Validate CAdES signature in SiVa service

IB-6671 Signed-off-by: Raul Metsma <[email protected]>
open-eid · Sep 4, 2023 · b6502f5 · b6502f5
1 parent 3c894f2
commit b6502f5
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 1 deletion.
diff --git a/client/DigiDoc.cpp b/client/DigiDoc.cpp
@@ -447,14 +447,22 @@ bool DigiDoc::isError(bool failure, const QString &msg) const
 	return !b || failure;
 }
 
+bool DigiDoc::isCades() const
+{
+	return std::any_of(m_signatures.cbegin(), m_signatures.cend(), [](const DigiDocSignature &s) {
+		return s.profile().contains(QLatin1String("CADES"), Qt::CaseInsensitive);
+	});
+}
+
 bool DigiDoc::isPDF() const
 {
 	return b && b->mediaType() == "application/pdf";
 }
 bool DigiDoc::isModified() const { return modified; }
+
 bool DigiDoc::isSupported() const
 {
-	return b && b->mediaType() == "application/vnd.etsi.asic-e+zip";
+	return b && b->mediaType() == "application/vnd.etsi.asic-e+zip" && !isCades();
 }
 
 QString DigiDoc::mediaType() const

diff --git a/client/DigiDoc.h b/client/DigiDoc.h
@@ -126,6 +126,7 @@ class DigiDoc: public QObject
 	void clear();
 	DocumentModel *documentModel() const;
 	QString fileName() const;
+	bool isCades() const;
 	bool isPDF() const;
 	bool isModified() const;
 	bool isSupported() const;

diff --git a/client/common_enums.h b/client/common_enums.h
@@ -94,6 +94,7 @@ enum WarningType {
     InvalidTimestampWarning,
     UnknownSignatureWarning,
     UnknownTimestampWarning,
+	UnsupportedAsicCadesWarning,
     UnsupportedDDocWarning,
     EmptyFileWarning,
 };

diff --git a/client/translations/en.ts b/client/translations/en.ts
@@ -3288,6 +3288,10 @@ Additional licenses and components</translation>
         <source>Certificates expire soon! </source>
         <translation>Certificates expire soon! </translation>
     </message>
+    <message>
+        <source>The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container.</source>
+        <translation>The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container.</translation>
+    </message>
 </context>
 <context>
     <name>WarningRibbon</name>

diff --git a/client/translations/et.ts b/client/translations/et.ts
@@ -3288,6 +3288,10 @@ Täiendavad litsentsid ja komponendid</translation>
         <source>Certificates have expired! </source>
         <translation>Sertifikaadid on aegunud! </translation>
     </message>
+    <message>
+        <source>The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container.</source>
+        <translation>Tegemist on CADES allkirja sisalduva ümbrikuga. Sellele ümbrikule ei saa allkirja lisada ega eemaldada.</translation>
+    </message>
 </context>
 <context>
     <name>WarningRibbon</name>

diff --git a/client/translations/ru.ts b/client/translations/ru.ts
@@ -3293,6 +3293,10 @@ Additional licenses and components</source>
         <source>Certificates expire soon! </source>
         <translation>Срок действия сертификатов скоро истекает! </translation>
     </message>
+    <message>
+        <source>The current file is a ASiC container with CAdES signatures that is not supported currently. You are not allowed to add or remove signatures to this container.</source>
+        <translation>Этот контейнер содержит подпись КАДЕС. К данному контейнеру нельзя добавить или удалить из него подпись.</translation>
+    </message>
 </context>
 <context>
     <name>WarningRibbon</name>

diff --git a/client/widgets/ContainerPage.cpp b/client/widgets/ContainerPage.cpp
@@ -332,6 +332,8 @@ void ContainerPage::transition(DigiDoc* container)
 		emit warning(WarningText(i.key(), i.value()));
 	if(container->fileName().endsWith(QStringLiteral("ddoc"), Qt::CaseInsensitive))
 		emit warning(UnsupportedDDocWarning);
+	if(container->isCades())
+		emit warning(UnsupportedAsicCadesWarning);
 
 	hasEmptyFile = false;
 	for (auto i = 0; i < container->documentModel()->rowCount(); i++)

diff --git a/client/widgets/WarningItem.cpp b/client/widgets/WarningItem.cpp
@@ -134,6 +134,13 @@ void WarningItem::lookupWarning()
 		warnText.details = tr("More information");
 		warnText.page = ria::qdigidoc4::SignDetails;
 		break;
+	case ria::qdigidoc4::UnsupportedAsicCadesWarning:
+		warnText.text = tr("The current file is a ASiC container with CAdES signatures that is not supported currently. "
+			"You are not allowed to add or remove signatures to this container.");
+		warnText.url = tr("https://www.id.ee/en/article/digidoc-container-format-life-cycle-2/");
+		warnText.details = tr("More information");
+		warnText.page = ria::qdigidoc4::SignDetails;
+		break;
 	case ria::qdigidoc4::UnsupportedDDocWarning:
 		warnText.text = tr("The current file is a DigiDoc container that is not supported officially any longer. You are not allowed to add or remove signatures to this container.");
 		warnText.url = tr("https://www.id.ee/en/article/digidoc-container-format-life-cycle-2/");