diff options
Diffstat (limited to 'spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config')
16 files changed, 1080 insertions, 0 deletions
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java new file mode 100644 index 000000000..713891714 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java @@ -0,0 +1,36 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.server.modules.keys.KeyModuleConfiguration; + +/** + * Base implementation class for the <code>KeyModuleConfiguration</code> + * interface and the interfaces derived from it. + * + * @see iaik.server.modules.keys.KeyModuleConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public abstract class AbstractKeyModuleConfigurationImpl + implements KeyModuleConfiguration { + + /** The module ID. */ + private String moduleID; + + /** + * Creata new <code>AbstractKeyModuleConfigurationImpl</code>. + * + * @param moduleID The key module ID of this + * <code>KeyModuleConfiguration</code>. + */ + public AbstractKeyModuleConfigurationImpl(String moduleID) { + this.moduleID = moduleID; + } + + /** + * @see iaik.server.modules.keys.KeyModuleConfiguration#getModuleID() + */ + public String getModuleID() { + return moduleID; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java new file mode 100644 index 000000000..ac4286701 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java @@ -0,0 +1,48 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import iaik.servertools.observer.NotificationData; +import iaik.servertools.observer.Observable; +import iaik.servertools.observer.Observer; + +/** + * A base class for observable configuration data. + * + * @author Patrick Peck + * @version $Id$ + */ +public abstract class AbstractObservableConfiguration implements Observable { + + /** The observers registered with this <code>Observable</code>. */ + private List observers = new ArrayList(); + + /** + * @see iaik.utils.observer.Observable#addObserver(iaik.utils.observer.Observer) + */ + public void addObserver(Observer observer) { + observers.add(observer); + } + + /** + * @see iaik.utils.observer.Observable#removeObserver(iaik.utils.observer.Observer) + */ + public boolean removeObserver(Observer observer) { + return observers.remove(observer); + } + + /** + * @see iaik.utils.observer.Observable#notify(iaik.utils.observer.NotificationData) + */ + public void notify(NotificationData data) { + Iterator iter = observers.iterator(); + + for (iter = observers.iterator(); iter.hasNext();) { + Observer observer = (Observer) iter.next(); + observer.notify(data); + } + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java new file mode 100644 index 000000000..22d798bc3 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java @@ -0,0 +1,62 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.revocation.archive.ArchiveConfiguration; +import iaik.pki.store.revocation.archive.ArchiveParameter; +import iaik.pki.store.revocation.archive.ArchiveTypes; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the <code>ArchiveConfiguration</code> interface + * using configuration data provided by the MOA configuration file. + * + * @see iaik.pki.store.revocation.archive.ArchiveConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class ArchiveConfigurationImpl + extends AbstractObservableConfiguration + implements ArchiveConfiguration { + + /** The configuration parameters of the archive. */ + private ArchiveParameter archiveParameters; + + /** + * Create a new <code>ArchiveConfigurationImpl</code>. + * + * @param config The MOA configuration from which the configuration data is + * being read. + */ + public ArchiveConfigurationImpl(ConfigurationProvider config) { + String jdbcUrl = + config.getGenericConfiguration( + ConfigurationProvider.DATABASE_ARCHIVE_PARAMETER_PROPERTY); + + if (jdbcUrl != null) { + this.archiveParameters = new DataBaseArchiveParameterImpl(jdbcUrl); + } + } + + /** + * Return the type of archive. + * + * This will always return <code>ArchiveTypes.DATABASE</code>. + * @return <code>ArchiveTypes.DATABASE</code>. + * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getType() + */ + public String getType() { + return ArchiveTypes.DATABASE; + } + + /** + * Return the <code>ArchiveParameters</code> describing this + * <code>ArchiveConfiguration</code>. + * + * @return The archive parameters. + * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getArchiveParameters() + */ + public ArchiveParameter getArchiveParameters() { + return archiveParameters; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLDistributionPointAdapter.