void
MDBImageManager::setCriteria(const MPlacerOrder& order, MCriteriaVector& cv)
{
MCriteria c;
MString patientID(order.patientID());
if (patientID.size())
{
c.attribute = "patid";
c.oper = TBL_EQUAL;
c.value = order.patientID();
cv.push_back(c);
}
#if 0
MString issuer(order.issuerOfPatientID());
if (issuer.size())
{
c.attribute = "issuer";
c.oper = TBL_EQUAL;
c.value = order.issuerOfPatientID();
cv.push_back(c);
}
#endif
c.attribute = "plaordnum";
c.oper = TBL_EQUAL;
c.value = order.placerOrderNumber();
cv.push_back(c);
}
XERCES_CPP_NAMESPACE::DOMDocument* spep::StartupProcessorImpl::buildRequest( const std::wstring &samlID )
{
_localLogger.debug() << "Going to build SPEP startup request.";
saml2::assertion::NameIDType issuer( this->_spepIdentifier );
middleware::ESOEProtocolSchema::ValidateInitializationRequestType validateInitializationRequest;
validateInitializationRequest.ID( samlID );
validateInitializationRequest.Version( saml2::versions::SAML_20 );
validateInitializationRequest.IssueInstant( xml_schema::date_time() );
validateInitializationRequest.Issuer( issuer );
validateInitializationRequest.nodeId( UnicodeStringConversion::toWString( boost::lexical_cast<std::string>( this->_nodeID ) ) );
validateInitializationRequest.authzCacheIndex( this->_authzCacheIndex );
validateInitializationRequest.compileDate( UnicodeStringConversion::toWString( std::string(__DATE__) ) );
validateInitializationRequest.compileSystem( UnicodeStringConversion::toWString( std::string( COMPILE_SYSTEM ) ) );
validateInitializationRequest.sw_version( UnicodeStringConversion::toWString( COMPILE_VERSION ) );
validateInitializationRequest.environment( ENVIRONMENT );
for( std::vector<std::wstring>::iterator iter = this->_ipAddresses.begin(); iter != this->_ipAddresses.end(); ++iter )
{
validateInitializationRequest.ipAddress().push_back( *iter );
}
std::vector<std::string> idList;
idList.push_back( UnicodeStringConversion::toString(samlID) );
DOMDocument *requestDocument = this->_validateInitializationRequestMarshaller->generateDOMDocument( &validateInitializationRequest );
requestDocument = this->_validateInitializationRequestMarshaller->validate( requestDocument );
this->_validateInitializationRequestMarshaller->sign( requestDocument, idList );
return requestDocument;
}
void
MDBImageManager::setCriteria(const MVisit& visit, MCriteriaVector& cv)
{
MCriteria c;
c.attribute = "patid";
c.oper = TBL_EQUAL;
c.value = visit.patientID();
cv.push_back(c);
#if 0
MString issuer(visit.issuerOfPatientID());
if (issuer.size())
{
c.attribute = "issuer";
c.oper = TBL_EQUAL;
c.value = visit.issuerOfPatientID();
cv.push_back(c);
}
#endif
c.attribute = "visnum";
c.oper = TBL_EQUAL;
c.value = visit.visitNumber();
cv.push_back(c);
}
QVariant Certificate::detailResult(Certificate::Details detail) const
{
switch(detail) {
case Details::EXPIRATION_DATE : return expirationDate ();
case Details::ACTIVATION_DATE : return activationDate ();
case Details::REQUIRE_PRIVATE_KEY_PASSWORD : return requirePrivateKeyPassword ();
case Details::PUBLIC_SIGNATURE : return publicSignature ();
case Details::VERSION_NUMBER : return versionNumber ();
