private void extractRevocationDataFromCertificateChain(Set<RevocationWrapper> result, List<String> certificateChainIds) { for (String certificateId : certificateChainIds) { CertificateWrapper certificate = diagnosticData.getUsedCertificateById(certificateId); if (certificate != null && certificate.getRevocationData() != null) { result.addAll(certificate.getRevocationData()); } } }
private Date getExpirationDateForSigningCertificate(SignatureWrapper currentSignature) { CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); if (signingCertificate != null) { return signingCertificate.getNotAfter(); } return null; }
public SimpleCertificateReport build() { SimpleCertificateReport simpleReport = new SimpleCertificateReport(); simpleReport.setValidationTime(currentTime); List<XmlChainItem> chain = new ArrayList<XmlChainItem>(); CertificateWrapper certificate = diagnosticData.getUsedCertificateById(certificateId); XmlChainItem firstChainItem = getChainItem(certificate); addQualifications(firstChainItem); chain.add(firstChainItem); List<String> certificateChainIds = certificate.getCertificateChainIds(); for (String certId : certificateChainIds) { CertificateWrapper issuer = diagnosticData.getUsedCertificateById(certId); chain.add(getChainItem(issuer)); } simpleReport.setChain(chain); return simpleReport; }
private ChainItem<XmlValidationProcessLongTermData> revocationDateAfterBestSignatureDate(Date bestSignatureTime) { LevelConstraint constraint = policy.getRevocationTimeAgainstBestSignatureTime(); CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); return new RevocationDateAfterBestSignatureTimeCheck(result, signingCertificate, bestSignatureTime, constraint); }
private ChainItem<XmlValidationProcessLongTermData> bestSignatureTimeNotBeforeCertificateIssuance(Date bestSignatureTime) { CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); return new BestSignatureTimeNotBeforeCertificateIssuanceCheck(result, bestSignatureTime, signingCertificate, policy.getBestSignatureTimeBeforeIssuanceDateOfSigningCertificateConstraint()); }
/** * This method returns a certificate wrapper for the given certificate id * * @param id * the certificate id * @return a certificate wrapper (or empty object) */ public CertificateWrapper getUsedCertificateByIdNullSafe(String id) { CertificateWrapper cert = getUsedCertificateById(id); if(cert != null) { return cert; } return new CertificateWrapper(new XmlCertificate()); // TODO improve ? }
DetailedReport build() { DetailedReport detailedReport = init(); CertificateWrapper certificate = diagnosticData.getUsedCertificateById(certificateId); CertificateWrapper rootCertificate = diagnosticData.getUsedCertificateById(certificate.getLastChainCertificateId()); Map<String, XmlBasicBuildingBlocks> bbbs = new HashMap<String, XmlBasicBuildingBlocks>(); process(Collections.singleton(certificate), Context.CERTIFICATE, bbbs); detailedReport.getBasicBuildingBlocks().addAll(bbbs.values()); XmlBasicBuildingBlocks basicBuildingBlocks = bbbs.get(certificate.getId()); CertificateQualificationBlock cqb = new CertificateQualificationBlock(basicBuildingBlocks.getConclusion(), currentTime, certificate, rootCertificate, detailedReport.getTLAnalysis(), diagnosticData.getLOTLCountryCode()); detailedReport.setCertificate(cqb.execute()); return detailedReport; }
private Date getRevocationDateForSigningCertificate(SignatureWrapper currentSignature) { CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); if (signingCertificate != null && signingCertificate.getRevocationData() != null) { return signingCertificate.getLatestRevocationData().getRevocationDate(); } return null; }
CertificateWrapper revocCert = diagnosticData.getUsedCertificateById(revocationSigningCertificateId); if (revocCert != null) { Date expiredCertsRevocationInfo = revocCert.getCertificateTSPServiceExpiredCertsRevocationInfo();
CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(signature.getSigningCertificateId()); if (signingCertificate != null) { CertificateWrapper rootCertificate = diagnosticData.getUsedCertificateById(signingCertificate.getLastChainCertificateId());
CertificateWrapper certificate = diagnosticData.getUsedCertificateById(certChainItem.getId()); if (certificate.isTrusted()) { certificateChain = token.getCertificateChain(); for (XmlChainItem certChainItem : certificateChain) { CertificateWrapper certificate = diagnosticData.getUsedCertificateById(certChainItem.getId()); if (certificate.isTrusted()) {
private String getReadableCertificateName(String certId) { CertificateWrapper signingCert = diagnosticData.getUsedCertificateById(certId); if (signingCert != null) { if (Utils.isStringNotEmpty(signingCert.getCommonName())) { return signingCert.getCommonName(); } if (Utils.isStringNotEmpty(signingCert.getGivenName())) { return signingCert.getGivenName(); } if (Utils.isStringNotEmpty(signingCert.getSurname())) { return signingCert.getSurname(); } if (Utils.isStringNotEmpty(signingCert.getPseudo())) { return signingCert.getPseudo(); } if (Utils.isStringNotEmpty(signingCert.getOrganizationName())) { return signingCert.getOrganizationName(); } if (Utils.isStringNotEmpty(signingCert.getOrganizationalUnit())) { return signingCert.getOrganizationalUnit(); } } return "?"; }
private XmlXCV executeX509CertificateValidation() { if (Context.CERTIFICATE.equals(context)) { CertificateWrapper certificate = (CertificateWrapper) token; X509CertificateValidation xcv = new X509CertificateValidation(diagnosticData, certificate, currentTime, certificate.getNotBefore(), context, policy); return xcv.execute(); } else { CertificateWrapper certificate = diagnosticData.getUsedCertificateById(token.getSigningCertificateId()); if (certificate != null) { if (Context.SIGNATURE.equals(context) || Context.COUNTER_SIGNATURE.equals(context)) { X509CertificateValidation xcv = new X509CertificateValidation(diagnosticData, certificate, currentTime, certificate.getNotBefore(), context, policy); return xcv.execute(); } else if (Context.TIMESTAMP.equals(context)) { X509CertificateValidation xcv = new X509CertificateValidation(diagnosticData, certificate, currentTime, ((TimestampWrapper) token).getProductionTime(), context, policy); return xcv.execute(); } else if (Context.REVOCATION.equals(context)) { X509CertificateValidation xcv = new X509CertificateValidation(diagnosticData, certificate, currentTime, ((RevocationWrapper) token).getProductionDate(), context, policy); return xcv.execute(); } } } return null; }
CertificateWrapper certificate = diagnosticData.getUsedCertificateById(certificateId); if (certificate.isTrusted()) { continue;
CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(token.getSigningCertificateId());