<SOURCES />
</library>
</orderEntry>
+ <orderEntry type="library" name="json-simple-1.1.1" level="project" />
</component>
</module>
\ No newline at end of file
Manifest-Version: 1.0
Main-Class: org.adullact.liberattest.Main
-Class-Path: bcpkix-jdk15on-1.52.jar bcprov-jdk15on-1.52.jar itext-pdfa-5.5.7.jar itextpdf-5.5.7.jar tika-core-0.4.jar xmlsec-2.0.5.jar
+Class-Path: bcpkix-jdk15on-1.52.jar bcprov-jdk15on-1.52.jar itext-pdfa-5.5.7.jar itextpdf-5.5.7.jar tika-core-0.4.jar xmlsec-2.0.5.jar json-simple-1.1.1.jar
import org.adullact.liberattest.parser.ContentParser;
import org.adullact.liberattest.utils.KeyStoreLoader;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.json.simple.JSONObject;
+import org.json.simple.JSONValue;
import java.io.File;
import java.security.Security;
String basedir;
String uuid;
String contentFile;
- String store;
+ JSONObject store;
if (args.length > 3) {
basedir = args[0];
- store = args[1];
+ store = (JSONObject) JSONValue.parse(args[1]);
uuid = args[2];
contentFile = args[3];
} else {
}
// Définition du store
- KeyStoreLoader.setStore(store);
+ KeyStoreLoader.setStores(store);
// On ajoute le fichier à vérifier
fileNames.add(contentFile);
import org.adullact.liberattest.signature.SignatureElement;
import org.adullact.liberattest.utils.HashDocument;
import org.adullact.liberattest.utils.KeyStoreLoader;
+import org.adullact.liberattest.utils.StoreConfig;
import sun.security.util.Debug;
import java.io.PipedInputStream;
import java.io.PipedOutputStream;
import java.math.BigInteger;
import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
public class PDFBuilder {
Font.NORMAL, BaseColor.RED);
private static Font greenFont = new Font(Font.FontFamily.HELVETICA, 10,
Font.NORMAL, new BaseColor(0, 100, 0));
+ private static Font warnFont = new Font(Font.FontFamily.HELVETICA, 10,
+ Font.NORMAL, new BaseColor(204, 102, 0));
private static Font titleFont = new Font(Font.FontFamily.HELVETICA, 14,
Font.BOLD);
private static Font subFont = new Font(Font.FontFamily.HELVETICA, 12,
table.addCell("Certificat");
- if (sig.isVerified()) {
+ List<StoreConfig> ksList = KeyStoreLoader.getInstance();
+ Map<String, Boolean> verifications = sig.isVerified();
+ StoreConfig mostValidStore = null;
+ boolean isValid = false;
+ for (StoreConfig ks : ksList) {
+ // We don't handle error validity !
+ if (ks.valid != StoreConfig.Validity.error) {
+ if (ks.valid == StoreConfig.Validity.valid) {
+ if (mostValidStore == null) {
+ mostValidStore = ks;
+ }
+ if (verifications.get(ks.name)) {
+ mostValidStore = ks;
+ isValid = true;
+ break;
+ }
+ } else if (ks.valid == StoreConfig.Validity.warning && verifications.get(ks.name)) {
+ if (mostValidStore == null) {
+ mostValidStore = ks;
+ }
+ if (verifications.get(ks.name)) {
+ mostValidStore = ks;
+ isValid = true;
+ }
+ }
+ }
+ }
+ if (!isValid) {
table.addCell(new Phrase(
- "Le certificat a été vérifié avec succès à l'aide du référenciel " + KeyStoreLoader.getStore() + ".",
- greenFont));
+ "Le certificat n'a pas pu être vérifié.",
+ redFont));
} else {
table.addCell(new Phrase(
- "Le certificat n'a pas pu être vérifié à l'aide du référenciel " + KeyStoreLoader.getStore() + ".",
- redFont));
+ "Le certificat a été vérifié avec succès à l'aide du référenciel " + mostValidStore.name + ".",
+ mostValidStore.valid == StoreConfig.Validity.valid ? greenFont : warnFont));
}
table.addCell("Révocation");
import com.itextpdf.text.pdf.security.PdfPKCS7;
import com.itextpdf.text.pdf.security.VerificationException;
import org.adullact.liberattest.utils.KeyStoreLoader;
+import org.adullact.liberattest.utils.StoreConfig;
import org.adullact.liberattest.verifier.CRLVerifier;
-import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Calendar;
import java.util.List;
// ---- Vérification de la chaine de certification ----
// Création d'un keystore...
