Example 1 with DigitalSignatureValidation
use of org.olat.ims.qti21.model.DigitalSignatureValidation in project openolat by klemens.
the class ValidationXmlSignatureController method doValidate.
private void doValidate() {
File xmlSignature = uploadEl.getUploadFile();
if (xmlSignature != null && xmlSignature.exists()) {
DigitalSignatureValidation validation = qtiService.validateAssessmentResult(xmlSignature);
validationMessage.setVisible(true);
validationMessage.contextPut("valid", validation.isValid());
String msg;
if (validation.isValid()) {
msg = translate("validate.xml.signature.ok");
} else {
if (validation.getMessage() == DigitalSignatureValidation.Message.sessionNotFound) {
msg = translate("warning.xml.signature.session.not.found");
} else {
msg = translate("warning.xml.signature.notok");
}
}
validationMessage.contextPut("message", msg);
flc.setDirty(true);
}
}
Also used :
DigitalSignatureValidation(org.olat.ims.qti21.model.DigitalSignatureValidation)
File(java.io.File)
Example 2 with DigitalSignatureValidation
use of org.olat.ims.qti21.model.DigitalSignatureValidation in project OpenOLAT by OpenOLAT.
the class QTI21ServiceImpl method validateAssessmentResult.
@Override
public DigitalSignatureValidation validateAssessmentResult(File xmlSignature) {
try {
Document signature = XMLDigitalSignatureUtil.getDocument(xmlSignature);
String uri = XMLDigitalSignatureUtil.getReferenceURI(signature);
// URI looks like: http://localhost:8081/olat/RepositoryEntry/688455680/CourseNode/95134692149905/TestSession/3231/assessmentResult.xml
String keyName = XMLDigitalSignatureUtil.getKeyName(signature);
int end = uri.indexOf("/assessmentResult");
if (end <= 0) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
}
int start = uri.lastIndexOf('/', end - 1);
if (start <= 0) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
}
String testSessionKey = uri.substring(start + 1, end);
AssessmentTestSession testSession = getAssessmentTestSession(new Long(testSessionKey));
if (testSession == null) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
}
File assessmentResult = getAssessmentResultFile(testSession);
File certificateFile = qtiModule.getDigitalSignatureCertificateFile();
X509CertificatePrivateKeyPair kp = null;
if (keyName != null && keyName.equals(certificateFile.getName())) {
kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(certificateFile, qtiModule.getDigitalSignatureCertificatePassword());
} else if (keyName != null) {
File olderCertificateFile = new File(certificateFile.getParentFile(), keyName);
if (olderCertificateFile.exists()) {
kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(olderCertificateFile, qtiModule.getDigitalSignatureCertificatePassword());
}
}
if (kp == null) {
// validate document against signature
if (XMLDigitalSignatureUtil.validate(uri, assessmentResult, xmlSignature)) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.validItself, true);
}
} else if (XMLDigitalSignatureUtil.validate(uri, assessmentResult, xmlSignature, kp.getX509Cert().getPublicKey())) {
// validate document against signature but use the public key of the certificate
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.validCertificate, true);
}
} catch (Exception e) {
log.error("", e);
}
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.notValid, false);
}
Also used :
X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair)
AssessmentTestSession(org.olat.ims.qti21.AssessmentTestSession)
InMemoryAssessmentTestSession(org.olat.ims.qti21.model.InMemoryAssessmentTestSession)
DigitalSignatureValidation(org.olat.ims.qti21.model.DigitalSignatureValidation)
Document(org.w3c.dom.Document)
File(java.io.File)
QtiXmlInterpretationException(uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException)
TransformerException(javax.xml.transform.TransformerException)
IOException(java.io.IOException)
XmlResourceNotFoundException(uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException)
OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)
Example 3 with DigitalSignatureValidation
use of org.olat.ims.qti21.model.DigitalSignatureValidation in project OpenOLAT by OpenOLAT.
the class ValidationXmlSignatureController method doValidate.