case Details::SERIAL_NUMBER : return serialNumber ();
case Details::ISSUER : return issuer ();
case Details::SUBJECT_KEY_ALGORITHM : return subjectKeyAlgorithm ();
case Details::CN : return cn ();
case Details::N : return n ();
case Details::O : return o ();
case Details::SIGNATURE_ALGORITHM : return signatureAlgorithm ();
case Details::MD5_FINGERPRINT : return md5Fingerprint ();
case Details::SHA1_FINGERPRINT : return sha1Fingerprint ();
case Details::PUBLIC_KEY_ID : return publicKeyId ();
case Details::ISSUER_DN : return issuerDn ();
case Details::NEXT_EXPECTED_UPDATE_DATE : return nextExpectedUpdateDate ();
case Details::OUTGOING_SERVER : return outgoingServer ();
case Details::COUNT__:
Q_ASSERT(false);
};
return QVariant();
}
void UserTrustItem::makeCertIndex(Certificate *cert, CssmOwnedData &encodedIndex)
{
CertField issuer(cert, CSSMOID_X509V1IssuerName);
CertField serial(cert, CSSMOID_X509V1SerialNumber);
IssuerAndSN index;
index.issuer = issuer.data();
index.serial = serial.data();
if (SecNssEncodeItemOdata(&index, issuerAndSNTemplate, encodedIndex))
CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
}
void
MDBImageManager::setCriteria(const MFillerOrder& order, MCriteriaVector& cv)
{
MCriteria c;
MString patientID(order.patientID());
if (patientID.size())
{
c.attribute = "patid";
c.oper = TBL_EQUAL;
c.value = order.patientID();
cv.push_back(c);
}
#if 0
MString issuer(order.issuerOfPatientID());
if (issuer.size())
{
c.attribute = "issuer";
c.oper = TBL_EQUAL;
c.value = order.issuerOfPatientID();
cv.push_back(c);
}
#endif
MString poNum(order.placerOrderNumber());
if (poNum.size())
{
c.attribute = "plaordnum";
c.oper = TBL_EQUAL;
c.value = order.placerOrderNumber();
cv.push_back(c);
}
c.attribute = "filordnum";
c.oper = TBL_EQUAL;
c.value = order.fillerOrderNumber();
cv.push_back(c);
// may include accession number also
/*
MString accNum(order.accessionNumber());
if (accNum.size())
{
c.attribute = "accnum";
c.oper = TBL_EQUAL;
c.value = order.accessionNumber();
cv.push_back(c);
} */
}
XERCES_CPP_NAMESPACE::DOMDocument* spep::AttributeProcessor::buildAttributeQuery( spep::PrincipalSession &principalSession, const std::wstring &samlID )
{
std::vector<std::string> identifierList;
// Subject is ESOE session identifier.
saml2::assertion::SubjectType subject;
saml2::assertion::NameIDType subjectNameID( principalSession.getESOESessionID() );
subject.NameID( subjectNameID );
// Set the issuer to be "this" SPEP
saml2::assertion::NameIDType issuer( this->_metadata->getSPEPIdentifier() );
saml2::protocol::AttributeQueryType attributeQuery;
// Use the ID given to us, because that's what will be expected in the InReponseTo field of the response.
attributeQuery.ID( samlID );
identifierList.push_back( UnicodeStringConversion::toString( samlID ) );
attributeQuery.Version( saml2::versions::SAML_20 );
// Set to the current time.
attributeQuery.IssueInstant( xml_schema::date_time() );
attributeQuery.Subject( subject );
attributeQuery.Issuer( issuer );
try
{
std::string samlIDString( UnicodeStringConversion::toString( samlID ) );
_localLogger.debug() << "Marshalling attribute query document with SAML ID: " << samlIDString;
// Marshal the request.
