diff options
Diffstat (limited to 'id.server/src')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java index 276f126c6..bd64b5a42 100644 --- a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -7,8 +7,11 @@ import iaik.pki.PKIProfile; import iaik.pki.jsse.IAIKX509TrustManager; import java.io.BufferedInputStream; +import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.Reader; import java.net.URL; import java.security.GeneralSecurityException; import java.security.Security; @@ -17,6 +20,8 @@ import java.util.Map; import javax.net.ssl.SSLSocketFactory; +import org.apache.regexp.RE; + import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; @@ -24,8 +29,6 @@ import at.gv.egovernment.moa.id.iaik.config.PKIConfigurationImpl; import at.gv.egovernment.moa.id.iaik.pki.PKIProfileImpl; import at.gv.egovernment.moa.id.iaik.pki.jsse.MOAIDTrustManager; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StreamUtils; - import com.sun.net.ssl.HttpsURLConnection; import com.sun.net.ssl.KeyManager; import com.sun.net.ssl.SSLContext; @@ -119,7 +122,6 @@ public class SSLUtils { String boolString = conf.getGenericConfigurationParameter(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING); //not using BoolUtils because default value hast to be true! boolean checkRevocation = !("false".equals(boolString) || "0".equals(boolString)); - //TODO MOA-ID verify SSL Revocation handling PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation); // This call fixes a bug occuring when PKIConfiguration is // initialized by the MOA-SP initialization code, in case @@ -134,13 +136,13 @@ public class SSLUtils { * securing the connection by IAIKX509TrustManager. * @param connParam containing URL and accepted server certificates * @param conf ConfigurationProvider for reading - * @return file content + * @return String representation of content * @throws ConfigurationException on invalid configuration data * @throws PKIException on invalid configuration data * @throws IOException on data-reading problems * @throws GeneralSecurityException on security issues */ - public static byte[] readHttpsURL(ConfigurationProvider conf, ConnectionParameter connParam) + public static String readHttpsURL(ConfigurationProvider conf, ConnectionParameter connParam) throws ConfigurationException, PKIException, IOException, GeneralSecurityException { URL url = new URL(connParam.getUrl()); @@ -150,11 +152,24 @@ public class SSLUtils { SSLSocketFactory sslSocketFactory = getSSLSocketFactory(conf, connParam); conn.setSSLSocketFactory(sslSocketFactory); conn.connect(); - InputStream in = new BufferedInputStream(conn.getInputStream()); - byte[] content = StreamUtils.readStream(in); + String contentType = conn.getContentType(); + RE regExp = new RE("(;.*charset=)(\"*)(.*[^\"])"); + boolean charsetSupplied = regExp.match(contentType); + String encoding = "ISO-8859-1"; //default HTTP encoding + if (charsetSupplied) { + encoding = regExp.getParen(3); + } + //TODO RS TEST if this works on other platforms + InputStream instream = new BufferedInputStream(conn.getInputStream()); + InputStreamReader isr = new InputStreamReader(instream, encoding); + Reader in = new BufferedReader(isr); + int ch; + StringBuffer buffer = new StringBuffer(); + while ((ch = in.read()) > -1) { + buffer.append((char)ch); + } in.close(); conn.disconnect(); - return content; + return buffer.toString(); } - } |