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLDistributionPointAdapter.java new file mode 100644 index 000000000..1c2df80a5 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLDistributionPointAdapter.java @@ -0,0 +1,54 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.revocation.CRLDistributionPoint; +import iaik.pki.revocation.RevocationSourceTypes; + +import at.gv.egovernment.moa.spss.server.config.DistributionPoint; + +/** + * A class that wraps an + * at.gv.egovernment.moa.spss.server.config.DistributionPoint as a + * iaik.pki.revocation.CRLDistributionPoint. + * + * @see iaik.pki.revocation.CRLDistributionPoint + * @author Patrick Peck + * @version $Id$ + */ +public class CRLDistributionPointAdapter implements CRLDistributionPoint { + + /** The wrapped <code>DistributionPoint</code>. */ + private DistributionPoint distributionPoint; + + /** + * Create a new <code>CRLDistributionPointAdapter</code>. + * + * @param distributionPoint The <code>DistributionPoint</code> to wrap. It + * contains the data configured in the MOA configuration. + */ + public CRLDistributionPointAdapter(DistributionPoint distributionPoint) { + this.distributionPoint = distributionPoint; + } + + /** + * @see iaik.pki.revocation.CRLDistributionPoint#getReasonCodes() + */ + public int getReasonCodes() { + return distributionPoint.getReasonCodes(); + } + + /** + * @return <code>RevocationSourceTypes.CRL</code> + * @see iaik.pki.revocation.DistributionPoint#getType() + */ + public String getType() { + return RevocationSourceTypes.CRL; + } + + /** + * @see iaik.pki.revocation.DistributionPoint#getUri() + */ + public String getUri() { + return distributionPoint.getUri(); + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java new file mode 100644 index 000000000..c9be3fc2b --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java @@ -0,0 +1,54 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.certstore.CertStoreConfiguration; +import iaik.pki.store.certstore.CertStoreParameters; +import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the <code>CertStoreConfiguration</code> interface based + * on MOA configuration data. + * + * @see iaik.pki.store.certstore.CertStoreConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class CertStoreConfigurationImpl + extends AbstractObservableConfiguration + implements CertStoreConfiguration { + + /** The configuration parameters of the <code>CertStore</code>. */ + private CertStoreParameters[] parameters; + + /** + * Create a new <code>CertStoreConfigurationImpl</code>. + * + * @param config The MOA configuration from which the configuration data is + * being read. + */ + public CertStoreConfigurationImpl(ConfigurationProvider config) { + String certStoreRoot = + config.getGenericConfiguration( + ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY, + "certstore"); + + if (certStoreRoot != null) { + DirectoryCertStoreParameters dirParameters = + new DirectoryCertStoreParametersImpl( + "MOA Directory CertStore", + certStoreRoot, + true, + false); + parameters = new CertStoreParameters[] { dirParameters }; + } + } + + /** + * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters() + */ + public CertStoreParameters[] getParameters() { + return parameters; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java new file mode 100644 index 000000000..7aa4cbe4b --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java @@ -0,0 +1,121 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import iaik.logging.LoggerConfig; +import iaik.pki.PKIConfiguration; +import iaik.server.ConfigurationData; + +import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; +import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; + +/** + * An implementation of the <code>ConfigurationData</code> interface using + * MOA configuration data. + * + * @see iaik.server.ConfigurationData + * @author Patrick Peck + * @version $Id$ + */ +public class ConfigurationDataImpl implements ConfigurationData { + /** PKI configuration data. */ + private PKIConfiguration pkiConfiguration; + /** Crypto modules configuration data. */ + private List cryptoModuleConfigurations; + /** Key modules configuration data. */ + private List keyModuleConfigurations; + /** Logging configuration data. */ + private LoggerConfig loggerConfig; + + /** + * Create a new <code>ConfigurationDataImpl</code>. + * + * @param config The underlying MOA configuration data. + */ + public ConfigurationDataImpl(ConfigurationProvider config) { + this.pkiConfiguration = new PKIConfigurationImpl(config); + this.cryptoModuleConfigurations = buildCryptoModuleConfigurations(config); + this.keyModuleConfigurations = buildKeyModuleConfigurations(config); + this.loggerConfig = new LoggerConfigImpl(); + } + + /** + * Build the list of <code>CryptoModuleConfiguration</code>s. + * + * @param config The underlying MOA configuration data. + * @return The list of <code>CryptoModuleConfiguration</code>s configured in + * the MOA configuration. + */ + private List buildCryptoModuleConfigurations(ConfigurationProvider config) { + List modules = new ArrayList(); + Iterator iter = config.getHardwareCryptoModules().iterator(); + + while (iter.hasNext()) { + HardwareCryptoModule module = (HardwareCryptoModule) iter.next(); + modules.add(new HardwareCryptoModuleConfigurationImpl(module)); + } + + return modules; + } + + /** + * Build the list of <code>KeyModuleConfiguration</code>s. + * + * @param config The underlying MOA configuration data. + * @return The list of <code>KeyModuleConfiguration</code>s configured in the + * MOA configuration. + */ + private List buildKeyModuleConfigurations(ConfigurationProvider config) { + List keys = new ArrayList(); + Iterator iter; + + // add the hardware keys + iter = config.getHardwareKeyModules().iterator(); + while (iter.hasNext()) { + HardwareKeyModule key = (HardwareKeyModule) iter.next(); + keys.add(new HardwareKeyModuleConfigurationImpl(key)); + } + + // add the software keys + iter = config.getSoftwareKeyModules().iterator(); + while (iter.hasNext()) { + SoftwareKeyModule key = (SoftwareKeyModule) iter.next(); + keys.add(new SoftwareKeyModuleConfigurationImpl(key)); + } + + return keys; + } + + /** + * @see iaik.server.ConfigurationData#getPKIConfiguration() + */ + public PKIConfiguration getPKIConfiguration() { + return pkiConfiguration; + } + + /** + * @see iaik.server.ConfigurationData#getCryptoModuleConfigurations() + */ + public List getCryptoModuleConfigurations() { + return cryptoModuleConfigurations; + } + + /** + * @see iaik.server.ConfigurationData#getKeyModuleConfigurations() + */ + public List getKeyModuleConfigurations() { + return keyModuleConfigurations; + } + + /** + * @see iaik.server.ConfigurationData#getLoggerConfig() + */ + public LoggerConfig getLoggerConfig() { + return loggerConfig; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java new file mode 100644 index 000000000..d67523944 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java @@ -0,0 +1,33 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter; + +/** + * An implementation of the <code>DataBaseArchiveParameter</code> interface. + * + * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter + * @author Patrick Peck + * @version $Id$ + */ +public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameter { + + /** The JDBC URL for accessing the archive. */ + private String jDBCUrl; + + /** + * Create a new <code>DataBaseArchiveParameterImpl</code>. + * + * @param jDBCUrl The JDBC URL of the archive. + */ + public DataBaseArchiveParameterImpl(String jDBCUrl) { + this.jDBCUrl = jDBCUrl; + } + + /** + * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter#getJDBCUrl() + */ + public String getJDBCUrl() { + return jDBCUrl; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java new file mode 100644 index 000000000..2b00d6766 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java @@ -0,0 +1,81 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.store.certstore.CertStoreTypes; +import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; + +/** + * An implementation of the <code>DirectoryCertStoreParameters</code> interface. + * + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters + * @author Patrick Peck + * @version $Id$ + */ +public class DirectoryCertStoreParametersImpl + implements DirectoryCertStoreParameters { + + /** The root directory of the <code>CertStore</code>. */ + private String rootDirectory; + /** Whether a new directory may be created. */ + private boolean createNew; + /** The <code>CertStore</code> ID. */ + private String id; + /** Whether the <code>CertStore</code> is read-only. */ + private boolean readOnly; + + /** + * Create a new <code>DirectoryCertStoreParameterImpl</code>. + * + * @param id The <code>CertStore</code> ID. + * @param rootDirectory The root directory of the <code>CertStore</code>. + * @param createNew Whether a new directory may be created. + * @param readOnly Whether the <code>CertStore</code> is read-only. + */ + public