aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2017-07-25 16:12:28 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2017-07-25 16:12:28 +0200
commit122de0a09f42fcc7e2fa0a429df5da37820fd730 (patch)
tree75d1ab9874d1d5ead93d5700ff617fbe49c36274 /id
parent040e51d335d3af127c3894bd5558a484ddd9b9ea (diff)
downloadmoa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.tar.gz
moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.tar.bz2
moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.zip
workAround to solve problem with IAIK-JCE and SSL algorithm parameter validation
Diffstat (limited to 'id')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java20
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java22
2 files changed, 42 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index 05ce3344b..c5ae5065f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -63,6 +63,7 @@ import at.gv.egovernment.moa.id.configuration.config.usermanagement.FileBasedUse
import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.asn1.structures.AlgorithmID;
import iaik.x509.X509Certificate;
@@ -150,6 +151,8 @@ public class ConfigurationProvider {
UserRequestCleaner.start();
+ fixJava8_141ProblemWithSSLAlgorithms();
+
log.info("MOA-ID-Configuration initialization completed");
@@ -168,6 +171,23 @@ public class ConfigurationProvider {
}
+ private static void fixJava8_141ProblemWithSSLAlgorithms() {
+ log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+ //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
+ new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
+ new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
+ new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
+ new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
+ new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+
+ log.info("Change AlgorithmIDs finished");
+ }
+
@Autowired(required = true)
public void setMOAIDConfigurationModul(MOAIDConfigurationModul module) {
this.configModule = module;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 5769d99df..65ea2fd90 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -44,6 +44,7 @@ import at.gv.egovernment.moa.spss.api.Configurator;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import iaik.asn1.structures.AlgorithmID;
import iaik.pki.PKIException;
import iaik.security.ec.provider.ECCelerate;
import iaik.security.provider.IAIK;
@@ -160,6 +161,8 @@ public class MOAIDAuthInitializer {
Security.addProvider(new ECCelerate());
+ fixJava8_141ProblemWithSSLAlgorithms();
+
if (Logger.isDebugEnabled()) {
Logger.debug("Loaded Security Provider:");
Provider[] providerList = Security.getProviders();
@@ -167,5 +170,24 @@ public class MOAIDAuthInitializer {
Logger.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());
}
+
}
+
+ private static void fixJava8_141ProblemWithSSLAlgorithms() {
+ Logger.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+ //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
+ new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
+ new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
+ new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
+ new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
+ new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+
+ Logger.info("Change AlgorithmIDs finished");
+ }
+
}