package at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl; import java.security.Provider; import java.security.Security; import javax.annotation.PostConstruct; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Document; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceConfigurationException; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.Configurator; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import iaik.asn1.structures.AlgorithmID; import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; public abstract class AbstractSignatureService { private static final Logger log = LoggerFactory.getLogger(AbstractSignatureService.class); private static boolean isMOASigInitialized = false; @PostConstruct private synchronized void initialize() throws MOASigServiceConfigurationException { if (!isMOASigInitialized) { log.info("Initializing MOA-Sig signature-verification service ... "); log.info("Loading Java security providers."); IAIK.addAsProvider(); ECCelerate.addAsProvider(); try { LoggingContextManager.getInstance().setLoggingContext( new LoggingContext("startup")); log.debug("MOA-Sig library initialization process ... "); Configurator.getInstance().init(); log.info("MOA-Sig library initialization complete "); } catch (final MOAException e) { log.error("MOA-SP initialization FAILED!", e.getWrapped()); throw new MOASigServiceConfigurationException("service.moasig.04", new Object[] { e .toString() }, e); } Security.insertProviderAt(IAIK.getInstance(), 0); final ECCelerate eccProvider = ECCelerate.getInstance(); if (Security.getProvider(eccProvider.getName()) != null) Security.removeProvider(eccProvider.getName()); Security.addProvider(new ECCelerate()); fixJava8_141ProblemWithSSLAlgorithms(); if (log.isDebugEnabled()) { log.debug("Loaded Security Provider:"); final Provider[] providerList = Security.getProviders(); for (int i=0; i@PostConstruct as last step * */ abstract protected void internalInitializer(); /** * Get a new {@link Document} from {@link DocumentBuilder} in synchronized form, because * {@link DocumentBuilderFactory} and {@link DocumentBuilder} are not thread-safe. * * @return {@link Document} * @throws ParserConfigurationException */ protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException { final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); return docBuilder.newDocument(); } private static void fixJava8_141ProblemWithSSLAlgorithms() { log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); log.info("Change AlgorithmIDs finished"); } }