DirectoryCertStoreParametersImpl( + String id, + String rootDirectory, + boolean createNew, + boolean readOnly) { + + this.id = id; + this.rootDirectory = rootDirectory; + this.createNew = createNew; + this.readOnly = readOnly; + } + + /** + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory() + */ + public String getRootDirectory() { + return rootDirectory; + } + + /** + * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew() + */ + public boolean createNew() { + return createNew; + } + + /** + * @see iaik.pki.store.certstore.CertStoreParameters#getId() + */ + public String getId() { + return id; + } + + /** + * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly() + */ + public boolean isReadOnly() { + return readOnly; + } + + /** + * @return <code>CertStoreTypes.DIRECTORY</code> + * @see iaik.pki.store.certstore.CertStoreParameters#getType() + */ + public String getType() { + return CertStoreTypes.DIRECTORY; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java new file mode 100644 index 000000000..3c8f4c002 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java @@ -0,0 +1,51 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration; + +import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; + +/** + * An implementation of the <code>HardwareCryptoModuleConfiguration</code> + * wrapping a <code>HardwareCryptoModule</code> from the MOA configuration. + * + * @author Patrick Peck + * @version $Id$ + */ +public class HardwareCryptoModuleConfigurationImpl + implements HardwareCryptoModuleConfiguration { + + /** The wrapped <code>HardwareCryptoModule</code>. */ + private HardwareCryptoModule module; + + /** + * Create a new <code>HardwareCryptoModuleConfigurationImpl</code>. + * + * @param module The <code>HardwareCryptoModule</code> from the underlying MOA + * configuration. + */ + public HardwareCryptoModuleConfigurationImpl(HardwareCryptoModule module) { + this.module = module; + } + + /** + * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getModuleName() + */ + public String getModuleName() { + return module.getName(); + } + + /** + * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getSlotID() + */ + public String getSlotID() { + return module.getSlotID(); + } + + /** + * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getUserPIN() + */ + public char[] getUserPIN() { + return module.getUserPIN().toCharArray(); + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java new file mode 100644 index 000000000..d905588c6 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java @@ -0,0 +1,55 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.server.modules.keys.HardwareKeyModuleConfiguration; + +import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; + +/** + * An implementation of the <code>HardwareKeyModuleConfiguration</code> + * interface wrapping a <code>HardwareKeyModule</code> from the MOA + * configuration. + * + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class HardwareKeyModuleConfigurationImpl + extends AbstractKeyModuleConfigurationImpl + implements HardwareKeyModuleConfiguration { + + /** The wrapped <code>HardwareKeyModule</code>. */ + private HardwareKeyModule keyModule; + + /** + * Create a new <code>HardwareKeyModuleConfigurationImpl</code>. + * + * @param keyModule The <code>HardwareKeyModule</code> from the underlying + * MOA configuration. + */ + public HardwareKeyModuleConfigurationImpl(HardwareKeyModule keyModule) { + super(keyModule.getId()); + this.keyModule = keyModule; + } + + /** + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getModuleName() + */ + public String getModuleName() { + return keyModule.getName(); + } + + /** + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getSlotID() + */ + public String getSlotID() { + return keyModule.getSlotID(); + } + + /** + * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getUserPIN() + */ + public char[] getUserPIN() { + return keyModule.getUserPIN().toCharArray(); + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java new file mode 100644 index 000000000..8bd410ac7 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -0,0 +1,162 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import iaik.pki.store.truststore.TrustStoreFactory; +import iaik.server.ConfigurationData; +import iaik.server.Configurator; +import iaik.server.modules.keys.KeyEntryID; +import iaik.server.modules.keys.KeyModule; +import iaik.server.modules.keys.KeyModuleFactory; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.config.KeyGroup; +import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.util.MessageProvider; + +/** + * A