private void doValidate() {
File xmlSignature = uploadEl.getUploadFile();
if (xmlSignature != null && xmlSignature.exists()) {
DigitalSignatureValidation validation = qtiService.validateAssessmentResult(xmlSignature);
validationMessage.setVisible(true);
validationMessage.contextPut("valid", validation.isValid());
String msg;
if (validation.isValid()) {
msg = translate("validate.xml.signature.ok");
} else {
if (validation.getMessage() == DigitalSignatureValidation.Message.sessionNotFound) {
msg = translate("warning.xml.signature.session.not.found");
} else {
msg = translate("warning.xml.signature.notok");
}
}
validationMessage.contextPut("message", msg);
flc.setDirty(true);
}
}
Also used :
DigitalSignatureValidation(org.olat.ims.qti21.model.DigitalSignatureValidation)
File(java.io.File)
Example 4 with DigitalSignatureValidation
use of org.olat.ims.qti21.model.DigitalSignatureValidation in project openolat by klemens.
the class QTI21ServiceImpl method validateAssessmentResult.
@Override
public DigitalSignatureValidation validateAssessmentResult(File xmlSignature) {
try {
Document signature = XMLDigitalSignatureUtil.getDocument(xmlSignature);
String uri = XMLDigitalSignatureUtil.getReferenceURI(signature);
// URI looks like: http://localhost:8081/olat/RepositoryEntry/688455680/CourseNode/95134692149905/TestSession/3231/assessmentResult.xml
String keyName = XMLDigitalSignatureUtil.getKeyName(signature);
int end = uri.indexOf("/assessmentResult");
if (end <= 0) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
}
int start = uri.lastIndexOf('/', end - 1);
if (start <= 0) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
}
String testSessionKey = uri.substring(start + 1, end);
AssessmentTestSession testSession = getAssessmentTestSession(new Long(testSessionKey));
if (testSession == null) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.sessionNotFound, false);
}
File assessmentResult = getAssessmentResultFile(testSession);
File certificateFile = qtiModule.getDigitalSignatureCertificateFile();
X509CertificatePrivateKeyPair kp = null;
if (keyName != null && keyName.equals(certificateFile.getName())) {
kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(certificateFile, qtiModule.getDigitalSignatureCertificatePassword());
} else if (keyName != null) {
File olderCertificateFile = new File(certificateFile.getParentFile(), keyName);
if (olderCertificateFile.exists()) {
kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(olderCertificateFile, qtiModule.getDigitalSignatureCertificatePassword());
}
}
if (kp == null) {
// validate document against signature
if (XMLDigitalSignatureUtil.validate(uri, assessmentResult, xmlSignature)) {
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.validItself, true);
}
} else if (XMLDigitalSignatureUtil.validate(uri, assessmentResult, xmlSignature, kp.getX509Cert().getPublicKey())) {
// validate document against signature but use the public key of the certificate
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.validCertificate, true);
}
} catch (Exception e) {
log.error("", e);
}
return new DigitalSignatureValidation(DigitalSignatureValidation.Message.notValid, false);
}
Also used :
X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair)
AssessmentTestSession(org.olat.ims.qti21.AssessmentTestSession)
InMemoryAssessmentTestSession(org.olat.ims.qti21.model.InMemoryAssessmentTestSession)
DigitalSignatureValidation(org.olat.ims.qti21.model.DigitalSignatureValidation)
Document(org.w3c.dom.Document)
File(java.io.File)
QtiXmlInterpretationException(uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException)
TransformerException(javax.xml.transform.TransformerException)
IOException(java.io.IOException)
XmlResourceNotFoundException(uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException)
OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)
Aggregations
File (java.io.File)4
DigitalSignatureValidation (org.olat.ims.qti21.model.DigitalSignatureValidation)4
IOException (java.io.IOException)2
TransformerException (javax.xml.transform.TransformerException)2
OLATRuntimeException (org.olat.core.logging.OLATRuntimeException)2
X509CertificatePrivateKeyPair (org.olat.core.util.crypto.X509CertificatePrivateKeyPair)2
AssessmentTestSession (org.olat.ims.qti21.AssessmentTestSession)2
InMemoryAssessmentTestSession (org.olat.ims.qti21.model.InMemoryAssessmentTestSession)2
Document (org.w3c.dom.Document)2
QtiXmlInterpretationException (uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException)2
XmlResourceNotFoundException (uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException)2
