aboutsummaryrefslogtreecommitdiff
path: root/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
diff options
context:
space:
mode:
Diffstat (limited to 'spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java')
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java181
1 files changed, 100 insertions, 81 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
index 6798a5db1..c365a1121 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
@@ -1,21 +1,40 @@
package at.gv.egovernment.moa.spss.tsl.timer;
import iaik.pki.store.certstore.CertStoreException;
+import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.truststore.TrustStoreException;
+import iaik.pki.store.truststore.TrustStoreProfile;
+import iaik.pki.store.utils.StoreUpdater;
+import iaik.server.ConfigurationData;
+import iaik.x509.X509Certificate;
import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
import iaik.xml.crypto.tsl.ex.TSLSearchException;
+import java.io.File;
+import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.Map;
import java.util.TimerTask;
import at.gv.egovernment.moa.logging.LogMsg;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
+import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.tsl.connector.TSLConnector;
import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.StringUtils;
+
public class TSLUpdaterTimerTask extends TimerTask {
@@ -31,7 +50,7 @@ public class TSLUpdaterTimerTask extends TimerTask {
Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
// TODO wenn update nicht erfolgreich, dann soll TSL-Trustprofil nicht zur
- // Verfügung stehen.
+ // Verfügung stehen?
} catch (TSLSearchException e) {
MessageProvider msg = MessageProvider.getInstance();
@@ -62,86 +81,86 @@ public class TSLUpdaterTimerTask extends TimerTask {
}
public static void update() throws TSLEngineDiedException, TSLSearchException, ConfigurationException, MOAApplicationException, CertStoreException, TrustStoreException, CertificateException, FileNotFoundException, IOException {
-// MessageProvider msg = MessageProvider.getInstance();
-//
-// //get TSl configuration
-// ConfigurationProvider config = ConfigurationProvider.getInstance();
-// ConfigurationData configData = new IaikConfigurator().configure(config);
-// TSLConfiguration tslconfig = config.getTSLConfiguration();
-// if (tslconfig != null) {
-//
-// Logger.info(new LogMsg(msg.getMessage("config.42", null)));
-//
-// // get certstore parameters
-// CertStoreParameters[] certStoreParameters = configData.getPKIConfiguration().getCertStoreConfiguration().getParameters();
-//
-// // iterate over all truststores
-// Map mapTrustProfiles = config.getTrustProfiles();
-// Iterator it = mapTrustProfiles.entrySet().iterator();
-// while (it.hasNext()) {
-// Map.Entry pairs = (Map.Entry)it.next();
-// TrustProfile tp = (TrustProfile) pairs.getValue();
-// if (tp.isTSLEnabled()) {
-// TrustStoreProfile tsp = new TrustStoreProfileImpl(config, tp.getId());
-// TrustStoreProfile[] trustStoreProfiles = new TrustStoreProfile[1];
-// trustStoreProfiles[0] = tsp;
-//
-// Logger.debug(new LogMsg(msg.getMessage("config.43", new String[]{tp.getId()})));
-//
-// TransactionId tid = new TransactionId("TSLConfigurator-" + tp.getId());
-// ArrayList tsl_certs = null;
-// if (StringUtils.isEmpty(tp.getCountries())) {
-// Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
-//
-// // get certificates from TSL from all countries
-// tsl_certs = tslconnector_.updateAndGetQualifiedCACertificates(new Date(), new String[]{"accredited","undersupervision"});
-// }
-// else {
-// Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
-// // get selected countries as array
-// String countries = tp.getCountries();
-// String[] array = countries.split(",");
-// for (int i = 0; i < array.length; i++)
-// array[i] = array[i].trim();
-//
-// // get certificates from TSL from given countries
-// tsl_certs = tslconnector_.updateAndGetQualifiedCACertificates(new Date(), array, new String[]{"accredited","undersupervision"});
-// }
-//
-// // create store updater for each TSL enabled truststore
-// Logger.debug(new LogMsg(msg.getMessage("config.45", null)));
-// StoreUpdater storeUpdater = new StoreUpdater(certStoreParameters, trustStoreProfiles, tid);