class responsible for configuring the IAIK MOA modules. + * + * @author Patrick Peck + * @version $Id$ + */ +public class IaikConfigurator { + + /** The warnings encountered during configuration. */ + private List warnings = new ArrayList(); + + /** + * Configure the IAIK MOA subsystem. + * + * @param moaConfig The underlying MOA configuration. + * @throws ConfigurationException An error occurred configuring the IAIK + * MOA subsystem. + */ + public void configure(ConfigurationProvider moaConfig) + throws ConfigurationException { + ConfigurationData configData = new ConfigurationDataImpl(moaConfig); + + warnings = new ArrayList(); + + try { + Configurator.init(configData, new TransactionId("IaikConfigurator")); + dumpKeyEntryIDs(); + checkKeyGroupConfig(moaConfig); + TrustStoreFactory.reset(); + } catch (iaik.server.ConfigurationException e) { + throw new ConfigurationException("config.08", null, e); + } catch (Throwable t) { + throw new ConfigurationException("config.08", null, t); + } + } + + /** + * Return the warnings encountered during configuration. + * + * @return The warnings. + */ + public List getWarnings() { + return warnings; + } + + /** + * Dump all <code>KeyEntryID</code>s contained in the configured + * <code>KeyModule</code>s to the log file. + */ + private void dumpKeyEntryIDs() { + MessageProvider msg = MessageProvider.getInstance(); + KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump")); + Set keyEntryIds = module.getPrivateKeyEntryIDs(); + Iterator iter; + + for (iter = keyEntryIds.iterator(); iter.hasNext();) { + KeyEntryID keyEntryId = (KeyEntryID) iter.next(); + Logger.info( + new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId }))); + } + } + + /** + * Check that each key group entry in each key group can be resolved to a + * KeyEntryID. + * + * Logs a warning for each key group entry that cannot be resolved. + * + * @param moaConfig The MOA configuration to check. + */ + private void checkKeyGroupConfig(ConfigurationProvider moaConfig) { + Map keyGroups = moaConfig.getKeyGroups(); + Iterator iter; + + for (iter = keyGroups.values().iterator(); iter.hasNext();) { + KeyGroup keyGroup = (KeyGroup) iter.next(); + Set keyGroupEntries = keyGroup.getKeyGroupEntries(); + Iterator kgIter; + + for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) { + KeyGroupEntry entry = (KeyGroupEntry) kgIter.next(); + + if (!findKeyEntryID(entry)) { + warn( + "config.31", + new Object[] { + keyGroup.getId(), + entry.getModuleID(), + entry.getIssuerDN(), + entry.getSerialNumber()}); + } + } + } + } + + /** + * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID + * by the Configurator. + * + * @param keyGroupEntry The key group entry to find. + * @return <code>true</code>, if the <code>keyGroupEntry</code> could be + * resolved to a <code>KeyEntryID</code>; otherwise <code>false</code>. + */ + private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) { + KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check")); + Set keyEntryIDs = module.getPrivateKeyEntryIDs(); + Iterator iter; + + for (iter = keyEntryIDs.iterator(); iter.hasNext();) { + KeyEntryID entry = (KeyEntryID) iter.next(); + + if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN()) + && entry.getCertificateSerialNumber().equals( + keyGroupEntry.getSerialNumber()) + && entry.getModuleID().equals(keyGroupEntry.getModuleID())) { + return true; + } + } + + return false; + } + + /** + * Log a warning. + * + * @param messageId The message ID. + * @param args Additional parameters for the message. + * @see at.gv.egovernment.moa.spss.server.util.MessageProvider + */ + private void warn(String messageId, Object[] args) { + MessageProvider msg = MessageProvider.getInstance(); + String txt = msg.getMessage(messageId, args); + + Logger.warn(new LogMsg(txt)); + warnings.add(txt); + } +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java new file mode 100644 index 000000000..9679e8d18 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java @@ -0,0 +1,34 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.util.Properties; + +import iaik.logging.LogConfigurationException; +import iaik.logging.LoggerConfig; + +import at.gv.egovernment.moa.logging.LoggingContextManager; + +/** + * Default implementation of the <code>LoggerConfig</code> interface. