From f51f447ed199dc1c3f5dc750d169462d42b2b6ad Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 11:50:42 +0100
Subject: load IAIK JCE as security provider

BugFix:
@MandateReferenceValue has to to been added
@SessionStorage hibernate RoleBack in case of no MOASession is found
---
 .../egovernment/moa/id/auth/MOAIDAuthInitializer.java | 13 ++++++++++++-
 .../egovernment/moa/id/auth/servlet/AuthServlet.java  | 11 +++++++++++
 .../moa/id/entrypoints/DispatcherServlet.java         |  6 +++++-
 .../MandateReferenceValueAttributeBuilder.java        | 19 ++++++++++---------
 .../moa/id/storage/AuthenticationSessionStoreage.java |  1 +
 5 files changed, 39 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 556d26c67..dbfbdad51 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -24,11 +24,15 @@
 
 package at.gv.egovernment.moa.id.auth;
 
+import iaik.cms.ecc.IaikEccProvider;
 import iaik.pki.PKIException;
 import iaik.pki.jsse.IAIKX509TrustManager;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
+import java.security.Security;
 import java.util.Properties;
 
 import javax.activation.CommandMap;
@@ -74,6 +78,14 @@ public class MOAIDAuthInitializer {
         Logger.info("Default java file.encoding: "
                 + System.getProperty("file.encoding"));
 
+        
+		Logger.info("Loading security providers.");
+		IAIK.addAsProvider();
+		
+		
+//		Security.insertProviderAt(new IAIK(), 1);
+//		Security.insertProviderAt(new ECCProvider(), 1);
+        
         //JDK bug workaround according to:
         // http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier
         // register content data handlers for S/MIME types
@@ -180,5 +192,4 @@ public class MOAIDAuthInitializer {
         AuthConfigLoader.start();
     }
     
-
 }
\ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
index 27ac16157..1b7b317c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -23,9 +23,13 @@
 
 package at.gv.egovernment.moa.id.auth.servlet;
 
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.security.Security;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.List;
@@ -34,6 +38,7 @@ import java.util.Map;
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletConfig;
 import javax.servlet.ServletContext;
+import javax.servlet.ServletContextEvent;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
@@ -351,6 +356,12 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
 		super.init(servletConfig);
 	}
 
+	
+//	public void contextDestroyed(ServletContextEvent arg0) {
+//		Security.removeProvider((new IAIK()).getName());
+//		Security.removeProvider((new ECCProvider()).getName());
+//	}
+	
 	/**
 	 * Set response headers to avoid caching
 	 * 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 225ecb2a2..777081da0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -2,7 +2,11 @@ package at.gv.egovernment.moa.id.entrypoints;
 
 
 
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+
 import java.io.IOException;
+import java.security.Security;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
@@ -478,7 +482,7 @@ public class DispatcherServlet extends AuthServlet{
 	    }
 
 	}
-
+	
 	@Override
 	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
 			throws ServletException, IOException {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java
index 5a50473d3..46c6ffb78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateReferenceValueAttributeBuilder.java
@@ -20,17 +20,18 @@ public class MandateReferenceValueAttributeBuilder extends BaseAttributeBuilder
 	public Attribute build(AuthenticationSession authSession, 
 			OAAuthParameter oaParam, AuthenticationData authData) throws PVP2Exception {
 		if(authSession.getUseMandate()) {
-			Element mandate = authSession.getMandate();
-			if(mandate == null) {
-				throw new NoMandateDataAvailableException();
-			}
-			Mandate mandateObject = MandateBuilder.buildMandate(mandate);
-			if(mandateObject == null) {
-				throw new NoMandateDataAvailableException();
-			}
+			
+//			Element mandate = authSession.getMandate();
+//			if(mandate == null) {
+//				throw new NoMandateDataAvailableException();
+//			}
+//			Mandate mandateObject = MandateBuilder.buildMandate(mandate);
+//			if(mandateObject == null) {
+//				throw new NoMandateDataAvailableException();
+//			}
 			
 			return buildStringAttribute(MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, 
-					MANDATE_REFERENCE_VALUE_NAME, mandateObject.getMandateID());
+					MANDATE_REFERENCE_VALUE_NAME, authSession.getMandateReferenceValue());
 		}
 		return null;
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index e40d11128..840c3f2be 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -209,6 +209,7 @@ public class AuthenticationSessionStoreage {
 				  //Assertion requires an unique artifact
 				  if (result.size() != 1) {
 					 Logger.trace("No entries found.");
+					 tx.rollback();
 				   	throw new MOADatabaseException("No session found with this sessionID");
 				  }
 				  
-- 
cgit v1.2.3