diff --git a/src/SignatureXAdES_LT.cpp b/src/SignatureXAdES_LT.cpp index 83792bfc7..c17fe9e16 100644 --- a/src/SignatureXAdES_LT.cpp +++ b/src/SignatureXAdES_LT.cpp @@ -110,7 +110,10 @@ void SignatureXAdES_LT::validate(const string &policy) const } try { - auto revocationValues = unsignedSignatureProperties()/"RevocationValues"; + auto usp = unsignedSignatureProperties(); + if(!usp) + THROW("UnsignedProperties block 'UnsignedSignatureProperties' is missing."); + auto revocationValues = usp/"RevocationValues"; if(!revocationValues) THROW("RevocationValues object is missing"); if(revocationValues + 1) @@ -262,22 +265,16 @@ void SignatureXAdES_LT::addOCSPValue(const string &id, const OCSP &ocsp) */ OCSP SignatureXAdES_LT::getOCSPResponseValue() const { - try + auto ocspValues = unsignedSignatureProperties()/"RevocationValues"/"OCSPValues"; + for(auto resp = ocspValues/"EncapsulatedOCSPValue"; resp; resp++) { - auto ocspValues = unsignedSignatureProperties()/"RevocationValues"/"OCSPValues"; - for(auto resp = ocspValues/"EncapsulatedOCSPValue"; resp; resp++) - { - try { - OCSP ocsp(resp); - ocsp.verifyResponse(signingCertificate()); - return ocsp; - } catch(const Exception &) { - } + try { + OCSP ocsp(resp); + ocsp.verifyResponse(signingCertificate()); + return ocsp; + } catch(const Exception &) { } - // Return first OCSP response when chains are not complete and validation fails - return {ocspValues/"EncapsulatedOCSPValue"}; } - catch(const Exception &) - {} - return {}; + // Return first OCSP response when chains are not complete and validation fails + return {ocspValues/"EncapsulatedOCSPValue"}; } diff --git a/src/SignatureXAdES_T.cpp b/src/SignatureXAdES_T.cpp index e2312a8bb..614f80a4a 100644 --- a/src/SignatureXAdES_T.cpp +++ b/src/SignatureXAdES_T.cpp @@ -82,10 +82,7 @@ void SignatureXAdES_T::extendSignatureProfile(Signer *signer) TS SignatureXAdES_T::TimeStamp() const { - try { - return {unsignedSignatureProperties()/"SignatureTimeStamp"/"EncapsulatedTimeStamp"}; - } catch(const Exception &) {} - return {}; + return {unsignedSignatureProperties()/"SignatureTimeStamp"/"EncapsulatedTimeStamp"}; } void SignatureXAdES_T::validate(const std::string &policy) const @@ -104,6 +101,8 @@ void SignatureXAdES_T::validate(const std::string &policy) const try { auto usp = unsignedSignatureProperties(); + if(!usp) + THROW("UnsignedProperties block 'UnsignedSignatureProperties' is missing."); auto ts = usp/"SignatureTimeStamp"; if(!ts) THROW("Missing SignatureTimeStamp"); @@ -185,14 +184,9 @@ void SignatureXAdES_T::validate(const std::string &policy) const throw exception; } -XMLNode SignatureXAdES_T::unsignedSignatureProperties() const +XMLNode SignatureXAdES_T::unsignedSignatureProperties() const noexcept { - auto up = qualifyingProperties()/"UnsignedProperties"; - if(!up) - THROW("QualifyingProperties block 'UnsignedProperties' is missing."); - if(auto usp = up/"UnsignedSignatureProperties") - return usp; - THROW("UnsignedProperties block 'UnsignedSignatureProperties' is missing."); + return qualifyingProperties()/"UnsignedProperties"/"UnsignedSignatureProperties"; } TS SignatureXAdES_T::verifyTS(XMLNode timestamp, digidoc::Exception &exception, diff --git a/src/SignatureXAdES_T.h b/src/SignatureXAdES_T.h index ef7175f9d..fcff60bb9 100644 --- a/src/SignatureXAdES_T.h +++ b/src/SignatureXAdES_T.h @@ -43,7 +43,7 @@ class SignatureXAdES_T: public SignatureXAdES_B void extendSignatureProfile(Signer *signer) override; protected: - XMLNode unsignedSignatureProperties() const; + XMLNode unsignedSignatureProperties() const noexcept; TS TimeStamp() const; static TS verifyTS(XMLNode timestamp, Exception &exception,