aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-05-16 09:29:09 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-05-16 09:29:09 +0200
commitc61850c5607d066a3c322794c1220f26b31103a0 (patch)
tree8e91dbb441f5af6879c4314b38159b7ed9b4add4 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
parent44bce0049b598604cc1a30f419e936c6b5fc59cf (diff)
downloadmoa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.tar.gz
moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.tar.bz2
moa-id-spss-c61850c5607d066a3c322794c1220f26b31103a0.zip
add initial version of Security-Layer 2.0 Authentication module
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java37
1 files changed, 37 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
index cd700c74a..611dff3b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
@@ -89,6 +89,43 @@ public class SSLUtils {
}
+ public static SSLSocketFactory getSSLSocketFactory(
+ ConfigurationProvider conf, String url )
+ throws IOException, GeneralSecurityException, ConfigurationException, PKIException {
+
+ // else create new SSLSocketFactory
+ String trustStoreURL = conf.getTrustedCACertificates();
+
+ if (trustStoreURL == null)
+ throw new ConfigurationException(
+ "config.08", new Object[] {"TrustedCACertificates"});
+
+ String acceptedServerCertURL = "";
+
+ //INFO: MOA-ID 2.x always use defaultChainingMode
+
+ try {
+ SSLSocketFactory ssf = at.gv.egovernment.moa.id.commons.utils.ssl.SSLUtils.getSSLSocketFactory(
+ url,
+ null,
+ trustStoreURL,
+ acceptedServerCertURL,
+ AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(),
+ AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(),
+ AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(),
+ null,
+ null,
+ "pkcs12");
+
+ return ssf;
+
+ } catch (SSLConfigurationException e) {
+ throw new ConfigurationException(e.getErrorID(), e.getParameters(), e.getE());
+
+ }
+ }
+
+
/**
* Creates an <code>SSLSocketFactory</code> which utilizes an
* <code>IAIKX509TrustManager</code> for the given trust store,