Everything except endorsements, fixing CLR sample with proof and a few sanity checks.

This commit is contained in:
Miles Lyon 2022-08-12 16:09:17 -04:00
parent 79b0932529
commit a7402e5a73

View File

@ -4,6 +4,7 @@ import static java.lang.Boolean.TRUE;
import static org.oneedtech.inspect.core.probe.RunContext.Key.*; import static org.oneedtech.inspect.core.probe.RunContext.Key.*;
import static org.oneedtech.inspect.util.json.ObjectMapperCache.Config.DEFAULT; import static org.oneedtech.inspect.util.json.ObjectMapperCache.Config.DEFAULT;
import static org.oneedtech.inspect.core.report.ReportUtil.onProbeException;
import java.net.URI; import java.net.URI;
import java.util.ArrayList; import java.util.ArrayList;
@ -26,7 +27,10 @@ import org.oneedtech.inspect.util.resource.UriResource;
import org.oneedtech.inspect.util.resource.context.ResourceContext; import org.oneedtech.inspect.util.resource.context.ResourceContext;
import org.oneedtech.inspect.vc.Credential.Type; import org.oneedtech.inspect.vc.Credential.Type;
import org.oneedtech.inspect.vc.probe.CredentialParseProbe; import org.oneedtech.inspect.vc.probe.CredentialParseProbe;
import org.oneedtech.inspect.vc.probe.ExpirationVerifierProbe;
import org.oneedtech.inspect.vc.probe.InlineJsonSchemaProbe; import org.oneedtech.inspect.vc.probe.InlineJsonSchemaProbe;
import org.oneedtech.inspect.vc.probe.IssuanceVerifierProbe;
import org.oneedtech.inspect.vc.probe.RevocationListProbe;
import org.oneedtech.inspect.vc.probe.SignatureVerifierProbe; import org.oneedtech.inspect.vc.probe.SignatureVerifierProbe;
import org.oneedtech.inspect.vc.probe.TypePropertyProbe; import org.oneedtech.inspect.vc.probe.TypePropertyProbe;
@ -106,7 +110,7 @@ public class EmbeddedVCInspector extends VCInspector implements SubInspector {
} }
if(broken(accumulator)) return abort(ctx, accumulator, probeCount); if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
//check refresh service if we are not already refreshed //check refresh service if we are not already refreshed (check just like in external CLR)
probeCount++; probeCount++;
if(resource.getContext().get(REFRESHED) != TRUE) { if(resource.getContext().get(REFRESHED) != TRUE) {
Optional<String> newID = checkRefreshService(crd, ctx); Optional<String> newID = checkRefreshService(crd, ctx);
@ -118,9 +122,20 @@ public class EmbeddedVCInspector extends VCInspector implements SubInspector {
} }
} }
//revocation, expiration and issuance (check just like in external CLR)
for(Probe<Credential> probe : List.of(new RevocationListProbe(),
new ExpirationVerifierProbe(), new IssuanceVerifierProbe())) {
probeCount++;
accumulator.add(probe.run(crd, ctx));
if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
}
//TODO: verify embedded endorsements, I believe these are NOT on embedded credentials
//TODO: verify if User Probes are relevant for embedded content
} catch (Exception e) { } catch (Exception e) {
//TODO: Need to figure out the issue here. accumulator.add(onProbeException(Probe.ID.NO_UNCAUGHT_EXCEPTIONS, resource, e));
//accumulator.add(onProbeException(Probe.ID.NO_UNCAUGHT_EXCEPTIONS, resource, e));
} }
return new Report(ctx, new ReportItems(accumulator), probeCount); return new Report(ctx, new ReportItems(accumulator), probeCount);