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LoggerConfigImpl implements LoggerConfig { + + /** The implementation of iaik.logging.LogFactory. */ + private static final String DEFAULT_IMPLEMENTATION = + "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory"; + + public String getFactory() { + return DEFAULT_IMPLEMENTATION; + } + + public Properties getProperties() throws LogConfigurationException { + return new Properties(); + } + + public String getNodeId() { + return LoggingContextManager.getInstance().getLoggingContext().getNodeID(); + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java new file mode 100644 index 000000000..0703cd326 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java @@ -0,0 +1,85 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import iaik.pki.PKIConfiguration; +import iaik.pki.pathvalidation.ValidationConfiguration; +import iaik.pki.revocation.RevocationConfiguration; +import iaik.pki.store.certstore.CertStoreConfiguration; +import iaik.pki.store.revocation.archive.ArchiveConfiguration; + +import at.gv.egovernment.moa.util.BoolUtils; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the <code>PKIConfiguration</code> interface using data + * from the MOA configuration. + * + * @see iaik.pki.PKIConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class PKIConfigurationImpl implements PKIConfiguration { + /** The <code>CertStore</code> configuration. */ + private CertStoreConfiguration certStoreConfiguration; + /** The revocation checking configuration. */ + private RevocationConfiguration revocationConfiguration; + /** The revocation archive configuration. */ + private ArchiveConfiguration archiveConfiguration; + /** The certificate validation configuration. */ + private ValidationConfiguration validationConfiguration; + + /** + * Create a new <code>PKIConfigurationImpl</code>. + * + * @param config The underlying MOA configuration which will be used to build + * the configuration data contained in this object. + */ + public PKIConfigurationImpl(ConfigurationProvider config) { + String archiveInfo; + + this.certStoreConfiguration = new CertStoreConfigurationImpl(config); + + this.revocationConfiguration = new RevocationConfigurationImpl(config); + + archiveInfo = + config.getGenericConfiguration( + ConfigurationProvider.ARCHIVE_REVOCATION_INFO_PROPERTY, + "false"); + if (archiveInfo != null && BoolUtils.valueOf(archiveInfo)) { + this.archiveConfiguration = new ArchiveConfigurationImpl(config); + } else { + this.archiveConfiguration = null; + } + + this.validationConfiguration = new ValidationConfigurationImpl(config); + } + + /** + * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration() + */ + public CertStoreConfiguration getCertStoreConfiguration() { + return certStoreConfiguration; + } + + /** + * @see iaik.pki.PKIConfiguration#getRevocationConfiguration() + */ + public RevocationConfiguration getRevocationConfiguration() { + return revocationConfiguration; + } + + /** + * @see iaik.pki.PKIConfiguration#getArchiveConfiguration() + */ + public ArchiveConfiguration getArchiveConfiguration() { + return archiveConfiguration; + } + + /** + * @see iaik.pki.PKIConfiguration#getValidationConfiguration() + */ + public ValidationConfiguration getValidationConfiguration() { + return validationConfiguration; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java new file mode 100644 index 000000000..466234a11 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java @@ -0,0 +1,73 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.security.cert.X509Certificate; +import java.util.Date; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +import iaik.pki.revocation.RevocationConfiguration; + +import at.gv.egovernment.moa.util.BoolUtils; + +import at.gv.egovernment.moa.spss.server.config.DistributionPoint; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the <code>RevocationConfiguration</code> interface using + * MOA configuration data. + * + * @see iaik.pki.revocation.RevocationConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class RevocationConfigurationImpl + extends AbstractObservableConfiguration + implements RevocationConfiguration { + + /** The <code>ConfigurationProvider</code> to read the configuration data + * from. */ + private ConfigurationProvider config; + + /** + * Create a new <code>RevocationConfigurationImpl</code>. + * + * @param config The underlying MOA configuration containing the configuration + * data. + */ + public RevocationConfigurationImpl(ConfigurationProvider config) { + this.config = config; + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints(java.security.cert.X509Certificate, java.util.Date) + */ + public Set