aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-07-01 09:21:13 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-07-01 09:21:13 +0200
commit9ea8151676f2c49ef25f4604876a43ac5fd6c045 (patch)
tree2ae1557409ec3e5baa6b3cd2f3f688403159b778 /id/server
parent1d9f9528cba4b85c852aebdffd8699df5f22b302 (diff)
downloadmoa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.tar.gz
moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.tar.bz2
moa-id-spss-9ea8151676f2c49ef25f4604876a43ac5fd6c045.zip
refactor some more parts of SSL TrustManager
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java4
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java38
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java3
3 files changed, 40 insertions, 5 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
index 891d01e09..caf7f570f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
@@ -54,7 +54,6 @@ import java.io.InputStreamReader;
import java.io.Reader;
import java.net.URL;
import java.security.GeneralSecurityException;
-import java.security.Security;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
@@ -69,7 +68,6 @@ import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import iaik.pki.PKIException;
-import iaik.security.provider.IAIK;
/**
@@ -85,7 +83,7 @@ public class SSLUtils {
public static void initialize() {
// JSSE Abhängigkeit
//Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- Security.addProvider(new IAIK());
+ //Security.addProvider(new IAIK());
//System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
index bcd38c638..e0304f928 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
@@ -59,6 +59,12 @@ import java.util.List;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import iaik.logging.TransactionId;
+import iaik.logging.impl.TransactionIdImpl;
+import iaik.pki.PKIConfiguration;
+import iaik.pki.PKIException;
+import iaik.pki.PKIFactory;
+import iaik.pki.PKIProfile;
import iaik.pki.jsse.IAIKX509TrustManager;
/**
@@ -160,4 +166,36 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
{
return true;
}
+
+ public void init(PKIConfiguration pkiConfig, PKIProfile pkiProfile) throws PKIException {
+ if (pkiProfile == null) {
+ throw new NullPointerException("pkiConfig parameter must not be null");
+
+ }
+
+ TransactionId tid = new TransactionIdImpl("Init");
+ log_.info(tid, "Setting up IAIKX509TrustManager", null);
+ if (pkiConfig != null) {
+ PKIFactory.getInstance().configure(pkiConfig, tid);
+// log_.info(tid, "Registering LDAP protocol handler", null);
+// String protocolHandlers =
+// System.getProperty("java.protocol.handler.pkgs");
+// if (protocolHandlers == null) {
+// protocolHandlers = "iaik.pki";
+//
+// } else {
+// protocolHandlers = protocolHandlers + "|iaik.pki";
+//
+// }
+//
+// System.setProperty("java.protocol.handler.pkgs", protocolHandlers);
+// log_.info(tid, "Registered protocol handlers: " + protocolHandlers, null);
+
+ }
+
+ pkiProfile_ = pkiProfile;
+ pkiFactory_ = PKIFactory.getInstance();
+ initialized_ = true;
+ }
+
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
index 503e0bfc4..6fa4595d8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java
@@ -65,7 +65,6 @@ import iaik.pki.PKIConfiguration;
import iaik.pki.PKIException;
import iaik.pki.PKIFactory;
import iaik.pki.PKIProfile;
-import iaik.pki.jsse.IAIKX509TrustManager;
//import iaik.pki.jsse.IAIKX509TrustManager;
import iaik.security.provider.IAIK;
@@ -243,7 +242,7 @@ public class SSLUtils {
// initialized by the MOA-SP initialization code, in case
// MOA-SP is called by API
MOAIDTrustManager.initializeLoggingContext();
- IAIKX509TrustManager tm = new MOAIDTrustManager(acceptedServerCertURL);
+ MOAIDTrustManager tm = new MOAIDTrustManager(acceptedServerCertURL);
tm.init(cfg, profile);
return new TrustManager[] {tm};
}