From 139926faa31ae3ed34dc0083fee503d439112281 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 20 Jun 2018 15:11:13 +0200 Subject: refactor PVP2 S-Profile implementation and perform first tests --- .../moa/id/commons/MOAIDAuthConstants.java | 4 + .../commons/api/data/BPKDecryptionParameters.java | 2 +- .../moa/id/commons/utils/ssl/SSLUtils.java | 2 +- .../java/at/gv/egovernment/moa/util/FileUtils.java | 146 -------------- .../at/gv/egovernment/moa/util/KeyStoreUtils.java | 223 --------------------- .../at/gv/egovernment/moa/util/StreamUtils.java | 197 ------------------ 6 files changed, 6 insertions(+), 568 deletions(-) delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java (limited to 'id/server/moa-id-commons/src/main/java/at') diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java index 3f6227402..663f712ef 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java @@ -194,5 +194,9 @@ public class MOAIDAuthConstants extends MOAIDConstants{ @Deprecated public static final String AUTHPROCESS_DATA_TARGETFRIENDLYNAME = "authProces_TargetFriendlyName"; + public static final String DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP = "useMinimalFrontChannelResponse"; + public static final String DATAID_INTERFEDERATION_NAMEID = "federatedNameID"; + public static final String DATAID_INTERFEDERATION_QAALEVEL = "federatedQAALevel"; + public static final String DATAID_INTERFEDERATION_REQUESTID = "authnReqID"; } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java index cb81fe79e..5fec08053 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java @@ -34,8 +34,8 @@ import java.security.UnrecoverableKeyException; import org.apache.commons.lang3.SerializationUtils; +import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.KeyStoreUtils; /** diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java index abf2d211c..e6efca4ea 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/SSLUtils.java @@ -58,8 +58,8 @@ import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; +import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.KeyStoreUtils; import at.gv.egovernment.moaspss.logging.LoggingContext; import at.gv.egovernment.moaspss.logging.LoggingContextManager; import iaik.pki.DefaultPKIConfiguration; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java deleted file mode 100644 index 8d6aea164..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java +++ /dev/null @@ -1,146 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.BufferedInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.net.URL; - -/** - * Utility for accessing files on the file system, and for reading from input streams. - * @author Paul Ivancsics - * @version $Id$ - */ -public class FileUtils { - - /** - * Reads a file, given by URL, into a byte array. - * @param urlString file URL - * @return file content - * @throws IOException on any exception thrown - */ - public static byte[] readURL(String urlString) throws IOException { - URL url = new URL(urlString); - InputStream in = new BufferedInputStream(url.openStream()); - byte[] content = StreamUtils.readStream(in); - in.close(); - return content; - } - - /** - * Reads a file from a resource. - * @param name resource name - * @return file content as a byte array - * @throws IOException on any exception thrown - */ - public static byte[] readResource(String name) throws IOException { - ClassLoader cl = FileUtils.class.getClassLoader(); - BufferedInputStream in = new BufferedInputStream(cl.getResourceAsStream(name)); - byte[] content = StreamUtils.readStream(in); - in.close(); - return content; - } - /** - * Reads a file from a resource. - * @param name filename - * @param encoding character encoding - * @return file content - * @throws IOException on any exception thrown - */ - public static String readResource(String name, String encoding) throws IOException { - byte[] content = readResource(name); - return new String(content, encoding); - } - - /** - * Returns the absolute URL of a given url which is relative to the parameter root - * @param url - * @param root - * @return String - */ - public static String makeAbsoluteURL(String url, String root) { - //if url is relative to rootConfigFileDirName make it absolute - - File keyFile; - String newURL = url; - - if(null == url) return null; - - if (url.startsWith("http:/") || url.startsWith("https:/") || url.startsWith("file:/") || url.startsWith("ftp:/")) { - return url; - } else { - // check if absolute - if not make it absolute - keyFile = new File(url); - if (!keyFile.isAbsolute()) { - keyFile = new File(root, url); - - if (keyFile.toString().startsWith("file:")) - newURL = keyFile.toString(); - - else - newURL = keyFile.toURI().toString(); - - } - return newURL; - } - } - - - private static void copy( InputStream fis, OutputStream fos ) - { - try - { - byte[] buffer = new byte[ 0xFFFF ]; - for ( int len; (len = fis.read(buffer)) != -1; ) - fos.write( buffer, 0, len ); - } - catch( IOException e ) { - System.err.println( e ); - } - finally { - if ( fis != null ) - try { fis.close(); } catch ( IOException e ) { e.printStackTrace(); } - if ( fos != null ) - try { fos.close(); } catch ( IOException e ) { e.printStackTrace(); } - } - } - - public static void copyFile(File src, File dest) - { - try - { - copy( new FileInputStream( src ), new FileOutputStream( dest ) ); - } - catch( IOException e ) { - e.printStackTrace(); - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java deleted file mode 100644 index 38dcafcc0..