@Override public Constraint getClaimedRoleConstraint() { final String level = getValue("/ConstraintsParameters/MainSignature/MandatedSignedQProperties/ClaimedRoles/@Level"); if (DSSUtils.isNotBlank(level)) { final Constraint constraint = new Constraint(level); final List<XmlDom> claimedRoles = getElements("/ConstraintsParameters/MainSignature/MandatedSignedQProperties/ClaimedRoles/Role"); final List<String> claimedRoleList = XmlDom.convertToStringList(claimedRoles); constraint.setExpectedValue(claimedRoleList.toString()); constraint.setIdentifiers(claimedRoleList); return constraint; } return null; }
@Override public Constraint getSigningCertificateKeyUsageConstraint(final String context) { final String level = getValue("/ConstraintsParameters/%s/SigningCertificate/KeyUsage/@Level", context); if (DSSUtils.isNotBlank(level)) { final Constraint constraint = new Constraint(level); final List<XmlDom> keyUsages = getElements("/ConstraintsParameters/%s/SigningCertificate/KeyUsage/Identifier", context); final List<String> identifierList = XmlDom.convertToStringList(keyUsages); constraint.setExpectedValue(identifierList.toString()); constraint.setIdentifiers(identifierList); return constraint; } return null; }
@Override protected SignatureCryptographicConstraint getSignatureCryptographicConstraint_(final String rootXPathQuery, final String context, final String subContext) { final String level = getValue(rootXPathQuery + "/@Level"); if (DSSUtils.isNotBlank(level)) { final SignatureCryptographicConstraint constraint = new SignatureCryptographicConstraint(level, context, subContext); final List<XmlDom> encryptionAlgoList = getElements(rootXPathQuery + "/AcceptableEncryptionAlgo/Algo"); final List<String> encryptionAlgoStringList = XmlDom.convertToStringList(encryptionAlgoList); constraint.setEncryptionAlgorithms(encryptionAlgoStringList); final List<XmlDom> digestAlgoList = getElements(rootXPathQuery + "/AcceptableDigestAlgo/Algo"); final List<String> digestAlgoStringList = XmlDom.convertToStringList(digestAlgoList); constraint.setDigestAlgorithms(digestAlgoStringList); final List<XmlDom> miniPublicKeySizeList = getElements(rootXPathQuery + "/MiniPublicKeySize/Algo"); final Map<String, String> miniPublicKeySizeStringMap = XmlDom.convertToStringMap(miniPublicKeySizeList, SIZE); constraint.setMinimumPublicKeySizes(miniPublicKeySizeStringMap); final List<XmlDom> algoExpirationDateList = getElements("/ConstraintsParameters/Cryptographic/AlgoExpirationDate/Algo"); final Map<String, Date> algoExpirationDateStringMap = XmlDom.convertToStringDateMap(algoExpirationDateList, DATE); constraint.setAlgorithmExpirationDates(algoExpirationDateStringMap); return constraint; } return null; }
/** * Check of unsigned qualifying property: claimed roles * * @param conclusion the conclusion to use to add the result of the check. * @return false if the check failed and the process should stop, true otherwise. */ private boolean checkClaimedRoleConstraint(final Conclusion conclusion) { final Constraint constraint = constraintData.getClaimedRoleConstraint(); if (constraint == null) { return true; } constraint.create(subProcessNode, BBB_SAV_ICRM); final List<XmlDom> claimedRolesXmlDom = signatureContext.getElements("./ClaimedRoles/ClaimedRole"); final List<String> claimedRoles = XmlDom.convertToStringList(claimedRolesXmlDom); // TODO (Bob) to be implemented fro each claimed role. Attendance must be taken into account. final String attendance = constraintData.getCertifiedRolesAttendance(); String claimedRole = null; for (String claimedRole_ : claimedRoles) { claimedRole = claimedRole_; break; } if ("ANY".equals(attendance)) { constraint.setExpectedValue("*"); } constraint.setValue(claimedRole); constraint.setIndications(INVALID, SIG_CONSTRAINTS_FAILURE, BBB_SAV_ICRM_ANS); constraint.setConclusionReceiver(conclusion); boolean check = constraint.checkInList(); return check; }
/** * This method checks if the signing certificate has an appropriate key usage. * * @param conclusion the conclusion to use to add the result of the check. * @param certificateId * @param certificateXmlDom * @return */ private boolean checkKeyUsageConstraint(Conclusion conclusion, String certificateId, XmlDom certificateXmlDom) { final Constraint constraint = constraintData.getSigningCertificateKeyUsageConstraint(contextName); if (constraint == null) { return true; } constraint.create(validationDataXmlNode, BBB_XCV_ISCGKU); final List<XmlDom> keyUsageBits = certificateXmlDom.getElements("./KeyUsageBits/KeyUsage"); final List<String> stringList = XmlDom.convertToStringList(keyUsageBits); constraint.setValue(stringList); constraint.setIndications(INVALID, SIG_CONSTRAINTS_FAILURE, BBB_XCV_ISCGKU_ANS); constraint.setAttribute(CERTIFICATE_ID, certificateId); constraint.setConclusionReceiver(conclusion); return constraint.checkInList(); }
final List<String> certifiedRoles = XmlDom.convertToStringList(certifiedRolesXmlDom); final String certifiedRolesString = RuleUtils.toString(certifiedRoles);