8 files changed, 307 insertions, 59 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 01a2e5485..22c08b3e0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1,9 +1,74 @@
 
 package at.gv.egovernment.moa.id.auth;
 
-import at.gv.egovernment.moa.id.auth.builder.*;
-import at.gv.egovernment.moa.id.auth.data.*;
-import at.gv.egovernment.moa.id.auth.exception.*;
+import iaik.asn1.ObjectID;
+import iaik.util.logging.Log;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.math.BigInteger;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+//import java.security.cert.CertificateFactory;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Vector;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.xpath.XPathAPI;
+import org.opensaml.common.IdentifierGenerator;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.xml.util.Base64;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
+import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder;
+import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
+import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
+import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
+import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.BKUException;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.ParseException;
+import at.gv.egovernment.moa.id.auth.exception.ServiceException;
+import at.gv.egovernment.moa.id.auth.exception.ValidateException;
+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
@@ -16,9 +81,13 @@ import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
 import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
 import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
+//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
+//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
+//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
 import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
 import at.gv.egovernment.moa.id.client.SZRGWClient;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -40,7 +109,13 @@ import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.*;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.egovernment.moa.util.StringUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
 import at.gv.util.xsd.mis.MandateIdentifiers;
 import at.gv.util.xsd.mis.Target;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest;
@@ -48,8 +123,12 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
 import at.gv.util.xsd.srzgw.MISType;
 import at.gv.util.xsd.srzgw.MISType.Filters;
-import eu.stork.oasisdss.api.*;
+import eu.stork.oasisdss.api.AdditionalProfiles;
+import eu.stork.oasisdss.api.ApiUtils;
 import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.api.Profiles;
+import eu.stork.oasisdss.api.QualityLevels;
+import eu.stork.oasisdss.api.SignatureTypes;
 import eu.stork.oasisdss.profile.AnyType;
 import eu.stork.oasisdss.profile.DocumentType;
 import eu.stork.oasisdss.profile.SignRequest;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 41be2c7e3..f98e5c97b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -30,6 +30,7 @@ import java.net.URL;
 import java.util.ArrayList;

 import java.util.List;

 

+import javax.activation.DataSource;

 import javax.servlet.ServletException;

 import javax.servlet.http.HttpServlet;

 import javax.servlet.http.HttpServletRequest;

@@ -66,6 +67,8 @@ import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.xmldsig.SignatureType;

 import at.gv.util.xsd.xmldsig.X509DataType;

 import eu.stork.oasisdss.api.ApiUtils;

+import eu.stork.oasisdss.api.LightweightSourceResolver;

+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;

 import eu.stork.oasisdss.profile.DocumentWithSignature;

 import eu.stork.oasisdss.profile.SignResponse;

 import eu.stork.peps.auth.commons.PEPSUtil;

@@ -202,17 +205,15 @@ public class PEPSConnectorServlet extends AuthServlet {
 				String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0);

 				SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));

 				

-				List<DocumentWithSignature> doclocations = ApiUtils.findNamedElement(dssSignResponse.getOptionalOutputs(), DocumentWithSignature.class.getSimpleName(), DocumentWithSignature.class);

-				// TODO handle multiple docs?

-				Logger.debug("trying first doclocation");

-				String docUrl = doclocations.get(0).getDocument().getDocumentURL();

-				Logger.debug("trying first doclocation successful");

-				

 				// fetch signed doc

-				URL url = new URL(docUrl);

-				InputStream incomming = url.openStream();

-				citizenSignature = IOUtils.toString(incomming);

-				incomming.close();

+				DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);

+				if(ds == null){

+					throw new ApiUtilsException("No datasource found in response");

+				}				

+				

+				InputStream incoming  = ds.getInputStream();

+				citizenSignature = IOUtils.toString(incoming);

+				incoming.close();

 				

 				JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());

 				SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue();

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index 953758dc3..538e59401 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -10,38 +10,43 @@ import java.util.List;
  */
 public class AttributeProviderFactory {
 
