From eac485e8b637611689330d2d159217f8d913a62e Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Wed, 22 Mar 2023 14:55:33 +0200 Subject: [PATCH] Validate CAdES signature in SiVa service IB-6671 Signed-off-by: Raul Metsma --- client/DigiDoc.cpp | 9 ++++++++- client/DigiDoc.h | 1 + client/common_enums.h | 1 + client/translations/en.ts | 4 ++++ client/translations/et.ts | 4 ++++ client/translations/ru.ts | 4 ++++ client/widgets/ContainerPage.cpp | 2 ++ client/widgets/WarningItem.cpp | 10 +++++++++- 8 files changed, 33 insertions(+), 2 deletions(-) diff --git a/client/DigiDoc.cpp b/client/DigiDoc.cpp index 1088d27d7..4cb4f683f 100644 --- a/client/DigiDoc.cpp +++ b/client/DigiDoc.cpp @@ -453,6 +453,13 @@ bool DigiDoc::isAsicS() const }); } +bool DigiDoc::isCades() const +{ + return std::any_of(m_signatures.cbegin(), m_signatures.cend(), [](const DigiDocSignature &s) { + return s.profile().contains(QLatin1String("CADES"), Qt::CaseInsensitive); + }); +} + bool DigiDoc::isPDF() const { return b && b->mediaType() == "application/pdf"; @@ -461,7 +468,7 @@ bool DigiDoc::isModified() const { return modified; } bool DigiDoc::isSupported() const { - return b && b->mediaType() == "application/vnd.etsi.asic-e+zip"; + return b && b->mediaType() == "application/vnd.etsi.asic-e+zip" && !isCades(); } QString DigiDoc::mediaType() const diff --git a/client/DigiDoc.h b/client/DigiDoc.h index e9c72b8ad..fa4ba4ab3 100644 --- a/client/DigiDoc.h +++ b/client/DigiDoc.h @@ -127,6 +127,7 @@ class DigiDoc: public QObject DocumentModel *documentModel() const; QString fileName() const; bool isAsicS() const; + bool isCades() const; bool isPDF() const; bool isModified() const; bool isSupported() const; diff --git a/client/common_enums.h b/client/common_enums.h index cf4078d3c..b37184c2f 100644 --- a/client/common_enums.h +++ b/client/common_enums.h @@ -95,6 +95,7 @@ enum WarningType { UnknownSignatureWarning, UnknownTimestampWarning, UnsupportedAsicSWarning, + UnsupportedAsicCadesWarning, UnsupportedDDocWarning, EmptyFileWarning, }; diff --git a/client/translations/en.ts b/client/translations/en.ts index 11563592c..e62190573 100644 --- a/client/translations/en.ts +++ b/client/translations/en.ts @@ -3292,6 +3292,10 @@ Additional licenses and components This ASiC-S container contains XAdES signature. You are not allowed to add or remove signatures to this container. This ASiC-S container contains XAdES signature. You are not allowed to add or remove signatures to this container. + + The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container. + The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container. + WarningRibbon diff --git a/client/translations/et.ts b/client/translations/et.ts index 98a9d3dc3..ceb77dc49 100644 --- a/client/translations/et.ts +++ b/client/translations/et.ts @@ -3292,6 +3292,10 @@ Täiendavad litsentsid ja komponendid This ASiC-S container contains XAdES signature. You are not allowed to add or remove signatures to this container. Tegemist on XAdES allkirja sisalduva ASiC-S ümbrikuga. Sellele ümbrikule ei saa allkirja lisada ega eemaldada. + + The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container. + Tegemist on CADES allkirja sisalduva ümbrikuga. Sellele ümbrikule ei saa allkirja lisada ega eemaldada. + WarningRibbon diff --git a/client/translations/ru.ts b/client/translations/ru.ts index e2d739f7f..1ef48d636 100644 --- a/client/translations/ru.ts +++ b/client/translations/ru.ts @@ -3297,6 +3297,10 @@ Additional licenses and components This ASiC-S container contains XAdES signature. You are not allowed to add or remove signatures to this container. Речь идет о конверте ASiC-S, содержащемся в подписи XAdES. К данному контейнеру нельзя добавить или удалить из него подпись. + + The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container. + Этот контейнер содержит подпись КАДЕС. К данному контейнеру нельзя добавить или удалить из него подпись. + WarningRibbon diff --git a/client/widgets/ContainerPage.cpp b/client/widgets/ContainerPage.cpp index 272c0aed9..dba8bc5a1 100644 --- a/client/widgets/ContainerPage.cpp +++ b/client/widgets/ContainerPage.cpp @@ -334,6 +334,8 @@ void ContainerPage::transition(DigiDoc* container) emit warning(UnsupportedDDocWarning); if(container->isAsicS()) emit warning(UnsupportedAsicSWarning); + if(container->isCades()) + emit warning(UnsupportedAsicCadesWarning); hasEmptyFile = false; for (auto i = 0; i < container->documentModel()->rowCount(); i++) diff --git a/client/widgets/WarningItem.cpp b/client/widgets/WarningItem.cpp index d59abce8e..b62d28266 100644 --- a/client/widgets/WarningItem.cpp +++ b/client/widgets/WarningItem.cpp @@ -141,8 +141,16 @@ void WarningItem::lookupWarning() warnText.details = tr("More information"); warnText.page = ria::qdigidoc4::SignDetails; break; + case ria::qdigidoc4::UnsupportedAsicCadesWarning: + warnText.text = tr("The current file is a ASiC container with CAdES signatures that is not supported currently. " + "You are not allowed to add or remove signatures to this container."); + warnText.url = tr("https://www.id.ee/en/article/digidoc-container-format-life-cycle-2/"); + warnText.details = tr("More information"); + warnText.page = ria::qdigidoc4::SignDetails; + break; case ria::qdigidoc4::UnsupportedDDocWarning: - warnText.text = tr("The current file is a DigiDoc container that is not supported officially any longer. You are not allowed to add or remove signatures to this container."); + warnText.text = tr("The current file is a DigiDoc container that is not supported officially any longer. " + "You are not allowed to add or remove signatures to this container."); warnText.url = tr("https://www.id.ee/en/article/digidoc-container-format-life-cycle-2/"); warnText.details = tr("More information"); warnText.page = ria::qdigidoc4::SignDetails;