From 1507d7cad732b8e315ede595f745674d7f38317d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 17 May 2019 12:56:57 +0200
Subject: add interface and empty basic implementation of
 SignatureCreationService

---
 .../moasig/impl/AbstractSignatureService.java      | 113 +++++++++++++++++++++
 1 file changed, 113 insertions(+)
 create mode 100644 eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java

(limited to 'eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java')

diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
new file mode 100644
index 00000000..fe99e328
--- /dev/null
+++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eid/authhandler/modules/sigverify/moasig/impl/AbstractSignatureService.java
@@ -0,0 +1,113 @@
+package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl;
+
+import java.security.Provider;
+import java.security.Security;
+
+import javax.annotation.PostConstruct;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.Configurator;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import iaik.asn1.structures.AlgorithmID;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
+
+public abstract class AbstractSignatureService {
+	private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class);
+	private static boolean isMOASigInitialized = false;
+	
+	
+	@PostConstruct
+	private synchronized void initialize() throws MOASigServiceConfigurationException {
+		
+		if (!isMOASigInitialized) {		
+			log.info("Initializing MOA-Sig signature-verification service ... ");
+			
+	        log.info("Loading Java security providers.");
+	        IAIK.addAsProvider();                
+	        ECCelerate.addAsProvider();
+			                
+	        try {
+	        	LoggingContextManager.getInstance().setLoggingContext(
+	                    new LoggingContext("startup"));
+	        	log.debug("MOA-Sig library initialization process ... ");
+	        	Configurator.getInstance().init();        	
+	        	log.info("MOA-Sig library initialization complete ");
+	        	                       
+	         } catch (final MOAException e) {
+	        	 log.error("MOA-SP initialization FAILED!", e.getWrapped()); 
+	             throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e
+	                      .toString() }, e);
+			}
+	        
+	        Security.insertProviderAt(IAIK.getInstance(), 0);
+	        
+	        final ECCelerate eccProvider = ECCelerate.getInstance();
+	        if (Security.getProvider(eccProvider.getName()) != null)
+	        	Security.removeProvider(eccProvider.getName());	        	
+	        Security.addProvider(new ECCelerate());
+	        
+	        fixJava8_141ProblemWithSSLAlgorithms();
+			
+	        if (log.isDebugEnabled()) {
+	        	log.debug("Loaded Security Provider:");
+	        	final Provider[] providerList = Security.getProviders();
+	        	for (int i=0; i<providerList.length; i++)
+	        		log.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());        		
+	        	
+	        }
+	        
+	        isMOASigInitialized = true;
+	        
+		} else
+			log.info("MOA-Sig is already initialized. Skipping this steps ... ");
+        
+        internalInitializer();
+        		
+	}
+	
+	/**
+	 * Executed in <code>@PostConstruct</code> as last step
+	 * 
+	 */
+	abstract protected void internalInitializer(); 
+	
+	/**
+	 * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because 
+	 * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe.
+	 * 
+	 * @return {@link Document}
+	 * @throws ParserConfigurationException
+	 */
+	protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException {
+		final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); 
+		return docBuilder.newDocument();
+		
+	}
+	
+    private static void fixJava8_141ProblemWithSSLAlgorithms() {
+    	log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+        //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", 
+        		new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", 
+        		new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", 
+        		new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", 
+        		new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", 
+        		new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+        
+        log.info("Change AlgorithmIDs finished");
+    }
+}
-- 
cgit v1.2.3