-//
-// // convert ArrayList<File> to X509Certificate[]
-// X509Certificate[] addCertificates = new X509Certificate[tsl_certs.size()];
-// Iterator itcert = tsl_certs.iterator();
-// int i = 0;
-// while(itcert.hasNext()) {
-// File f = (File)itcert.next();
-// X509Certificate cert = new X509Certificate(new FileInputStream(f));
-// addCertificates[i] = cert;
-//
-// i++;
-// }
-//
-// // get certificates to be removed
-// X509Certificate[] removeCertificates = tp.getCertficatesToBeRemoved();
-//
-//
-// //Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
-// Logger.debug(new LogMsg("Remove " + removeCertificates.length + " certificates."));
-// storeUpdater.removeCertificatesFromTrustStores(removeCertificates, tid);
-//
-//
-// Logger.debug(new LogMsg("Add " + addCertificates.length + " certificates."));
-// storeUpdater.addCertificatesToTrustStores(addCertificates, tid);
-//
-// // set the certifcates to be removed for the next TSL update
-// tp.setCertificatesToBeRemoved(addCertificates);
-//
-// }
-// }
-// }
+ MessageProvider msg = MessageProvider.getInstance();
+
+ //get TSl configuration
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+ ConfigurationData configData = new IaikConfigurator().configure(config);
+ TSLConfiguration tslconfig = config.getTSLConfiguration();
+ if (tslconfig != null) {
+
+ Logger.info(new LogMsg(msg.getMessage("config.42", null)));
+
+ // get certstore parameters
+ CertStoreParameters[] certStoreParameters = configData.getPKIConfiguration().getCertStoreConfiguration().getParameters();
+
+ // iterate over all truststores
+ Map mapTrustProfiles = config.getTrustProfiles();
+ Iterator it = mapTrustProfiles.entrySet().iterator();
+ while (it.hasNext()) {
+ Map.Entry pairs = (Map.Entry)it.next();
+ TrustProfile tp = (TrustProfile) pairs.getValue();
+ if (tp.isTSLEnabled()) {
+ TrustStoreProfile tsp = new TrustStoreProfileImpl(config, tp.getId());
+ TrustStoreProfile[] trustStoreProfiles = new TrustStoreProfile[1];
+ trustStoreProfiles[0] = tsp;
+
+ Logger.debug(new LogMsg(msg.getMessage("config.43", new String[]{tp.getId()})));
+
+ TransactionId tid = new TransactionId("TSLConfigurator-" + tp.getId());
+ ArrayList tsl_certs = null;
+ if (StringUtils.isEmpty(tp.getCountries())) {
+ Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
+
+ // get certificates from TSL from all countries
+ tsl_certs = tslconnector_.updateAndGetQualifiedCACertificates(new Date(), new String[]{"accredited","undersupervision"});
+ }
+ else {
+ Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
+ // get selected countries as array
+ String countries = tp.getCountries();
+ String[] array = countries.split(",");
+ for (int i = 0; i < array.length; i++)
+ array[i] = array[i].trim();
+
+ // get certificates from TSL from given countries
+ tsl_certs = tslconnector_.updateAndGetQualifiedCACertificates(new Date(), array, new String[]{"accredited","undersupervision"});
+ }
+
+ // create store updater for each TSL enabled truststore
+ Logger.debug(new LogMsg(msg.getMessage("config.45", null)));
+ StoreUpdater storeUpdater = new StoreUpdater(certStoreParameters, trustStoreProfiles, tid);
+
+ // convert ArrayList<File> to X509Certificate[]
+ X509Certificate[] addCertificates = new X509Certificate[tsl_certs.size()];
+ Iterator itcert = tsl_certs.iterator();
+ int i = 0;
+ while(itcert.hasNext()) {
+ File f = (File)itcert.next();
+ X509Certificate cert = new X509Certificate(new FileInputStream(f));
+ addCertificates[i] = cert;
+
+ i++;
+ }
+
+ // get certificates to be removed
+ X509Certificate[] removeCertificates = tp.getCertficatesToBeRemoved();
+
+
+ //Logger.debug(new LogMsg(msg.getMessage("config.44", null)));
+ Logger.debug(new LogMsg("Remove " + removeCertificates.length + " certificates."));
+ storeUpdater.removeCertificatesFromTrustStores(removeCertificates, tid);
+
+
+ Logger.debug(new LogMsg("Add " + addCertificates.length + " certificates."));
+ storeUpdater.addCertificatesToTrustStores(addCertificates, tid);
+
+ // set the certifcates to be removed for the next TSL update
+ tp.setCertificatesToBeRemoved(addCertificates);
+
+ }
+ }
+ }
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 13:39:45 +0000