diff options
author | Thomas <> | 2021-09-20 17:35:53 +0200 |
---|---|---|
committer | Thomas <> | 2021-09-20 17:35:53 +0200 |
commit | 6aca2453946bcc526e203ebded9ef437ffc7c53a (patch) | |
tree | 05900bea8fb11fd23ff7d0e4c57e39701cad5ca4 | |
parent | a90e8da7e616818a938281d02246a8ed3a03921c (diff) | |
download | EAAF-Components-6aca2453946bcc526e203ebded9ef437ffc7c53a.tar.gz EAAF-Components-6aca2453946bcc526e203ebded9ef437ffc7c53a.tar.bz2 EAAF-Components-6aca2453946bcc526e203ebded9ef437ffc7c53a.zip |
switch to HSM-Facade 0.7.2 and add optional configuration property for gRPC deadline, see https://grpc.io/blog/deadlines/
4 files changed, 53 insertions, 7 deletions
diff --git a/eaaf_core_utils/pom.xml b/eaaf_core_utils/pom.xml index d43a5b5b..702f3cfa 100644 --- a/eaaf_core_utils/pom.xml +++ b/eaaf_core_utils/pom.xml @@ -39,7 +39,7 @@ <dependency> <groupId>at.gv.egiz.eaaf</groupId> <artifactId>eaaf_core_api</artifactId> - </dependency> + </dependency> <dependency> <groupId>at.asitplus.hsmfacade</groupId> diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java index 40a74faa..623e9d2c 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java @@ -52,6 +52,7 @@ public class EaafKeyStoreFactory { public static final String CONFIG_PROP_HSM_FACADE_SSLTRUST = "security.hsmfacade.trustedsslcert"; public static final String CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME = "security.hsmfacade.username"; public static final String CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD = "security.hsmfacade.password"; + public static final String CONFIG_PROP_HSM_FACADE_GRPC_DEADLINE = "security.hsmfacade.grpc.deadline"; public static final String ERRORCODE_00 = "internal.keystore.00"; public static final String ERRORCODE_01 = "internal.keystore.01"; @@ -77,7 +78,8 @@ public class EaafKeyStoreFactory { = "Has HSM-Facade class supported '{}' method: {}"; private static final String HSM_FACADE_PROVIDER = "HsmFacade"; private static final String HSM_FACADE_KEYSTORE_TYPE = "RemoteKeyStore"; - + private static final String HSM_FACADE_DEFAULT_DEADLINE = "30"; + public enum HsmFacadeStatus { UP, DOWN, UNKNOWN } @Autowired @@ -272,18 +274,21 @@ public class EaafKeyStoreFactory { final String clientUsername = getConfigurationParameter(CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME); final String clientPassword = - getConfigurationParameter(CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD); - + getConfigurationParameter(CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD); + final long grpcDeadline = getConfigurationParameterLong(CONFIG_PROP_HSM_FACADE_GRPC_DEADLINE, + HSM_FACADE_DEFAULT_DEADLINE); + + //initialize HSM-Facade by using JAVA Reflection, because in that case HSM-Facade //has not be in ClassPath on every project final Method constructor = hsmProviderClazz.getMethod(HSM_FACADE_PROVIDER_METHOD_CONSTRUCT, new Class[]{}); final Method initMethod = hsmProviderClazz.getMethod(HSM_FACADE_PROVIDER_METHOD_INIT, - X509Certificate.class, String.class, String.class, String.class, int.class); + X509Certificate.class, String.class, String.class, String.class, int.class, long.class); if (initMethod != null && constructor != null) { final Object rawProvider = constructor.invoke(hsmProviderClazz); initMethod.invoke( rawProvider, getHsmFacadeTrustSslCertificate(), - clientUsername, clientPassword, hsmFacadeHost, port); + clientUsername, clientPassword, hsmFacadeHost, port, grpcDeadline); if (rawProvider instanceof Provider) { Security.addProvider((Provider) rawProvider); @@ -513,6 +518,19 @@ public class EaafKeyStoreFactory { } @Nonnull + private Long getConfigurationParameterLong(@Nonnull String configParamKey, String defaultValue) + throws EaafConfigurationException { + try { + return Long.valueOf(basicConfig.getBasicConfiguration(configParamKey, defaultValue)); + + } catch (NumberFormatException e) { + throw new EaafConfigurationException(ERRORCODE_05, new Object[] { configParamKey, e.getMessage()}); + + } + + } + + @Nonnull private String getConfigurationParameter(@Nonnull String configParamKey) throws EaafConfigurationException { return checkConfigurationParameter( diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java index 40825b0b..3e82c510 100644 --- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java @@ -595,6 +595,32 @@ public class EaafKeyStoreFactoryTest { } } + @Test + @DirtiesContext(methodMode = MethodMode.BEFORE_METHOD) + public void hsmFacadeWrongGrpcDeadlineParameter() { + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, + RandomStringUtils.randomNumeric(10)); + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, + RandomStringUtils.randomNumeric(4)); + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, + RandomStringUtils.randomNumeric(10)); + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, + RandomStringUtils.randomAlphanumeric(10)); + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, + "src/test/resources/spring/test_eaaf_pvp_lazy.beans.xml"); + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_GRPC_DEADLINE, + RandomStringUtils.randomAlphabetic(5)); + + try { + context.getBean(EaafKeyStoreFactory.class); + Assert.fail("Missing HSM Facade not detected"); + + } catch (final BeansException e) { + checkMissingConfigException(e, "internal.keystore.05"); + + } + } + @Ignore @Test @DirtiesContext(methodMode = MethodMode.BEFORE_METHOD) @@ -609,6 +635,8 @@ public class EaafKeyStoreFactoryTest { RandomStringUtils.randomAlphanumeric(10)); mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, PATH_TO_HSM_FACADE_TRUST_CERT); + mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_GRPC_DEADLINE, + RandomStringUtils.randomNumeric(2)); final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class); Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized()); @@ -43,7 +43,7 @@ <iaik.prod.iaik_xades.version>2.13_moa</iaik.prod.iaik_xades.version> <iaik.prod.iaik_xsect.version>2.14_moa</iaik.prod.iaik_xsect.version> - <hsm-facade-provider.version>0.7.0</hsm-facade-provider.version> + <hsm-facade-provider.version>0.7.2</hsm-facade-provider.version> <io.grpc-core.version>1.39.0</io.grpc-core.version> <!-- Other third-party libs --> |