diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-05-16 09:29:09 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-05-16 09:29:09 +0200 |
| commit | c61850c5607d066a3c322794c1220f26b31103a0 (patch) | |
| tree | 8e91dbb441f5af6879c4314b38159b7ed9b4add4 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java | |
| parent | 44bce0049b598604cc1a30f419e936c6b5fc59cf (diff) | |
| download | moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.tar.gz moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.tar.bz2 moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.zip | |
add initial version of Security-Layer 2.0 Authentication module
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index cd700c74a..611dff3b1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -89,6 +89,43 @@ public class SSLUtils { } + public static SSLSocketFactory getSSLSocketFactory( + ConfigurationProvider conf, String url ) + throws IOException, GeneralSecurityException, ConfigurationException, PKIException { + + // else create new SSLSocketFactory + String trustStoreURL = conf.getTrustedCACertificates(); + + if (trustStoreURL == null) + throw new ConfigurationException( + "config.08", new Object[] {"TrustedCACertificates"}); + + String acceptedServerCertURL = ""; + + //INFO: MOA-ID 2.x always use defaultChainingMode + + try { + SSLSocketFactory ssf = at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory( + url, + null, + trustStoreURL, + acceptedServerCertURL, + AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), + AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(), + null, + null, + "pkcs12"); + + return ssf; + + } catch (SSLConfigurationException e) { + throw new ConfigurationException(e.getErrorID(), e.getParameters(), e.getE()); + + } + } + + /** * Creates an <code>SSLSocketFactory</code> which utilizes an * <code>IAIKX509TrustManager</code> for the given trust store, |