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import iaik.x509.X509Certificate; - -import java.io.BufferedInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.cert.Certificate; - -/** - * Utility for creating and loading key stores. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class KeyStoreUtils { - - /** - * JAVA KeyStore - */ - private static final String KEYSTORE_TYPE_JKS = "JKS"; - - /** - * PKCS12 KeyStore - */ - private static final String KEYSTORE_TYPE_PKCS12 = "PKCS12"; - - - - /** - * Loads a key store from file. - * - * @param keystoreType key store type - * @param urlString URL of key store - * @param password password protecting the key store - * @return key store loaded - * @throws IOException thrown while reading the key store from file - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore loadKeyStore( - String keystoreType, - String urlString, - String password) - throws IOException, GeneralSecurityException { - - URL keystoreURL = new URL(urlString); - InputStream in = keystoreURL.openStream(); - return loadKeyStore(keystoreType, in, password); - } - /** - * Loads a key store from an InputStream, and - * closes the InputStream. - * - * @param keystoreType key store type - * @param in input stream - * @param password password protecting the key store - * @return key store loaded - * @throws IOException thrown while reading the key store from the stream - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore loadKeyStore( - String keystoreType, - InputStream in, - String password) - throws IOException, GeneralSecurityException { - - char[] chPassword = null; - if (password != null) - chPassword = password.toCharArray(); - KeyStore ks = KeyStore.getInstance(keystoreType); - ks.load(in, chPassword); - in.close(); - return ks; - } - /** - * Creates a key store from X509 certificate files, aliasing them with - * the index in the String[], starting with "0". - * - * @param keyStoreType key store type - * @param certFilenames certificate filenames - * @return key store created - * @throws IOException thrown while reading the certificates from file - * @throws GeneralSecurityException thrown while creating the key store - */ - public static KeyStore createKeyStore( - String keyStoreType, - String[] certFilenames) - throws IOException, GeneralSecurityException { - - KeyStore ks = KeyStore.getInstance(keyStoreType); - ks.load(null, null); - for (int i = 0; i < certFilenames.length; i++) { - Certificate cert = loadCertificate(certFilenames[i]); - ks.setCertificateEntry("" + i, cert); - } - return ks; - } -// /** -// * Creates a key store from a directory containg X509 certificate files, -// * aliasing them with the index in the String[], starting with "0". -// * All the files in the directory are considered to be certificates. -// * -// * @param keyStoreType key store type -// * @param certDirURLString file URL of directory containing certificate filenames -// * @return key store created -// * @throws IOException thrown while reading the certificates from file -// * @throws GeneralSecurityException thrown while creating the key store -// */ -// public static KeyStore createKeyStoreFromCertificateDirectory( -// String keyStoreType, -// String certDirURLString) -// throws IOException, GeneralSecurityException { -// -// URL certDirURL = new URL(certDirURLString); -// String certDirname = certDirURL.getFile(); -// File certDir = new File(certDirname); -// String[] certFilenames = certDir.list(); -// String separator = -// (certDirname.endsWith(File.separator) ? "" : File.separator); -// for (int i = 0; i < certFilenames.length; i++) { -// certFilenames[i] = certDirname + separator + certFilenames[i]; -// } -// return createKeyStore(keyStoreType, certFilenames); -// } - - /** - * Loads an X509 certificate from file. - * @param certFilename filename - * @return the certificate loaded - * @throws IOException thrown while reading the certificate from file - * @throws GeneralSecurityException thrown while creating the certificate - */ - private static Certificate loadCertificate(String certFilename) - throws IOException, GeneralSecurityException { - - FileInputStream in = new FileInputStream(certFilename); - Certificate cert = new X509Certificate(in); - in.close(); - return cert; - } - - - /** - * Loads a keyStore without knowing the keyStore type - * @param keyStorePath URL to the keyStore - * @param password