getAlternativeDistributionPoints( + X509Certificate cert, + Date date) { + + Set configuredPoints = config.getCRLDP(cert); + Set distributionPoints = new HashSet(); + Iterator iter; + + for (iter = configuredPoints.iterator(); iter.hasNext();) { + DistributionPoint dp = (DistributionPoint) iter.next(); + distributionPoints.add(new CRLDistributionPointAdapter(dp)); + } + + return distributionPoints; + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, java.lang.String) + */ + public boolean archiveRevocationInfo(String type, String uri) { + String info = + config.getGenericConfiguration( + ConfigurationProvider.ARCHIVE_REVOCATION_INFO_PROPERTY, + "false"); + + return info != null ? BoolUtils.valueOf(info) : false; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java new file mode 100644 index 000000000..343f096ef --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java @@ -0,0 +1,75 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.InputStream; + +import iaik.server.modules.keys.ConfigurationException; +import iaik.server.modules.keys.SoftwareKeyModuleConfiguration; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; +import at.gv.egovernment.moa.spss.util.MessageProvider; + +/** + * An implementation of the <code>SoftwareKeyModuleConfiguration</code> wrapping + * a <code>SoftwareKeyModule</code> from the MOA configuration. + * + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class SoftwareKeyModuleConfigurationImpl + extends AbstractKeyModuleConfigurationImpl + implements SoftwareKeyModuleConfiguration { + + /** The wrapped <code>SoftwareKeyModule</code>. */ + private SoftwareKeyModule keyModule; + + /** + * Create a new <code>SoftwareKeyModuleConfigurationImpl</code>. + * + * @param keyModule The <code>SoftwareKeyModule</code> from the underlying MOA + * configuration. + */ + public SoftwareKeyModuleConfigurationImpl(SoftwareKeyModule keyModule) { + super(keyModule.getId()); + this.keyModule = keyModule; + } + + /** + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreTypeName() + */ + public String getKeyStoreTypeName() { + return KEY_STORE_TYPE_NAME_PKCS12; + } + + /** + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAsStream() + */ + public InputStream getKeyStoreAsStream() { + MessageProvider msg = MessageProvider.getInstance(); + + try { + String message = + msg.getMessage("config.18", new Object[] { keyModule.getFileName()}); + Logger.info(new LogMsg(message)); + return new FileInputStream(keyModule.getFileName()); + } catch (FileNotFoundException e) { + String message = + msg.getMessage("config.09", new Object[] { keyModule.getFileName()}); + + throw new ConfigurationException(message, e, null); + } + } + + /** + * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAuthenticationData() + */ + public char[] getKeyStoreAuthenticationData() { + return keyModule.getPassWord().toCharArray(); + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java new file mode 100644 index 000000000..f6fbad215 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java @@ -0,0 +1,56 @@ +package at.gv.egovernment.moa.spss.server.iaik.config; + +import java.security.cert.X509Certificate; +import java.security.spec.AlgorithmParameterSpec; + +import iaik.pki.pathvalidation.ValidationConfiguration; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; + +/** + * An implementation of the <code>ValidationConfiguration</code> interface using + * MOA configuration data. + * + * @see iaik.pki.pathvalidation.ValidationConfiguration + * @author Patrick Peck + * @version $Id$ + */ +public class ValidationConfigurationImpl + extends AbstractObservableConfiguration + implements ValidationConfiguration { + + /** The <code>ConfigurationProvider</code> to read the configuration data + * from. */ + private ConfigurationProvider config; + + /** + * Create a new <code>ValidationConfigurationImpl</code>. + * + * @param config The underlying MOA configuration data. + */ + public ValidationConfigurationImpl(ConfigurationProvider config) { + this.config = config; + } + + /** + * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate) + */ + public String getChainingMode(X509Certificate cert) { + return config.getChainingMode(cert); + } + + /** + * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate) + */ + public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate cert) { + return null; + } + + /** + * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate) + */ + public X509Certificate getPublicKeyParamsAsCert(X509Certificate cert) { + return null; + } + +} |