- KeyStore ks = KeyStoreLoader.getInstance();
- // Is the certificate avaible ? Be carefull we search the chain of certificat
- List<VerificationException> validationExceptions = CertificateVerification.verifyCertificates(pkc, ks, null, cal);
- this.isVerified = true;
- for (VerificationException verificationException : validationExceptions) {
- if (verificationException.getMessage().contains("Cannot be verified against the KeyStore or the certificate chain")) {
- this.isVerified = false;
- } else {
- this.isValid = false;
+ List<StoreConfig> ksList = KeyStoreLoader.getInstance();
+ this.isValid = false;
+ for (StoreConfig store : ksList) {
+ boolean valid = false;
+ if (store.valid != StoreConfig.Validity.error) {
+ // Is the certificate avaible ? Be carefull we search the chain of certificat
+ List<VerificationException> validationExceptions = CertificateVerification.verifyCertificates(pkc, store.ks, null, cal);
+ this.isVerified.put(store.name, true);
+ valid = true;
+ for (VerificationException verificationException : validationExceptions) {
+ if (verificationException.getMessage().contains("Cannot be verified against the KeyStore or the certificate chain")) {
+ this.isVerified.put(store.name, false);
+ }
+ valid = false;
+ }
}
+ this.isValid = this.isValid || valid;
}
}
}
package org.adullact.liberattest.signature;
import org.adullact.liberattest.utils.KeyStoreLoader;
+import org.adullact.liberattest.utils.StoreConfig;
import org.adullact.liberattest.verifier.CRLVerifier;
-import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
+import java.util.List;
/**
* Created by lhameury on 09/09/15.
// ---- Vérification de la chaine de certification ----
// Création d'un keystore...
- KeyStore ks = KeyStoreLoader.getInstance();
- Enumeration en = ks.aliases();
-
- String issuerdn = certificate.getIssuerDN().getName();
- while (en.hasMoreElements()) {
- X509Certificate storecert;
- String ali = (String) en.nextElement();
- if (ks.isCertificateEntry(ali)) {
- storecert = (X509Certificate) ks.getCertificate(ali);
- if ((storecert.getIssuerDN().getName()).equals(issuerdn)) {
- try {
- certificate.verify(storecert.getPublicKey());
- isVerified = true;
- break;
- } catch (Exception exc) {
- // Not good...
+ List<StoreConfig> ksList = KeyStoreLoader.getInstance();
+
+ for (StoreConfig ks : ksList) {
+ if (ks.valid != StoreConfig.Validity.error) {
+ Enumeration en = ks.ks.aliases();
+
+ String issuerdn = certificate.getIssuerDN().getName();
+ while (en.hasMoreElements()) {
+ X509Certificate storecert;
+ String ali = (String) en.nextElement();
+ if (ks.ks.isCertificateEntry(ali)) {
+ storecert = (X509Certificate) ks.ks.getCertificate(ali);
+ if ((storecert.getIssuerDN().getName()).equals(issuerdn)) {
+ try {
+ certificate.verify(storecert.getPublicKey());
+ isVerified.put(ks.name, true);
+ break;
+ } catch (Exception exc) {
+ // Not good...
+ }
+ }
+ } else if (ks.ks.isKeyEntry(ali)) {
+ System.out.println(ali + " **** key entry ****");
}
}
- } else if (ks.isKeyEntry(ali)) {
- System.out.println(ali + " **** key entry ****");
}
}
}
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
/**
* Created by lhameury on 09/09/15.
protected List<String> usage = new ArrayList<>();
protected String policy;
- protected boolean isVerified = false;
+ protected Map<String, Boolean> isVerified = new HashMap<>();
protected boolean isRevoked = false;
public SignatureElement() {}
return policy;
}
- public boolean isVerified() {
+ public Map<String, Boolean> isVerified() {
return isVerified;
}
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.openssl.PEMParser;
+import org.json.simple.JSONObject;
import java.io.*;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
/**
* Custom KeyStore Loader
* Created by lhameury on 10/09/15.
