package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; import java.io.IOException; import java.io.InputStream; import java.security.Provider; import java.security.Security; import java.util.Iterator; import java.util.Map.Entry; import javax.annotation.PostConstruct; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceConfigurationException; import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import at.gv.egovernment.moaspss.util.DOMUtils; import iaik.asn1.structures.AlgorithmID; import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; import lombok.Getter; public class MoaSigInitializer { private static final Logger log = LoggerFactory.getLogger(MoaSigInitializer.class); @Autowired(required = false) ISchemaRessourceProvider[] schemas; /** * Get MOA-Sig configuration object. */ @Getter private StartupConfigurationHolder configHolder; @PostConstruct private synchronized void initialize() throws MoaSigServiceConfigurationException { log.info("Initializing MOA-Sig signature-verification service ... "); log.info("Loading Java security providers."); IAIK.addAsProvider(); ECCelerate.addAsProvider(); try { LoggingContextManager.getInstance().setLoggingContext(new LoggingContext("startup")); log.debug("MOA-Sig library initialization process ... "); configHolder = SystemInitializer.init(); log.info("MOA-Sig library initialization complete "); fixJava8_141ProblemWithSslAlgorithms(); if (log.isDebugEnabled()) { log.debug("Loaded Security Provider:"); final Provider[] providerList = Security.getProviders(); for (int i = 0; i < providerList.length; i++) { log.debug("{}: {} Version {}", i, providerList[i].getName(), providerList[i].getVersion()); } } // Inject additional XML schemes if (schemas != null && schemas.length > 0) { log.debug("Infjecting additional XML schemes ... "); for (final ISchemaRessourceProvider el : schemas) { final Iterator> xmlSchemeIt = el.getSchemas().entrySet().iterator(); while (xmlSchemeIt.hasNext()) { final Entry xmlDef = xmlSchemeIt.next(); try { DOMUtils.addSchemaToPool(xmlDef.getValue(), xmlDef.getKey()); log.info("Inject XML scheme: {}", xmlDef.getKey()); } catch (final IOException e) { log.warn("Can NOT inject XML scheme: " + xmlDef.getKey(), e); } } } } } catch (final RuntimeException e) { log.error("MOA-SP initialization FAILED!", e); throw new MoaSigServiceConfigurationException("service.moasig.04", new Object[] { e.toString() }, e); } } private static void fixJava8_141ProblemWithSslAlgorithms() { log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] // { "MD5withRSA", // "MD5/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", new String[] { "SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); log.info("Change AlgorithmIDs finished"); } }