1 files changed, 0 insertions, 286 deletions

diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
deleted file mode 100644
index 544ea916c..000000000
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
+++ /dev/null
@@ -1,286 +0,0 @@
-package at.gv.egovernment.moa.spss.util;
-
-import iaik.asn1.ObjectID;
-import iaik.asn1.structures.Name;
-import iaik.asn1.structures.PolicyInformation;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-import iaik.x509.extensions.CertificatePolicies;
-import iaik.x509.extensions.qualified.QCStatements;
-import iaik.x509.extensions.qualified.structures.QCStatement;
-import iaik.x509.extensions.qualified.structures.etsi.QcEuCompliance;
-import iaik.x509.extensions.qualified.structures.etsi.QcEuSSCD;
-import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
-import iaik.xml.crypto.tsl.ex.TSLSearchException;
-
-import java.security.Principal;
-
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask;
-
-public class CertificateUtils {
-	
-	
-	/**
-	 * Verifies if the given certificate contains QCP+ statement
-	 * @param cert X509Certificate
-	 * @return true if the given certificate contains QCP+ statement, else false
-	 */
-	private static boolean checkQCPPlus(X509Certificate cert) {
-		Logger.debug("Checking QCP+ extension");
-		String OID_QCPPlus = "0.4.0.1456.1.1";
-		try {
-			CertificatePolicies certPol = (CertificatePolicies) cert.getExtension(CertificatePolicies.oid);
-			if (certPol == null) {
-				Logger.debug("No CertificatePolicies extension found");
-				return false;
-			}
-			
-			PolicyInformation[] polInfo = certPol.getPolicyInformation();
-			if (polInfo == null) {
-				Logger.debug("No policy information found");
-				return false;
-			}
-			
-			for (int i = 0; i < polInfo.length; i++) {
-				ObjectID oid = polInfo[i].getPolicyIdentifier();
-				String oidStr = oid.getID();
-				if (oidStr.compareToIgnoreCase(OID_QCPPlus) == 0) {
-					Logger.debug("QCP+ extension found");
-					return true;
-				}
-			}
-			
-			Logger.debug("No QCP+ extension found");
-			
-			return false;
-		} catch (X509ExtensionInitException e) {
-			Logger.debug("No QCP+ extension found");
-			
-			return false;
-		}
-		
-	}
-	
-	/**
-	 * Verifies if the given certificate contains QCP statement
-	 * @param cert X509Certificate
-	 * @return true if the given certificate contains QCP statement, else false
-	 */
-	private static boolean checkQCP(X509Certificate cert) {
-		Logger.debug("Checking QCP extension");
-		String OID_QCP = "0.4.0.1456.1.2";
-		try {
-			CertificatePolicies certPol = (CertificatePolicies) cert.getExtension(CertificatePolicies.oid);
-			if (certPol == null) {
-				Logger.debug("No CertificatePolicies extension found");
-				return false;
-			}
-			
-			PolicyInformation[] polInfo = certPol.getPolicyInformation();
-			if (polInfo == null) {
-				Logger.debug("No policy information found");
-				return false;
-			}
-			
-			for (int i = 0; i < polInfo.length; i++) {
-				ObjectID oid = polInfo[i].getPolicyIdentifier();
-				String oidStr = oid.getID();
-				if (oidStr.compareToIgnoreCase(OID_QCP) == 0) {
-					Logger.debug("QCP extension found");
-					return true;
-				}
-				
-			}
-			
-			Logger.debug("No QCP extension found");
-			return false;
-
-		} catch (X509ExtensionInitException e) {
-			Logger.debug("No QCP extension found");
-			return false;
-		}
-		
-	}
-	
-	/**
-	 * Verifies if the given certificate contains QcEuCompliance statement
-	 * @param cert X509Certificate
-	 * @return true if the given certificate contains QcEuCompliance statement, else false
-	 */
-	private static boolean checkQcEuCompliance(X509Certificate cert) {
-		Logger.debug("Checking QcEUCompliance extension");
-		try {
-			QCStatements qcStatements = (QCStatements) cert.getExtension(QCStatements.oid);
-			
-			if (qcStatements == null) {
-				Logger.debug("No QcStatements extension found");
-				return false;
-			}
-			
-			QCStatement qcEuCompliance = qcStatements.getQCStatements(QcEuCompliance.statementID);
-			
-			if (qcEuCompliance != null) {
-				Logger.debug("QcEuCompliance extension found");
-				return true;
-			}
-			
-			Logger.debug("No QcEuCompliance extension found");
-			return false;
-
-		} catch (X509ExtensionInitException e) {
-			Logger.debug("No QcEuCompliance extension found");
-			return false;
-		}
-		
-	}
-	
-	/**
-	 * Verifies if the given certificate contains QcEuSSCD statement
-	 * @param cert X509Certificate
-	 * @return true if the given certificate contains QcEuSSCD statement, else false
-	 */
-	private static boolean checkQcEuSSCD(X509Certificate cert) {
-		Logger.debug("Checking QcEuSSCD extension");
-		try {