DOMDocument *requestDocument = this->_attributeQueryMarshaller->generateDOMDocument( &attributeQuery );
requestDocument = this->_attributeQueryMarshaller->validate( requestDocument );
this->_attributeQueryMarshaller->sign( requestDocument, identifierList );
_localLogger.debug() << "Marshalled attribute query document successfully. SAML ID: " << samlIDString;
return requestDocument;
}
catch ( saml2::MarshallerException &ex )
{
_localLogger.error() << "Failed to marshal attribute query document. Exception was: " << ex.getMessage() << ". Cause was: " << ex.getCause();
throw AttributeException( "Unable to marshal attribute query document." );
}
}
void go() override
{
Botan::X509_Certificate subject(get_arg("subject"));
Botan::X509_Certificate issuer(get_arg("issuer"));
std::chrono::milliseconds timeout(get_arg_sz("timeout"));
Botan::Certificate_Store_In_Memory cas;
cas.add_certificate(issuer);
Botan::OCSP::Response resp = Botan::OCSP::online_check(issuer, subject, &cas, timeout);
auto status = resp.status_for(issuer, subject, std::chrono::system_clock::now());
if(status == Botan::Certificate_Status_Code::OCSP_RESPONSE_GOOD)
{
output() << "OCSP check OK\n";
}
else
{
output() << "OCSP check failed " << Botan::Path_Validation_Result::status_string(status) << "\n";
}
}
void
MDBImageManager::setCriteria(const MPatient& patient, MCriteriaVector& cv)
{
MCriteria c;
c.attribute = "patid";
c.oper = TBL_EQUAL;
c.value = patient.patientID();
cv.push_back(c);
#if 0
MString issuer(patient.issuerOfPatientID());
if (issuer.size())
{
c.attribute = "issuer";
c.oper = TBL_EQUAL;
c.value = patient.issuerOfPatientID();
cv.push_back(c);
}
#endif
}
// -----------------------------------------------------------------------------
// CSTSCredentialManager::AddCredentialL
// Adds a certificate or certificate URI to certificate store
// -----------------------------------------------------------------------------
//
TBool CSTSCredentialManager::AddCredentialL(
TInt/*const TDesC&*/ aCertDisplayName,
TInt/*const TDesC&*/ aPkiPath)
{
if (iState != EReady)
{
User::Leave(KErrNotReady);
}
iWritableCertStoreIndex = CheckWriteCertStoreSEIDL(NULL, NULL);
const TDesC8* path = reinterpret_cast< const TDesC8* >(aPkiPath);
TASN1DecGeneric genericDecoder(*path);
genericDecoder.InitL();
TPtrC8 certificates = genericDecoder.GetContentDER();
TInt certificatesLength = certificates.Length();
TInt pos = 0;
iSubject.Set(certificates.Right(certificatesLength));
TPtrC8 issuer(iSubject);
// go through the certificate chain, leaving the last certificate as subject
// and second last as issuer
while (pos < certificatesLength)
{
issuer.Set(iSubject);
TASN1DecGeneric
certDecoder(certificates.Right(certificatesLength - pos));
certDecoder.InitL();
TInt certLength = certDecoder.LengthDER();
TPtrC8 singleCert(certificates.Mid(pos, certLength));
iSubject.Set(singleCert);
pos+=certLength;
}
CX509Certificate* cert =
CX509Certificate::NewLC(iSubject);
CX509Certificate* issuerCert =
CX509Certificate::NewLC(issuer);
iSubjectKeyId = cert->KeyIdentifierL();
iIssuerKeyId = issuerCert->KeyIdentifierL();
iCertDisplayName = reinterpret_cast<TDesC*>(aCertDisplayName);
// now we have to check that this certificate does not exist in the
// database yet
CCertAttributeFilter* filter = CCertAttributeFilter::NewLC();
filter->SetFormat(EX509Certificate);
filter->SetSubjectKeyId(iSubjectKeyId);
filter->SetIssuerKeyId(iIssuerKeyId);
RMPointerArray< CCTCertInfo >* certInfoArray =
new(ELeave) RMPointerArray< CCTCertInfo >();
if (iCertInfoArray)
{
iCertInfoArray->Close();
delete iCertInfoArray;
}
iCertInfoArray = certInfoArray;
iState = EAddListing;
iStore->WritableCertStore(iWritableCertStoreIndex)
.List(*iCertInfoArray, *filter,
iStatus);
WaitForCompletionL();
CleanupStack::PopAndDestroy(3); // filter, cert, issuerCert
iCertInfoArray->Close();
delete iCertInfoArray;
iCertInfoArray = NULL;
return ETrue;
}
