git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1114 d688527b-c9ab-4aba-bd8d-4036d912da1d

4 files changed, 82 insertions, 8 deletions

diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 058ce5280..3ad7b761f 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -39,6 +39,7 @@ import org.w3c.dom.traversal.NodeIterator;
 
 import org.xml.sax.SAXException;
 
+import iaik.asn1.structures.Name;
 import iaik.ixsil.exceptions.URIException;
 import iaik.ixsil.util.URI;
 import iaik.pki.pathvalidation.ChainingModes;
@@ -149,6 +150,12 @@ public class ConfigurationPartsBuilder {
     + CONF + "CertificateValidation/"
     + CONF + "RevocationChecking/"
     + CONF + "DistributionPoint";
+  private static final String CRL_RETENTION_INTERVALS_CA_XPATH =
+     ROOT + CONF + "SignatureVerification/" 
+     + CONF + "CertificateValidation/"
+     + CONF + "RevocationChecking/"
+     + CONF + "CrlRetentionIntervals/"
+     + CONF + "CA";
   private static final String ENABLE_REVOCATION_CHECKING_XPATH_ = 
     ROOT + CONF + "SignatureVerification/" 
     + CONF + "CertificateValidation/"
@@ -1264,4 +1271,33 @@ public class ConfigurationPartsBuilder {
     return Boolean.valueOf(permitFileURIs).booleanValue();
   }
   
+  /**
+   * Returns a map of CRL retention intervals
+   * @return
+   */
+  public Map getCrlRetentionIntervals() {
+     Map map = new HashMap();
+     NodeIterator modIter = XPathUtils.selectNodeIterator(
+           getConfigElem(),
+           CRL_RETENTION_INTERVALS_CA_XPATH);
+
+     Element modElem;
+     while ((modElem = (Element) modIter.nextNode()) != null) {
+        String x509IssuerName = getElementValue(modElem, CONF + "X509IssuerName", null);
+        String i = getElementValue(modElem, CONF + "Interval", null);
+        Integer interval = new Integer(i);
+        try {
+           RFC2253NameParser parser = new RFC2253NameParser(x509IssuerName);
+           Name name = parser.parse();
+           map.put(name.getRFC2253String(), interval);
+        } catch (RFC2253NameParserException e) {
+           map.put(x509IssuerName, interval);
+        }
+
+        //System.out.println("Name: " + x509IssuerName + " - Interval: " + interval);
+     }
+
+     return map;
+  }
+  
 }
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 05bd43087..7b72e3cc5 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -15,6 +15,11 @@
 */
 package at.gv.egovernment.moa.spss.server.config;
 
+import iaik.asn1.structures.Name;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -24,22 +29,17 @@ import java.security.Principal;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collections;
+import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
 import org.w3c.dom.Element;
 
-import iaik.asn1.structures.Name;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-
 import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.DOMUtils;
 
 /**
  * A class providing access to the MOA configuration data.
@@ -227,6 +227,11 @@ public class ConfigurationProvider
   private boolean permitFileURIs;
   
   /**
+   * Indicates the CRL retention intervals
+   */
+  private Map crlRetentionIntervals;
+  
+  /**
    * Return the single instance of configuration data.
    * 
    * @return MOAConfigurationProvider The current configuration data.
@@ -306,6 +311,7 @@ public class ConfigurationProvider
     // build the internal datastructures
     try {
       builder = new ConfigurationPartsBuilder(configElem, configRoot);
+      
       digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName();
       canonicalizationAlgorithmName =
         builder.getCanonicalizationAlgorithmName();
@@ -339,6 +345,16 @@ public class ConfigurationProvider
       supplementProfiles = builder.buildSupplementProfiles();
       warnings = new ArrayList(builder.getWarnings());
       permitFileURIs = builder.getPermitFileURIs();
+      crlRetentionIntervals = builder.getCrlRetentionIntervals();
+      
+//      Set set = crlRetentionIntervals.entrySet();
+//      Iterator i = set.iterator();
+//      while(i.hasNext()){
+//        Map.Entry me = (Map.Entry)i.next();
+//        System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() );
+//      }
+
+      
     } catch (Throwable t) {
       throw new ConfigurationException("config.11", null, t);
     } finally {
@@ -714,4 +730,14 @@ public class ConfigurationProvider
   {
     return permitFileURIs; 
   }
+  
+  /**
+   * Returns the map of retention intervals
+   * @return The map of retention intervals
+   */
+  public Map getCrlRetentionIntervals() {
+     return crlRetentionIntervals;
+  }
+  
+ 
 }
\ No newline at end of file
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index 12c560855..4625ccf88 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -72,7 +72,7 @@ public class IaikConfigurator {
       
       // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat
       RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
-      rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
+      //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
       if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) {
         dumpKeyEntryIDs();
       }
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
index 74a268519..67eac5b55 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -19,6 +19,7 @@ import iaik.pki.revocation.RevocationConfiguration;
 
 import java.security.cert.X509Certificate;
 import java.util.Date;
+import java.util.Map;
 import java.util.Set;
 
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
@@ -65,4 +66,15 @@ public class RevocationConfigurationImpl
     return config.getEnableRevocationArchiving();
   }
 
+  /**
+   * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String)
+   */
+  public Integer getCrlRetentionInterval(String issuername) 
+  {
+     Map map = config.getCrlRetentionIntervals();
+     Integer interval = (Integer)map.get(issuername);
+   
+     return interval;
+}
+
 }