aboutsummaryrefslogtreecommitdiff
path: root/id/server/moa-id-commons
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/moa-id-commons')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java206
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java28
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java68
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java54
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java102
-rw-r--r--id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java20
6 files changed, 202 insertions, 276 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java
index 4e8c7dffd..32dd97148 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java
@@ -1,103 +1,103 @@
-package at.gv.egovernment.moa.id.commons.config;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-
-import javax.xml.bind.JAXBException;
-
-import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI;
-import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams;
-
-/**
- * CLI tool which is able to perform the following tasks:
- * <ul>
- * <li>transform a MoaID 2 XML configuration XML file to a MoaID 3 property file
- * </li>
- * <li>read a property file and transfer it's content to a database</li>
- * <li>write the content of a database to a property file</li>
- * </ul>
- */
-public class MigrateConfiguration {
-
- public static void main(String[] args) {
-
- MOAIDConfCLI cli = new MOAIDConfCLI();
- MigrateConfigurationParams parsedParameters = cli.parse(args);
-
- // consider settings of force switch
- boolean isOverwriteData = parsedParameters.isOverwriteData();
- ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData);
-
- if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) {
- // read input from file
- workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil);
-
- } else if (parsedParameters.getInputDBConfig() != null) {
- // read input from database
- workWithImputFromDB(parsedParameters, configUtil);
-
- } else {
- System.exit(1);
- }
- }
-
- /**
- * Handle the case where input from a file is read.
- *
- * @param inputFileUrl
- * the url of the input file.
- * @param parsedParameters
- * the command line parameters.
- * @param configUtil
- * the class for working with the configuration.
- */
- private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters,
- ConfigurationUtil configUtil) {
- File inFile = new File(inputFileUrl);
- try (FileInputStream inStream = new FileInputStream(inFile);) {
-
- if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) {
- // input from file and output to a file is desired
- File outFile = new File(parsedParameters.getOutputFile());
- configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile);
-
- } else if (parsedParameters.getOutputDBConfig() != null) {
- // input from file and output to a database is desired
- configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig());
- }
- } catch (JAXBException e) {
- System.out.println("MOA-ID XML configuration can not be loaded from given file.");
- System.exit(1);
- } catch (FileNotFoundException e) {
- System.out.println("Could not find the input file.");
- System.exit(1);
- } catch (IOException e) {
- System.out.println("Could not read from the input file.");
- System.exit(1);
- }
- }
-
- /**
- * Handle the case where input is read from a database.
- *
- * @param parsedParameters
- * the command line parameters.
- * @param configUtil
- * the class for working with the configuration.
- */
- private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) {
- if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) {
- // input from database and output to a file is desired
- File outFile = new File(parsedParameters.getOutputFile());
- String inputDBConfigFilePath = parsedParameters.getInputDBConfig();
- configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile);
-
- } else if (parsedParameters.getOutputDBConfig() != null) {
- // input from database and output to a database is desired
- // configUtil.readFromDBWriteToDB(inDBConfigFilePath,
- // outDBConfigFilePath);
- }
- }
-} \ No newline at end of file
+//package at.gv.egovernment.moa.id.commons.config;
+//
+//import java.io.File;
+//import java.io.FileInputStream;
+//import java.io.FileNotFoundException;
+//import java.io.IOException;
+//
+//import javax.xml.bind.JAXBException;
+//
+//import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI;
+//import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams;
+//
+///**
+// * CLI tool which is able to perform the following tasks:
+// * <ul>
+// * <li>transform a MoaID 2 XML configuration XML file to a MoaID 3 property file
+// * </li>
+// * <li>read a property file and transfer it's content to a database</li>
+// * <li>write the content of a database to a property file</li>
+// * </ul>
+// */
+//public class MigrateConfiguration {
+//
+// public static void main(String[] args) {
+//
+// MOAIDConfCLI cli = new MOAIDConfCLI();
+// MigrateConfigurationParams parsedParameters = cli.parse(args);
+//
+// // consider settings of force switch
+// boolean isOverwriteData = parsedParameters.isOverwriteData();
+// ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData);
+//
+// if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) {
+// // read input from file
+// workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil);
+//
+// } else if (parsedParameters.getInputDBConfig() != null) {
+// // read input from database
+// workWithImputFromDB(parsedParameters, configUtil);
+//
+// } else {
+// System.exit(1);
+// }
+// }
+//
+// /**
+// * Handle the case where input from a file is read.