*/
public class KeyStoreLoader {
+ private static List<StoreConfig> stores = new ArrayList<>();
- private static KeyStore ks;
-
- private static String store = "ADULLACT"; // Default
-
- public static String getStore() {
- return store;
+ public static List<StoreConfig> getInstance() {
+ return stores;
}
- public static void setStore(String store) {
- KeyStoreLoader.store = store;
- }
+ public static void setStores(JSONObject store) throws Exception {
+ for (Object o : store.entrySet()) {
+ Map.Entry entry = (Map.Entry) o;
- public static KeyStore getInstance() {
- if (ks == null) {
- try {
- ks = loadStore(store);
- } catch (Exception e) {
- e.printStackTrace();
- }
+ StoreConfig sc = loadStore((String) entry.getKey());
+ sc.setConfig((String) entry.getKey(), StoreConfig.Validity.valueOf((String) entry.getValue()));
+
+ stores.add(sc);
}
- return ks;
}
/**
* @return The RGS KeyStore
* @throws Exception
*/
- private static KeyStore loadStore(String store) throws Exception {
+ private static StoreConfig loadStore(String store) throws Exception {
//Création d'un keystore...
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
}
}
}
- return ks;
+ return new StoreConfig(ks);
}
}
--- /dev/null
+package org.adullact.liberattest.utils;
+
+import java.security.KeyStore;
+
+/**
+ * Created by lhameury on 07/01/16.
+ */
+public class StoreConfig {
+
+ public String name;
+ public Validity valid;
+ public KeyStore ks;
+
+ public StoreConfig(KeyStore ks) {
+ this.ks = ks;
+ }
+
+ public void setConfig(String name, Validity valid) {
+ this.name = name;
+ this.valid = valid;
+ }
+
+ public enum Validity {
+ valid,
+ warning,
+ error
+ }
+}
\ No newline at end of file
td {{report.time | date : 'dd/MM/yyyy à H:mm'}}
td
a(ng-show="report.isGenerated", ng-href="/api/reports/{{report._id}}?access_token={{token}}", target="_blank") Télécharger
- p.text-info
+ p.text-info(ng-if="reports.length == 0")
i.fa.fa-info-circle
| Aucun rapport n'a été trouvé
hr
uuid: id,
user: user._id,
time: Date.now(),
- referential: user.referential ? user.referential : "RGS",
+ referential: user.referential ? user.referential : {},
filename: req.files.content[0].originalname,
content: dirname + req.files.content[0].originalname,
signatures: sigGenerated,
var ReportSchema = new Schema({
uuid: String,
user: String,
- referential: {
- type: String,
- default: "RGS"
- },
+ referential: Schema.Types.Mixed,
time: {
type: Date,
default: Date.now
var exec = require('child_process').exec;
var sem = require('semaphore')(1);
-process.on('message', function(message, callback) {
- sem.take(function() {
- var execLine = 'java -jar '+__dirname+'/generator/jar/attestGenerator.jar "'+__dirname+'/generator" "'+ message.referential +'" "' + message.uuid + '" "' + message.content + '"';
- for(var i = 0; i < message.signatures.length; i++) {
+process.on('message', function (message, callback) {
+ sem.take(function () {
+ var execLine = 'java -jar ' + __dirname + '/generator/jar/attestGenerator.jar "' + __dirname + '/generator" ' + JSON.stringify(message.referential).replace(/"/g, '\\"') + ' "' + message.uuid + '" "' + message.content + '"';
+ for (var i = 0; i < message.signatures.length; i++) {
execLine += ' "' + message.signatures[i] + '"';
}
exec(execLine,
function (error, stdout, stderr) {
- if(stderr) console.error(stderr);
- if(stdout) console.error(stdout);
- if(error) console.error(error);
- sem.leave();
- callback();
+ if (stderr) console.error(stderr);
+ if (stdout) console.error(stdout);
+ if (error) console.error(error);
+ sem.leave();
+ callback();
});
});
});
if ('development' === env || 'test' === env) {
// Modif LH -> connect-livereload empêche le téléchargement de fichier PDF
- app.use(require('connect-livereload')());
+ //app.use(require('connect-livereload')());
app.use(express.static(path.join(config.root, '.tmp')));
app.use(express.static(path.join(config.root, 'client')));
app.set('appPath', path.join(config.root, 'client'));