diff options
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv')
-rw-r--r-- | id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java | 37 |
1 files changed, 30 insertions, 7 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java index beb6cc1c6..dd606ea18 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java @@ -58,6 +58,7 @@ import java.util.List; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import iaik.pki.jsse.IAIKX509TrustManager; @@ -85,10 +86,15 @@ public class MOAIDTrustManager extends IAIKX509TrustManager { public MOAIDTrustManager(String acceptedServerCertificateStoreURL) throws IOException, GeneralSecurityException, SSLConfigurationException { - if (acceptedServerCertificateStoreURL != null) - buildAcceptedServerCertificates(acceptedServerCertificateStoreURL); - else - acceptedServerCertificates = null; + if (acceptedServerCertificateStoreURL != null && MiscUtil.isNotEmpty(acceptedServerCertificateStoreURL.trim())) { + Logger.info("Initialize SSL-TrustStore with explicit accepted server-certificates"); + buildAcceptedServerCertificates(acceptedServerCertificateStoreURL); + + } else { + Logger.info("Initialize SSL-TrustStore without explicit accepted server-certificates"); + acceptedServerCertificates = null; + + } } @@ -119,9 +125,26 @@ public class MOAIDTrustManager extends IAIKX509TrustManager { throws IOException, GeneralSecurityException, SSLConfigurationException { List<X509Certificate> certList = new ArrayList<X509Certificate>(); URL storeURL = new URL(acceptedServerCertificateStoreURL); + + //check URL to TrustStore + if (storeURL.getFile() == null) { + Logger.error("Can NOT initialize SSLTrustManager. TrustStore: " + acceptedServerCertificateStoreURL + + " is NOT found"); + throw new SSLConfigurationException("config.29", new Object[]{acceptedServerCertificateStoreURL, "File or Directory NOT found!"}); + + } File storeDir = new File(storeURL.getFile()); - // list certificate files in directory - File[] certFiles = storeDir.listFiles(); + + //check directory and files + if (storeDir == null || storeDir.listFiles() == null) { + Logger.error("Can NOT initialize SSLTrustManager. TrustStore: " + acceptedServerCertificateStoreURL + + " is NOT found"); + throw new SSLConfigurationException("config.29", new Object[]{acceptedServerCertificateStoreURL, "Files or Directory NOT found!"}); + + } + + // list certificate files in directory + File[] certFiles = storeDir.listFiles(); for (int i = 0; i < certFiles.length; i++) { // for each: create an X509Certificate and store it in list File certFile = certFiles[i]; @@ -148,7 +171,7 @@ public class MOAIDTrustManager extends IAIKX509TrustManager { } } - throw new SSLConfigurationException("", new Object[]{certFile.getPath(), e.getMessage()}, e); + throw new SSLConfigurationException("config.28", new Object[]{certFile.getPath(), e.getMessage()}, e); } finally { if (fis != null) |