+// *
+// * @param inputFileUrl
+// * the url of the input file.
+// * @param parsedParameters
+// * the command line parameters.
+// * @param configUtil
+// * the class for working with the configuration.
+// */
+// private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters,
+// ConfigurationUtil configUtil) {
+// File inFile = new File(inputFileUrl);
+// try (FileInputStream inStream = new FileInputStream(inFile);) {
+//
+// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) {
+// // input from file and output to a file is desired
+// File outFile = new File(parsedParameters.getOutputFile());
+// configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile);
+//
+// } else if (parsedParameters.getOutputDBConfig() != null) {
+// // input from file and output to a database is desired
+// configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig());
+// }
+// } catch (JAXBException e) {
+// System.out.println("MOA-ID XML configuration can not be loaded from given file.");
+// System.exit(1);
+// } catch (FileNotFoundException e) {
+// System.out.println("Could not find the input file.");
+// System.exit(1);
+// } catch (IOException e) {
+// System.out.println("Could not read from the input file.");
+// System.exit(1);
+// }
+// }
+//
+// /**
+// * Handle the case where input is read from a database.
+// *
+// * @param parsedParameters
+// * the command line parameters.
+// * @param configUtil
+// * the class for working with the configuration.
+// */
+// private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) {
+// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) {
+// // input from database and output to a file is desired
+// File outFile = new File(parsedParameters.getOutputFile());
+// String inputDBConfigFilePath = parsedParameters.getInputDBConfig();
+// configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile);
+//
+// } else if (parsedParameters.getOutputDBConfig() != null) {
+// // input from database and output to a database is desired
+// // configUtil.readFromDBWriteToDB(inDBConfigFilePath,
+// // outDBConfigFilePath);
+// }
+// }
+//} \ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java
index 0479b1bc1..bdadf681d 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAHttpProtocolSocketFactory.java
@@ -34,6 +34,7 @@ import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
@@ -50,6 +51,7 @@ import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.Logger;
import iaik.pki.PKIException;
+import sun.security.ssl.ProtocolVersion;
/**
* @author tlenz
@@ -188,6 +190,19 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory
if (socket instanceof SSLSocket) {
SSLSocket sslSocket = (SSLSocket)socket;
+/*TODO
+* Set allowed ProtocolVersions into SSLSocket to support TLSv1.1 and TLSv1.2 in JAVA 7
+* Therefore, we had do manually set the TLS1.2 protocol support into SSLParameters
+* from SSL socket. Maybe, there is an additional validation required if TLSv1.2 is
+* supported in principle by currently used JAVA version.
+*/
+// SSLParameters test = ((SSLSocket) socket).getSSLParameters();
+// List<String> enabledProtocols = Arrays.asList(test.getProtocols());
+// if (enabledProtocols.contains(ProtocolVersion.TLS11.name)) {
+//
+// }
+// sslSocket.setSSLParameters(test);
+
//verify Hostname
verifyHostName(sslSocket);
@@ -208,7 +223,14 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory
*/
private void verifyHostName(SSLSocket sslSocket) throws SSLException{
if (verifyHostName) {
+
SSLSession session = sslSocket.getSession();
+ if ("SSL_NULL_WITH_NULL_NULL".equals(session.getCipherSuite())) {
+ Logger.warn("SSL connection can NOT established.");
+ throw new SSLException("SSL connection can NOT established.");
+
+ }
+
String hostName = session.getPeerHost();
Certificate[] certs = null;
@@ -254,6 +276,12 @@ public class MOAHttpProtocolSocketFactory implements SecureProtocolSocketFactory
* @return {@link SSLSocket} with Ciphersuites
*/
private SSLSocket setEnabledSslCiphers(SSLSocket sslSocket) {
+ /*TODO:
+ * This implementation currently not work fine, because not all ciphers from
+ * 'https.cipherSuites' SystemProperty had to be supported by current JAVA version
+ * Add an validation step to check the allowed cipherSuites against the currently
+ * supported cipher suites and only add the matching set of ciphers
+ */
String systemProp = System.getProperty("https.cipherSuites");
if (MiscUtil.isNotEmpty(systemProp)) {
try {
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java
index a70d62e1e..3291f8a15 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java
@@ -53,40 +53,40 @@ public class FileUtils {
in.close();
return content;
}
- /**
- * Reads a file, given by URL, into a String.
