Beispiel #1
0
  private Attribute verifyAttributesRecursively(Attribute attribute) throws NetInfCheckedException {
    // Result of Verification should not be present before Attribute has been verified. Delete such
    // information
    if (attribute.getSingleSubattribute(
            DefinedAttributeIdentification.SIGNATURE_VERIFICATION_FAILED.getURI())
        != null) {
      attribute.removeSubattribute(
          DefinedAttributeIdentification.SIGNATURE_VERIFICATION_FAILED.getURI());
    }

    if (attribute.getSingleSubattribute(DefinedAttributeIdentification.SIGNATURE.getURI())
        != null) {
      // A Signature-Attribute without a corresponding SignatureIdentification-Subattribute is
      // invalid. Remove
      // Signature.
      if (attribute
              .getSingleSubattribute(DefinedAttributeIdentification.SIGNATURE.getURI())
              .getSingleSubattribute(
                  DefinedAttributeIdentification.SIGNATURE_IDENTIFICATION.getURI())
          == null) {
        attribute.removeSubattribute(DefinedAttributeIdentification.SIGNATURE.getURI());

        // A Writer-Attribute without a corresponding signature attribute is an instruction to sign
        // if possible. An incoming
        // object should have no instructions since the sender is not trusted. The instruction is
        // deleted.
        if (attribute.getSingleSubattribute(DefinedAttributeIdentification.WRITER.getURI())
            == null) {
          attribute.removeSubattribute(DefinedAttributeIdentification.WRITER.getURI());
        }
      }
      IntegrityResult integrityResult = this.integrity.isSignatureValid(attribute);
      if (this.suppressCorruptedIOs) {
        switch (integrityResult) {
          case INTEGRITY_CHECK_FAIL:
            throw new NetInfCheckedSecurityException("Integrity check failed.");
          case INTEGRITY_NOT_TESTABLE:
            throw new NetInfCheckedSecurityException("Integrity not testable.");
          case INTEGRITY_CHECK_SUCCEEDED:
            break;
          default:
            throw new NetInfCheckedSecurityException("Integrity check result unknown.");
        }
      } else {
        // A Writer-Attribute without a corresponding signature attribute is an instruction to sign
        // if possible. An incoming
        // object should have no instructions since the sender is not trusted. The instruction is
        // deleted.
        if (attribute.getSingleSubattribute(DefinedAttributeIdentification.WRITER.getURI())
            == null) {
          attribute.removeSubattribute(DefinedAttributeIdentification.SIGNATURE.getURI());
        }
      }

      // TODO wait for convenient methods to create IOs
      IdentityVerificationResult identityResult =
          this.identityVerification.isWriterVerified(attribute);
      if (this.suppressCorruptedIOs) {
        switch (identityResult) {
          case IDENTITY_NOT_VERIFIABLE:
            throw new NetInfCheckedSecurityException("Identity not verifiable.");
          case IDENTITY_VERIFICATION_FAILED:
            throw new NetInfCheckedSecurityException("Identity verification failed.");
          case IDENTITY_VERIFICATION_SUCCEEDED:
            break;
          default:
            throw new NetInfCheckedSecurityException("Identity verification result unknown.");
        }
      }
    }

    List<Attribute> subattributes = attribute.getSubattributes();
    for (Attribute subattribute : subattributes) {
      Attribute newSubattribute = verifyAttributesRecursively(subattribute);
      // if a new Attribute was created the old one gets replaced.
      if (newSubattribute != subattribute) {
        attribute.removeSubattribute(subattribute);
        if (newSubattribute != null) {
          attribute.addSubattribute(newSubattribute);
        }
      }
    }
    return attribute;
  }
Beispiel #2
0
  private InformationObject verifyInformationObjectRecursively(InformationObject informationObject)
      throws NetInfCheckedException, NoSuchAlgorithmException {
    // Result of Verification should not be present before IO has been verified. Delete such
    // information
    if (informationObject.getSingleAttribute(
            DefinedAttributeIdentification.SIGNATURE_VERIFICATION_FAILED.getURI())
        != null) {
      informationObject.removeAttribute(
          DefinedAttributeIdentification.SIGNATURE_VERIFICATION_FAILED.getURI());
    }

    if (informationObject.getSingleAttribute(DefinedAttributeIdentification.SIGNATURE.getURI())
        != null) {
      // A Signature-Attribute without a corresponding SignatureIdentigication attribute is invalid.
      // It is deleted.
      if (informationObject
              .getSingleAttribute(DefinedAttributeIdentification.SIGNATURE.getURI())
              .getSingleSubattribute(
                  DefinedAttributeIdentification.SIGNATURE_IDENTIFICATION.getURI())
          != null) {
        informationObject.removeAttribute(DefinedAttributeIdentification.SIGNATURE.getURI());
        // A Writer-Attribute without a corresponding signature attribute is an instruction to sign
        // if possible. An incoming
        // object should have no instructions since the sender is not trusted. The instruction is
        // deleted.
        if (informationObject.getSingleAttribute(DefinedAttributeIdentification.WRITER.getURI())
            != null) {
          informationObject.removeAttribute(DefinedAttributeIdentification.WRITER.getURI());
        }
      } else {

        IntegrityResult result = this.integrity.isSignatureValid(informationObject);
        if (this.suppressCorruptedIOs) {
          switch (result) {
            case INTEGRITY_CHECK_FAIL:
              throw new NetInfCheckedSecurityException("Integrity check failed.");
            case INTEGRITY_NOT_TESTABLE:
              throw new NetInfCheckedSecurityException("Integrity not testable.");
            case INTEGRITY_CHECK_SUCCEEDED:
              break;
            default:
              throw new NetInfCheckedSecurityException("Integrity check result unknown.");
          }
        }
        // TODO wait for convenient methods to create IOs
        verifyIdenties(informationObject);
      }
    } else {
      // A Writer-Attribute without a corresponding signature attribute is an instruction to sign if
      // possible. An incoming
      // object should have no instructions since the sender is not trusted. The instruction is
      // deleted.
      if (informationObject.getSingleAttribute(DefinedAttributeIdentification.WRITER.getURI())
          != null) {
        informationObject.removeAttribute(DefinedAttributeIdentification.WRITER.getURI());
      }
    }

    List<Attribute> attributes = informationObject.getAttributes();
    for (Attribute attribute : attributes) {
      Attribute newAttribute = verifyAttributesRecursively(attribute);
      // if a new Attribute was created the old one gets replaced.
      if (newAttribute != attribute) {
        informationObject.removeAttribute(attribute);
        if (newAttribute != null) {
          informationObject.addAttribute(newAttribute);
        }
      }
    }
    return informationObject;
  }