-			QCStatements qcStatements = (QCStatements) cert.getExtension(QCStatements.oid);
-			if (qcStatements == null) {
-				Logger.debug("No QcStatements extension found");
-				return false;
-			}
-			
-			QCStatement qcEuSSCD = qcStatements.getQCStatements(QcEuSSCD.statementID);
-			
-			if (qcEuSSCD != null) {
-				Logger.debug("QcEuSSCD extension found");
-				return true;
-			}
-						
-			Logger.debug("No QcEuSSCD extension found");
-			return false;
-
-		} catch (X509ExtensionInitException e) {
-			Logger.debug("No QcEuSSCD extension found");
-			return false;
-		}
-		
-	}
-
-	public static QCSSCDResult checkQCSSCD(X509Certificate[] chain, boolean isTSLenabledTrustprofile) {
-		
-		boolean qc = false;
-		boolean qcSourceTSL = false;
-		boolean sscd = false;
-		boolean sscdSourceTSL = false;
-		
-		try { 
-		
-			if (isTSLenabledTrustprofile) {
-				// perform QC check via TSL
-				boolean checkQCFromTSL = TSLUpdaterTimerTask.tslconnector_.checkQC(chain);
-				if (!checkQCFromTSL) { 
-					// if QC check via TSL returns false
-					// try certificate extensions QCP and QcEuCompliance
-					Logger.debug("QC check via TSL returned false - checking certificate extensions");
-			     	boolean checkQCP = CertificateUtils.checkQCP(chain[0]);
-			        boolean checkQcEuCompliance = CertificateUtils.checkQcEuCompliance(chain[0]);
-			        
-			        if (checkQCP || checkQcEuCompliance) {
-			        	Logger.debug("Certificate is QC (Source: Certificate)");
-			        	qc = true;			        	
-			        }
-			        
-		        	qcSourceTSL = false;
-		        }
-		        else {
-		        	// use TSL result
-		        	Logger.debug("Certificate is QC (Source: TSL)");
-		        	qc = true;
-		        	qcSourceTSL = true;
-		        }
-				
-				// perform SSCD check via TSL
-	        	boolean checkSSCDFromTSL = TSLUpdaterTimerTask.tslconnector_.checkSSCD(chain);
-	        	if (!checkSSCDFromTSL) {
-	        		// if SSCD check via TSL returns false
-					// try certificate extensions QCP+ and QcEuSSCD			       
-	        		Logger.debug("SSCD check via TSL returned false - checking certificate extensions");
-		        	boolean checkQCPPlus = CertificateUtils.checkQCPPlus(chain[0]);
-			        boolean checkQcEuSSCD = CertificateUtils.checkQcEuSSCD(chain[0]);
-			        
-			        if (checkQCPPlus || checkQcEuSSCD) {
-			        	Logger.debug("Certificate is SSCD (Source: Certificate)");
-			        	sscd = true;
-			        }
-			        
-		        	sscdSourceTSL = false;
-		        }
-		        else {
-		        	// use TSL result
-		        	Logger.debug("Certificate is SSCD (Source: TSL)");
-		        	sscd = true;
-		        	sscdSourceTSL = true;
-		        }
-	        	
-			}
-			else {
-				// Trustprofile is not TSL enabled - use certificate extensions only
-
-				// perform QC check
-				// try certificate extensions QCP and QcEuCompliance
-		     	boolean checkQCP = CertificateUtils.checkQCP(chain[0]);
-		        boolean checkQcEuCompliance = CertificateUtils.checkQcEuCompliance(chain[0]);
-		        
-		        if (checkQCP || checkQcEuCompliance)
-		        	qc = true;
-		        
-	        	qcSourceTSL = false;
-	        	
-	        	// perform SSCD check
-	        	// try certificate extensions QCP+ and QcEuSSCD			       
-	        	boolean checkQCPPlus = CertificateUtils.checkQCPPlus(chain[0]);
-		        boolean checkQcEuSSCD = CertificateUtils.checkQcEuSSCD(chain[0]);
-		        
-		        if (checkQCPPlus || checkQcEuSSCD)
-		        	sscd = true;
-		        
-	        	sscdSourceTSL = false;
-			}
-		}
-		catch (TSLEngineDiedException e) {
-	    	MessageProvider msg = MessageProvider.getInstance();
-	        Logger.error(new LogMsg(msg.getMessage("tsl.01", null)), e);
-		} catch (TSLSearchException e) {
-	    	MessageProvider msg = MessageProvider.getInstance();
-	        Logger.error(new LogMsg(msg.getMessage("tsl.01", null)), e);
-		}
-		
-		QCSSCDResult result = new QCSSCDResult(qc, qcSourceTSL, sscd, sscdSourceTSL);
-		
-		return result;
-	}
-	
-	/**
-	    * Gets the country from the certificate issuer
-	    * @param cert X509 certificate
-	    * @return Country code from the certificate issuer
-	    */
-	   public static String getIssuerCountry(X509Certificate cert) {
-		   String country = null;
-		   Principal issuerdn = cert.getIssuerX500Principal();
-		   RFC2253NameParser nameParser = new RFC2253NameParser(issuerdn.getName());
-		   
-		   try {
-			   Name name = nameParser.parse();
-			   country = name.getRDN(ObjectID.country);
-		   } catch (RFC2253NameParserException e) {
-			   Logger.warn("Could not get country code from issuer.");
-		   }
-		   
-		    
-		   return country;
-	   }
-}