- * @param urlString file URL
- * @param encoding character encoding
- * @return file content
- * @throws IOException on any exception thrown
- */
- public static String readURL(String urlString, String encoding) throws IOException {
- byte[] content = readURL(urlString);
- return new String(content, encoding);
- }
- /**
- * Reads a file, given by filename, into a byte array.
- * @param filename filename
- * @return file content
- * @throws IOException on any exception thrown
- */
- public static byte[] readFile(String filename) throws IOException {
- BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename));
- byte[] content = StreamUtils.readStream(in);
- in.close();
- return content;
- }
- /**
- * Reads a file, given by filename, into a String.
- * @param filename filename
- * @param encoding character encoding
- * @return file content
- * @throws IOException on any exception thrown
- */
- public static String readFile(String filename, String encoding) throws IOException {
- byte[] content = readFile(filename);
- return new String(content, encoding);
- }
+// /**
+// * Reads a file, given by URL, into a String.
+// * @param urlString file URL
+// * @param encoding character encoding
+// * @return file content
+// * @throws IOException on any exception thrown
+// */
+// public static String readURL(String urlString, String encoding) throws IOException {
+// byte[] content = readURL(urlString);
+// return new String(content, encoding);
+// }
+// /**
+// * Reads a file, given by filename, into a byte array.
+// * @param filename filename
+// * @return file content
+// * @throws IOException on any exception thrown
+// */
+// public static byte[] readFile(String filename) throws IOException {
+// BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename));
+// byte[] content = StreamUtils.readStream(in);
+// in.close();
+// return content;
+// }
+// /**
+// * Reads a file, given by filename, into a String.
+// * @param filename filename
+// * @param encoding character encoding
+// * @return file content
+// * @throws IOException on any exception thrown
+// */
+// public static String readFile(String filename, String encoding) throws IOException {
+// byte[] content = readFile(filename);
+// return new String(content, encoding);
+// }
/**
* Reads a file from a resource.
* @param name resource name
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java
index 3d28f4f2b..38dcafcc0 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java
@@ -126,33 +126,33 @@ public class KeyStoreUtils {
}
return ks;
}
- /**
- * Creates a key store from a directory containg X509 certificate files,
- * aliasing them with the index in the <code>String[]</code>, starting with <code>"0"</code>.
- * All the files in the directory are considered to be certificates.
- *
- * @param keyStoreType key store type
- * @param certDirURLString file URL of directory containing certificate filenames
- * @return key store created
- * @throws IOException thrown while reading the certificates from file
- * @throws GeneralSecurityException thrown while creating the key store
- */
- public static KeyStore createKeyStoreFromCertificateDirectory(
- String keyStoreType,
- String certDirURLString)
- throws IOException, GeneralSecurityException {
-
- URL certDirURL = new URL(certDirURLString);
- String certDirname = certDirURL.getFile();
- File certDir = new File(certDirname);
- String[] certFilenames = certDir.list();
- String separator =
- (certDirname.endsWith(File.separator) ? "" : File.separator);
- for (int i = 0; i < certFilenames.length; i++) {
- certFilenames[i] = certDirname + separator + certFilenames[i];
- }
- return createKeyStore(keyStoreType, certFilenames);
- }
+// /**
+// * Creates a key store from a directory containg X509 certificate files,
+// * aliasing them with the index in the <code>String[]</code>, starting with <code>"0"</code>.
+// * All the files in the directory are considered to be certificates.
