diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-11-27 12:18:38 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-11-27 12:18:38 +0100 |
commit | ee06b644dbedbe4869de6b926339581a5eefb430 (patch) | |
tree | 56bd1e55097d122c0ff0e9befcbe892605c05bc1 /id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons | |
parent | 5f2ad9d48b83d5979b1a147190f5177e3327744a (diff) | |
parent | cc09b52b5cb1c93543d8b4353dfc59b8192e79af (diff) | |
download | moa-id-spss-ee06b644dbedbe4869de6b926339581a5eefb430.tar.gz moa-id-spss-ee06b644dbedbe4869de6b926339581a5eefb430.tar.bz2 moa-id-spss-ee06b644dbedbe4869de6b926339581a5eefb430.zip |
Merge branch 'eIDAS_node_implementation' of gitlab.iaik.tugraz.at:egiz/moa-idspss into eIDAS_node_implementation
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons')
2 files changed, 131 insertions, 103 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java index 4e8c7dffd..32dd97148 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java @@ -1,103 +1,103 @@ -package at.gv.egovernment.moa.id.commons.config; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; - -import javax.xml.bind.JAXBException; - -import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; -import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; - -/** - * CLI tool which is able to perform the following tasks: - * <ul> - * <li>transform a MoaID 2 XML configuration XML file to a MoaID 3 property file - * </li> - * <li>read a property file and transfer it's content to a database</li> - * <li>write the content of a database to a property file</li> - * </ul> - */ -public class MigrateConfiguration { - - public static void main(String[] args) { - - MOAIDConfCLI cli = new MOAIDConfCLI(); - MigrateConfigurationParams parsedParameters = cli.parse(args); - - // consider settings of force switch - boolean isOverwriteData = parsedParameters.isOverwriteData(); - ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); - - if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { - // read input from file - workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); - - } else if (parsedParameters.getInputDBConfig() != null) { - // read input from database - workWithImputFromDB(parsedParameters, configUtil); - - } else { - System.exit(1); - } - } - - /** - * Handle the case where input from a file is read. - * - * @param inputFileUrl - * the url of the input file. - * @param parsedParameters - * the command line parameters. - * @param configUtil - * the class for working with the configuration. - */ - private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, - ConfigurationUtil configUtil) { - File inFile = new File(inputFileUrl); - try (FileInputStream inStream = new FileInputStream(inFile);) { - - if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { - // input from file and output to a file is desired - File outFile = new File(parsedParameters.getOutputFile()); - configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); - - } else if (parsedParameters.getOutputDBConfig() != null) { - // input from file and output to a database is desired - configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); - } - } catch (JAXBException e) { - System.out.println("MOA-ID XML configuration can not be loaded from given file."); - System.exit(1); - } catch (FileNotFoundException e) { - System.out.println("Could not find the input file."); - System.exit(1); - } catch (IOException e) { - System.out.println("Could not read from the input file."); - System.exit(1); - } - } - - /** - * Handle the case where input is read from a database. - * - * @param parsedParameters - * the command line parameters. - * @param configUtil - * the class for working with the configuration. - */ - private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { - if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { - // input from database and output to a file is desired - File outFile = new File(parsedParameters.getOutputFile()); - String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); - configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); - - } else if (parsedParameters.getOutputDBConfig() != null) { - // input from database and output to a database is desired - // configUtil.readFromDBWriteToDB(inDBConfigFilePath, - // outDBConfigFilePath); - } - } -}
\ No newline at end of file +//package at.gv.egovernment.moa.id.commons.config; +// +//import java.io.File; +//import java.io.FileInputStream; +//import java.io.FileNotFoundException; +//import java.io.IOException; +// +//import javax.xml.bind.JAXBException; +// +//import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; +//import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; +// +///** +// * CLI tool which is able to perform the following tasks: +// * <ul> +// * <li>transform a MoaID 2 XML configuration XML file to a MoaID 3 property file +// * </li> +// * <li>read a property file and transfer it's content to a database</li> +// * <li>write the content of a database to a property file</li> +// * </ul> +// */ +//public class MigrateConfiguration { +// +// public static void main(String[] args) { +// +// MOAIDConfCLI cli = new