refactor some more parts of SSL TrustManager

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-07-01 09:21:13 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-07-01 09:21:13 +0200
commit: 9ea8151676f2c49ef25f4604876a43ac5fd6c045 (patch)
tree: 2ae1557409ec3e5baa6b3cd2f3f688403159b778
parent: 1d9f9528cba4b85c852aebdffd8699df5f22b302 (diff)
download: moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.tar.gz
moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.tar.bz2
moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.zip
3 files changed, 40 insertions, 5 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
index 891d01e09..caf7f570f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
@@ -54,7 +54,6 @@ import java.io.InputStreamReader;
 import java.io.Reader;
 import java.net.URL;
 import java.security.GeneralSecurityException;
-import java.security.Security;
 
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLSocketFactory;
@@ -69,7 +68,6 @@ import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import iaik.pki.PKIException;
-import iaik.security.provider.IAIK;
 
 
 /**
@@ -85,7 +83,7 @@ public class SSLUtils {
   public static void initialize() {
     // JSSE Abhängigkeit
     //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
-    Security.addProvider(new IAIK());
+    //Security.addProvider(new IAIK());
     //System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
     
     
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
index bcd38c638..e0304f928 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
@@ -59,6 +59,12 @@ import java.util.List;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moaspss.logging.LoggingContext;
 import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import iaik.logging.TransactionId;
+import iaik.logging.impl.TransactionIdImpl;
+import iaik.pki.PKIConfiguration;
+import iaik.pki.PKIException;
+import iaik.pki.PKIFactory;
+import iaik.pki.PKIProfile;
 import iaik.pki.jsse.IAIKX509TrustManager;
 
 /**
@@ -160,4 +166,36 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
   {
     return true;
   }
+  
+  public void init(PKIConfiguration pkiConfig, PKIProfile pkiProfile) throws PKIException  {
+	  if (pkiProfile == null) {
+		  throw new NullPointerException("pkiConfig parameter must not be null");
+		  
+	  }
+	  
+	  TransactionId tid = new TransactionIdImpl("Init");
+	  log_.info(tid, "Setting up IAIKX509TrustManager", null);
+	  if (pkiConfig != null) {
+		  PKIFactory.getInstance().configure(pkiConfig, tid);
+//		  log_.info(tid, "Registering LDAP protocol handler", null);
+//		  String protocolHandlers = 
+//				  System.getProperty("java.protocol.handler.pkgs");
+//		  if (protocolHandlers == null) {
+//			  protocolHandlers = "iaik.pki";
+//			  
+//		  } else {
+//			  protocolHandlers = protocolHandlers + "|iaik.pki";
+//			  
+//		  }
+//      
+//		  System.setProperty("java.protocol.handler.pkgs", protocolHandlers);
+//		  log_.info(tid, "Registered protocol handlers: " + protocolHandlers, null);
+
+	  }
+	  
+	  pkiProfile_ = pkiProfile;
+	  pkiFactory_ = PKIFactory.getInstance();
+	  initialized_ = true;
+  }
+  
 }
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
index 503e0bfc4..6fa4595d8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
@@ -65,7 +65,6 @@ import iaik.pki.PKIConfiguration;
 import iaik.pki.PKIException;
 import iaik.pki.PKIFactory;
 import iaik.pki.PKIProfile;
-import iaik.pki.jsse.IAIKX509TrustManager;
 //import iaik.pki.jsse.IAIKX509TrustManager;
 import iaik.security.provider.IAIK;
 
@@ -243,7 +242,7 @@ public class SSLUtils {
     // initialized by the MOA-SP initialization code, in case
     // MOA-SP is called by API
     MOAIDTrustManager.initializeLoggingContext();    
-    IAIKX509TrustManager tm = new MOAIDTrustManager(acceptedServerCertURL);
+    MOAIDTrustManager tm = new MOAIDTrustManager(acceptedServerCertURL);
     tm.init(cfg, profile);
     return new TrustManager[] {tm};
   }
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-07-01 09:21:13 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-07-01 09:21:13 +0200
commit	9ea8151676f2c49ef25f4604876a43ac5fd6c045 (patch)
tree	2ae1557409ec3e5baa6b3cd2f3f688403159b778
parent	1d9f9528cba4b85c852aebdffd8699df5f22b302 (diff)
download	moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.tar.gz moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.tar.bz2 moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.zip