-    /**
-     * Gets the available plugins.
-     *
-     * @return the available plugins
-     */
-    public static List<String> getAvailablePlugins() {
-        List<String> result = new ArrayList<String>();
-        result.add("StorkAttributeRequestProvider");
-        result.add("EHvdAttributeProvider");
+	/**
+	 * Gets the available plugins.
+	 * 
+	 * @return the available plugins
+	 */
+	public static List<String> getAvailablePlugins() {
+		List<String> result = new ArrayList<String>();
+		result.add("StorkAttributeRequestProvider");
+		result.add("EHvdAttributeProvider");
+        result.add("SignedDocAttributeRequestProvider");
         result.add("MISAttributeProvider");
 
+
         return result;
     }
 
-    /**
-     * Creates an AttributeProvider object for the given shortname. Returns
-     * {@code null} if there is no such provider available.
-     *
-     * @param shortname the simpleName for the providers class
-     * @return the attribute provider
-     */
-    public static AttributeProvider create(String shortname, String url) {
-        if (shortname.equals("StorkAttributeRequestProvider")) {
-            return new StorkAttributeRequestProvider(url);
-        } else if (shortname.equals("EHvdAttributeProvider")) {
-            return new EHvdAttributeProviderPlugin(url);
-        } else if (shortname.equals("MISAttributeProvider")) {
-            return new MISAttributeProvider(url);
-        } else {
-            return null;
-        }
-    }
+	/**
+	 * Creates an AttributeProvider object for the given shortname. Returns
+	 * {@code null} if there is no such provider available.
+	 * 
+	 * @param shortname
+	 *            the simpleName for the providers class
+	 * @return the attribute provider
+	 */
+	public static AttributeProvider create(String shortname, String url) {
+        	if (shortname.equals("StorkAttributeRequestProvider"))  {
+			return new StorkAttributeRequestProvider(url);
+		} else if(shortname.equals("EHvdAttributeProvider")) {
+			return new EHvdAttributeProviderPlugin(url);
+		}  else if(shortname.equals("SignedDocAttributeRequestProvider")) {
+                return new SignedDocAttributeRequestProvider(url);
+        }  else if (shortname.equals("MISAttributeProvider")) {
+                return new MISAttributeProvider(url);
+        }    else {
+			return null;
+		}
+	}
 