MOAIDConfCLI(); +// MigrateConfigurationParams parsedParameters = cli.parse(args); +// +// // consider settings of force switch +// boolean isOverwriteData = parsedParameters.isOverwriteData(); +// ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); +// +// if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { +// // read input from file +// workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); +// +// } else if (parsedParameters.getInputDBConfig() != null) { +// // read input from database +// workWithImputFromDB(parsedParameters, configUtil); +// +// } else { +// System.exit(1); +// } +// } +// +// /** +// * Handle the case where input from a file is read. +// * +// * @param inputFileUrl +// * the url of the input file. +// * @param parsedParameters +// * the command line parameters. +// * @param configUtil +// * the class for working with the configuration. +// */ +// private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, +// ConfigurationUtil configUtil) { +// File inFile = new File(inputFileUrl); +// try (FileInputStream inStream = new FileInputStream(inFile);) { +// +// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { +// // input from file and output to a file is desired +// File outFile = new File(parsedParameters.getOutputFile()); +// configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); +// +// } else if (parsedParameters.getOutputDBConfig() != null) { +// // input from file and output to a database is desired +// configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); +// } +// } catch (JAXBException e) { +// System.out.println("MOA-ID XML configuration can not be loaded from given file."); +// System.exit(1); +// } catch (FileNotFoundException e) { +// System.out.println("Could not find the input file."); +// System.exit(1); +// } catch (IOException e) { +// System.out.println("Could not read from the input file."); +// System.exit(1); +// } +// } +// +// /** +// * Handle the case where input is read from a database. +// * +// * @param parsedParameters +// * the command line parameters. +// * @param configUtil +// * the class for working with the configuration. +// */ +// private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { +// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { +// // input from database and output to a file is desired +// File outFile = new File(parsedParameters.getOutputFile()); +// String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); +// configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); +// +// } else if (parsedParameters.getOutputDBConfig() != null) { +// // input from database and output to a database is desired +// // configUtil.readFromDBWriteToDB(inDBConfigFilePath, +// // outDBConfigFilePath); +// } +// } +//}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java index 0479b1bc1..bdadf681d 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java @@ -34,6 +34,7 @@ import java.util.Arrays; import java.util.List; import javax.net.ssl.SSLException; +import javax.net.ssl.SSLParameters; import javax.net.ssl.SSLPeerUnverifiedException; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; @@ -50,6 +51,7 @@ import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moaspss.logging.Logger; import iaik.pki.PKIException; +import sun.security.ssl.ProtocolVersion; /** * @author tlenz @@ -188,6 +190,19 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory if (socket instanceof SSLSocket) { SSLSocket sslSocket = (SSLSocket)socket; +/*TODO +* Set allowed ProtocolVersions into SSLSocket to support TLSv1.1 and TLSv1.2 in JAVA 7 +* Therefore, we had do manually set the TLS1.2 protocol support into SSLParameters +* from SSL socket. Maybe, there is an additional validation required if TLSv1.2 is +* supported in principle by currently used JAVA version. +*/ +// SSLParameters test = ((SSLSocket) socket).getSSLParameters(); +// List<String> enabledProtocols = Arrays.asList(test.getProtocols()); +// if (enabledProtocols.contains(ProtocolVersion.TLS11.name)) { +// +// } +// sslSocket.setSSLParameters(test); + //verify Hostname verifyHostName(sslSocket); @@ -208,7 +223,14 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory */ private void verifyHostName(SSLSocket sslSocket) throws SSLException{ if (verifyHostName) { + SSLSession session = sslSocket.getSession(); + if ("SSL_NULL_WITH_NULL_NULL".equals(session.getCipherSuite())) { + Logger.warn("SSL connection can NOT established."); + throw new SSLException("SSL connection can NOT established."); + + } + String hostName = session.getPeerHost(); Certificate[] certs = null; @@ -254,6 +276,12 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory * @return {@link SSLSocket} with Ciphersuites */ private SSLSocket setEnabledSslCiphers(SSLSocket sslSocket) { + /*TODO: + * This implementation currently not work fine, because not all ciphers from + * 'https.cipherSuites' SystemProperty had to be supported by current JAVA version + * Add an validation step to check the allowed cipherSuites against the currently + * supported cipher suites and only add the matching set of ciphers + */ String systemProp = System.getProperty("https.cipherSuites"); if (MiscUtil.isNotEmpty(systemProp)) { try { |