+// *
+// * @param keyStoreType key store type
+// * @param certDirURLString file URL of directory containing certificate filenames
+// * @return key store created
+// * @throws IOException thrown while reading the certificates from file
+// * @throws GeneralSecurityException thrown while creating the key store
+// */
+// public static KeyStore createKeyStoreFromCertificateDirectory(
+// String keyStoreType,
+// String certDirURLString)
+// throws IOException, GeneralSecurityException {
+//
+// URL certDirURL = new URL(certDirURLString);
+// String certDirname = certDirURL.getFile();
+// File certDir = new File(certDirname);
+// String[] certFilenames = certDir.list();
+// String separator =
+// (certDirname.endsWith(File.separator) ? "" : File.separator);
+// for (int i = 0; i < certFilenames.length; i++) {
+// certFilenames[i] = certDirname + separator + certFilenames[i];
+// }
+// return createKeyStore(keyStoreType, certFilenames);
+// }
/**
* Loads an X509 certificate from file.
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java
deleted file mode 100644
index e3f8f75a1..000000000
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/*
- * Created on 26.04.2004
- *
- * @author rschamberger
- * $ID$
- */
-package at.gv.egovernment.moa.util;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * utility functions to write XML data to files
- * @author rschamberger
- * @version $Id$
- */
-public class OutputXML2File {
-
- /**
- * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8)
- *
- * @param filename file name
- * @param rootElem root element in DOM tree
- * @param hierarchy of the Logger
- */
- public static void debugOutputXML2File(String filename, Element rootElem, String hierarchy) {
- if (Logger.isDebugEnabled(hierarchy)) {
- outputXML2File(filename, rootElem);
- }
- }
-
- /**
- * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8)
- *
- * @param filename file name
- * @param xmlString XML string
- * @param hierarchy of the Logger
- */
- public static void debugOutputXML2File(String filename, String xmlString, String hierarchy) {
- if (Logger.isDebugEnabled(hierarchy)) {
- outputXML2File(filename, xmlString);
- }
- }
-
- /**
- * writes an XML structure to file (Encoding: UTF-8)
- *
- * @param filename file name
- * @param rootElem root element in DOM tree
- */
- public static void outputXML2File(String filename, Element rootElem) {
- try {
- String xmlString = new String(DOMUtils.serializeNode(rootElem));
- outputXML2File(filename, xmlString);
- } catch (Exception ex) {
- ex.printStackTrace();
- }
- }
-
- /**
- * writes an XML structure to file (Encoding: UTF-8)
- *
- * @param filename file name
- * @param xmlString XML string
- */
- public static void outputXML2File(String filename, String xmlString) {
- try {
- java.io.OutputStream fout = new java.io.FileOutputStream(filename);
- byte[] xmlData = xmlString.getBytes("UTF-8");
- fout.write(xmlData);
- fout.close();
- } catch (Exception ex) {
- ex.printStackTrace();
- }
- }
-
-}
diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java
index 2433eca89..be5581139 100644
--- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java
+++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java
@@ -75,16 +75,16 @@ public class KeyStoreUtilsTest extends TestCase {
X509Certificate cert = (X509Certificate)ks.getCertificate("0");
assertEquals(3424, cert.getSerialNumber().intValue());
}
- public void testCreateKeyStoreFromCertificateDirectory() throws Exception {
- // copy certificate files to a temporary directory,
- // omitting the "CVS" directory in the source directory
- copyCertificates("data/test/security/server-certs", tmpDir);
- KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL);
- assertEquals(2, ks.size());
- X509Certificate cert0 = (X509Certificate)ks.getCertificate("0");
- X509Certificate cert1 = (X509Certificate)ks.getCertificate("1");
- assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue());
- }
+// public void testCreateKeyStoreFromCertificateDirectory() throws Exception {
+// // copy certificate files to a temporary directory,
+// // omitting the "CVS" directory in the source directory
+// copyCertificates("data/test/security/server-certs", tmpDir);
+// KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL);
+// assertEquals(2, ks.size());
+// X509Certificate cert0 = (X509Certificate)ks.getCertificate("0");
+// X509Certificate cert1 = (X509Certificate)ks.getCertificate("1");
+// assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue());
+// }
private void copyCertificates(String from, String to) throws IOException {
String[] fromList = new File(from).list();
for (int i = 0; i < fromList.length; i++) {