     /**
      * Gets fresh instances of the configured plugins.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
new file mode 100644
index 000000000..6a8e306a1
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -0,0 +1,134 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.StringUtils;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+/**
+ * Forwards a signedDoc attribute request to the oasis-dss service instance
+ */
+public class SignedDocAttributeRequestProvider implements AttributeProvider {
+
+	private PersonalAttribute requestedAttribute;
+
+	/**
+	 * The URL of the service listening for the oasis dss webform post request
+	 */
+	private String oasisDssWebFormURL;
+
+	/**
+	 * Instantiates a new signed doc attribute request provider.
+	 * 
+	 * @param oasisDssWebFormURL
+	 *            the AP location
+	 */
+	public SignedDocAttributeRequestProvider(String oasisDssWebFormURL) {
+		this.oasisDssWebFormURL = oasisDssWebFormURL;
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java
+	 * .lang.String)
+	 */
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException,
+			ExternalAttributeRequestRequiredException {
+		if(!attribute.getName().equals("signedDoc")){
+			throw new UnsupportedAttributeException();
+		}
+		
+		requestedAttribute = attribute;
+
+		throw new ExternalAttributeRequestRequiredException(this);
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax
+	 * .servlet.http.HttpServletRequest)
+	 */
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
+		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request");
+
+
+		STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+		try {
+			String signResponse = new String(Base64.decodeBase64(httpReq.getParameter("signresponse")), "UTF8");
+			List<String> values = new ArrayList<String>();
+			values.add(signResponse);
+
+			Logger.debug("Assembling signedDoc attribute");
+			PersonalAttribute signedDocAttribute = new PersonalAttribute(requestedAttribute.getName(), requestedAttribute.isRequired(), values,
+					"Available");
+
+			// pack and return the result
+			PersonalAttributeList result = new PersonalAttributeList();
+			result.add(signedDocAttribute);
+			return result;
+		} catch (UnsupportedEncodingException e) {
+			Logger.error("Failed to assemble signedDoc attribute");
+			throw new MOAIDException("stork.05", null);
+		}
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect
+	 * (java.lang.String)
+	 */
+	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam)
+			throws MOAIDException {
+
+		try {
+			Logger.trace("Initialize VelocityEngine...");
+
+			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+			Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm");
+			VelocityContext context = new VelocityContext();
+			context.put("signrequest", Base64.encodeBase64String(requestedAttribute.getValue().get(0).getBytes("UTF8")));
+			context.put("clienturl", url);
+			context.put("action", oasisDssWebFormURL);
+
+			StringWriter writer = new StringWriter();
+			template.merge(context, writer);
+
+			resp.getOutputStream().write(writer.toString().getBytes());
+		} catch (Exception e) {
+			Logger.error("Error sending STORK SAML AttrRequest.", e);
+			throw new MOAIDException("stork.11", null);
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm b/id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm
new file mode 100644
index 000000000..7fcc1bb36
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm
@@ -0,0 +1,36 @@
+##
+## Velocity Template for OASIS WEBFORM BINDING
+##
+## Velocity context may contain the following properties
+## action - String - the action URL for the form
+## signresponse - String - the Base64 encoded SAML Request
+## verifyresponse - String - the Base64 encoded SAML Response
+## clienturl - String - URL where the USer gets redirected after the signature process
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+
+    <body onload="document.forms[0].submit()">
+        <noscript>
+            <p>
+                <strong>Note:</strong> Since your browser does not support JavaScript,
+                you must press the Continue button once to proceed.
+            </p>
+        </noscript>
+        
+        <form action="${action}" method="post">
+            <div>
+                #if($signrequest)<input type="hidden" name="signrequest" value="${signrequest}"/>#end
+                
+                #if($verifyrequest)<input type="hidden" name="verifyrequest" value="${verifyrequest}"/>#end
+                #if($clienturl)<input type="hidden" name="clienturl" value="${clienturl}"/>#end
+                
+            </div>
+            <noscript>
+                <div>
+                    <input type="submit" value="Continue"/>
+                </div>
+            </noscript>
+        </form>
+        
+    </body>
+</html>
\ No newline at end of file
diff --git a/id/server/mw-messages-api/.classpath b/id/server/mw-messages-api/.classpath
index 8b5a9fa96..c15838fd0 100644
--- a/id/server/mw-messages-api/.classpath
+++ b/id/server/mw-messages-api/.classpath
@@ -6,11 +6,6 @@
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
 	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
 		<attributes>
 			<attribute name="optional" value="true"/>
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java
index e485827c8..da6a8ab27 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java
@@ -50,13 +50,11 @@ public class CustomAttributeQueryImpl extends SubjectQueryImpl implements Custom
         return Collections.unmodifiableList(children);

     }

 

-	@Override

 	public String getAssertionConsumerServiceURL() {

 		// TODO Auto-generated method stub

 		return this.serviceURL;

 	}

 

-	@Override

 	public void setAssertionConsumerServiceURL(String newServiceUrl) {

 		// TODO Auto-generated method stub

 		this.serviceURL = newServiceUrl;

diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
index 4554a9586..6652560bd 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
@@ -426,16 +426,16 @@ public class SignSW implements SAMLEngineSignI {
 	    final BasicX509Credential entityX509Cred = new BasicX509Credential();

 	    entityX509Cred.setEntityCertificate(cert);	    

 	    

-	    try {

-			cert.checkValidity();

-		} 

-	    catch (CertificateExpiredException exp) {

-			throw new SAMLEngineException("Certificate expired.");

-		}

-		catch (CertificateNotYetValidException exp) {

-			throw new SAMLEngineException("Certificate not yet valid.");

-		}		

-		

+//	    try {

+//			cert.checkValidity();

+//		} 

+//	    catch (CertificateExpiredException exp) {

+//			throw new SAMLEngineException("Certificate expired.");

+//		}

+//		catch (CertificateNotYetValidException exp) {

+//			throw new SAMLEngineException("Certificate not yet valid.");

+//		}		

+//		

 		boolean trusted = false;

 		

 		for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements();)