diff options
Diffstat (limited to 'spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java')
-rw-r--r-- | spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java | 103 |
1 files changed, 96 insertions, 7 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 09f496c74..e335139aa 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -101,6 +101,10 @@ public class ConfigurationPartsBuilder { ROOT + CONF + "SignatureCreation/" + CONF + "XMLDSig/" + CONF + "DigestMethodAlgorithm"; + private static final String XADES_VERSION_XPATH = + ROOT + CONF + "SignatureCreation/" + + CONF + "XAdES/" + + CONF + "Version"; private static final String C14N_ALGORITHM_XPATH = ROOT + CONF + "SignatureCreation/" + CONF + "XMLDSig/" @@ -115,6 +119,13 @@ public class ConfigurationPartsBuilder { ROOT + CONF + "Common/" + CONF + "PermitExternalUris/" + CONF + "BlackListUri"; + private static final String FORBID_EXTERNAL_URIS_XPATH = + ROOT + CONF + "Common/" + + CONF + "ForbidExternalUris"; + private static final String WHITE_LIST_URIS_XPATH = + ROOT + CONF + "Common/" + + CONF + "ForbidExternalUris/" + + CONF + "WhiteListUri"; private static final String HARDWARE_KEY_XPATH = ROOT + CONF + "SignatureCreation/" @@ -263,15 +274,19 @@ public class ConfigurationPartsBuilder { /** The accepted digest method algorithm URIs, as an array */ private static final String[] ACCEPTED_DIGEST_ALGORITHMS_ARRAY = - { Constants.SHA1_URI }; + { Constants.SHA1_URI, + Constants.SHA256_URI, + Constants.SHA384_URI, + Constants.SHA512_URI}; /** The accepted digest method algorithm URIs, as a Set */ private static final Set ACCEPTED_DIGEST_ALGORITHMS = new HashSet(Arrays.asList(ACCEPTED_DIGEST_ALGORITHMS_ARRAY)); - + + /** Default digest algorithm URI, if none/illegal has been configured */ private static final String DIGEST_ALGORITHM_DEFAULT = Constants.SHA1_URI; - + /** The root element of the MOA configuration */ private Element configElem; @@ -333,7 +348,7 @@ public class ConfigurationPartsBuilder { public String getDigestMethodAlgorithmName() { String digestMethod = getElementValue(getConfigElem(), DIGEST_METHOD_XPATH, null); - + if (digestMethod == null || !ACCEPTED_DIGEST_ALGORITHMS.contains(digestMethod)) { info( @@ -344,7 +359,20 @@ public class ConfigurationPartsBuilder { return digestMethod; } - + + /** + * Returns the digest method algorithm name. + * + * @return The digest method algorithm name from the configuration. + */ + public String getXAdESVersion() + { + String xadesVersion = getElementValue(getConfigElem(), XADES_VERSION_XPATH, null); + + return xadesVersion; + } + + /** * Returns the canonicalization algorithm name. * @@ -409,6 +437,7 @@ public class ConfigurationPartsBuilder { } } + /** * * @return @@ -448,10 +477,12 @@ public class ConfigurationPartsBuilder { array[1] = port; blacklist.add(array); - } + } + // set blacklist for iaik-moa ExternalReferenceChecker.setBlacklist(blackListIaikMoa); + if(blacklist.isEmpty()) // no blacklisted uris given info("config.36", null); @@ -459,7 +490,64 @@ public class ConfigurationPartsBuilder { return blacklist; } + + /** + * + * @return + */ + public List buildForbidExternalUris() { + + //info("config.47", null); + + List whitelist = new ArrayList(); + List whiteListIaikMoa = new ArrayList(); + + NodeIterator forbidExtIter = XPathUtils.selectNodeIterator( + getConfigElem(), + WHITE_LIST_URIS_XPATH); + + Element permitExtElem = null; + while ((permitExtElem = (Element) forbidExtIter.nextNode()) != null) { + String host = getElementValue(permitExtElem, CONF + "IP", null); + String port = getElementValue(permitExtElem, CONF + "Port", null); + + // TODO WhiteListeEntry +// WhiteListEntry entry =null; + if (port == null) { +// entry = new WhiteListEntry(host, -1); + info("config.49", new Object[]{host}); + } + else { +// entry = new WhiteListEntry(host, new Integer(port).intValue()); + info("config.49", new Object[]{host + ":" + port}); + } +// +// // add entry to iaik-moa whitelist +// whiteListIaikMoa.add(entry); + + + String array[] = new String[2]; + array[0] = host; + array[1] = port; + whitelist.add(array); + + } + + + // set whitelist for iaik-moa + // TODO +// ExternalReferenceChecker.setWhitelist(whiteListIaikMoa); + + + if(whitelist.isEmpty()) // no whitelisted uris given + info("config.48", null); + + + return whitelist; + } + + /** * Build the configured hardware keys. * @@ -573,9 +661,10 @@ public class ConfigurationPartsBuilder { while ((keyGroupElem = (Element) kgIter.nextNode()) != null) { String keyGroupId = getElementValue(keyGroupElem, CONF + "Id", null); + String keyGroupDigestMethodAlgorithm = getElementValue(keyGroupElem, CONF + "DigestMethodAlgorithm", null); Set keyGroupEntries = buildKeyGroupEntries(keyGroupId, keyModuleIds, keyGroupElem); - KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries); + KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries, keyGroupDigestMethodAlgorithm); if (keyGroups.containsKey(keyGroupId)) { |