Password protecting the keyStore - * @return keyStore loaded - * @throws KeyStoreException thrown if keyStore cannot be loaded - * @throws FileNotFoundException - * @throws IOException - */ - public static KeyStore loadKeyStore(String keyStorePath, String password) throws KeyStoreException, IOException{ - - //InputStream is = new FileInputStream(keyStorePath); - URL keystoreURL = new URL(keyStorePath); - InputStream in = keystoreURL.openStream(); - InputStream isBuffered = new BufferedInputStream(in); - return loadKeyStore(isBuffered, password); - - } - - /** - * Loads a keyStore without knowing the keyStore type - * @param in input stream - * @param password Password protecting the keyStore - * @return keyStore loaded - * @throws KeyStoreException thrown if keyStore cannot be loaded - * @throws FileNotFoundException - * @throws IOException - */ -public static KeyStore loadKeyStore(InputStream is, String password) throws KeyStoreException, IOException{ - is.mark(1024*1024); - KeyStore ks = null; - try { - try { - ks = loadKeyStore(KEYSTORE_TYPE_PKCS12, is, password); - } catch (IOException e2) { - is.reset(); - ks = loadKeyStore(KEYSTORE_TYPE_JKS, is, password); - } - } catch(Exception e) { - e.printStackTrace(); - //throw new KeyStoreException(e); - } - return ks; - - } - - - - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java deleted file mode 100644 index e4ccd127f..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java +++ /dev/null @@ -1,197 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.util; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.PrintStream; - -/** - * Utility methods for streams. - * - * @author Patrick Peck - * @version $Id$ - */ -public class StreamUtils { - - /** - * Compare the contents of two InputStreams. - * - * @param is1 The 1st InputStream to compare. - * @param is2 The 2nd InputStream to compare. - * @return boolean true, if both streams contain the exactly the - * same content, false otherwise. - * @throws IOException An error occurred reading one of the streams. - */ - public static boolean compareStreams(InputStream is1, InputStream is2) - throws IOException { - - byte[] buf1 = new byte[256]; - byte[] buf2 = new byte[256]; - int length1; - int length2; - - try { - while (true) { - length1 = is1.read(buf1); - length2 = is2.read(buf2); - - if (length1 != length2) { - return false; - } - if (length1 <= 0) { - return true; - } - if (!compareBytes(buf1, buf2, length1)) { - return false; - } - } - } catch (IOException e) { - throw e; - } finally { - // close both streams - try { - is1.close(); - is2.close(); - } catch (IOException e) { - // ignore this - } - } - } - - /** - * Compare two byte arrays, up to a given maximum length. - * - * @param b1 1st byte array to compare. - * @param b2 2nd byte array to compare. - * @param length The maximum number of bytes to compare. - * @return true, if the byte arrays are equal, false - * otherwise. - */ - private static boolean compareBytes(byte[] b1, byte[] b2, int length) { - if (b1.length != b2.length) { - return false; - } - - for (int i = 0; i < b1.length && i < length; i++) { - if (b1[i] != b2[i]) { - return false; - } - } - - return true; - } - - /** - * Reads a byte array from a stream. - * @param in The InputStream to read. - * @return The bytes contained in the given InputStream. - * @throws IOException on any exception thrown - */ - public static byte[] readStream(InputStream in) throws IOException { - - ByteArrayOutputStream out = new ByteArrayOutputStream(); - copyStream(in, out, null); - - /* - ByteArrayOutputStream out = new ByteArrayOutputStream(); - int b; - while ((b = in.read()) >= 0) - out.write(b); - - */ - in.close(); - return out.toByteArray(); - } - - /** - * Reads a String from a stream, using given encoding. - * @param in The InputStream to read. - * @param encoding The character encoding to use for converting the bytes - * of the InputStream into a String. - * @return The content of the given InputStream converted into - * a String. - * @throws IOException on any exception thrown - */ - public static String readStream(InputStream in, String encoding) throws IOException { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - copyStream(in, out, null); - - /* - ByteArrayOutputStream out = new ByteArrayOutputStream(); - int b; - while ((b = in.read()) >= 0) - out.write(b); - */ - in.close(); - return out.toString(encoding); - } - - /** - * Reads all data (until EOF is reached) from the given source to the - * destination stream. If the destination stream is null, all data is dropped. - * It uses the given buffer to read data and forward it. If the buffer is - * null, this method allocates a buffer. - * - * @param source The stream providing the data. - * @param destination The stream that takes the data. If this is null, all - * data from source will be read and discarded. - * @param buffer The buffer to use for forwarding. If it is null, the method - * allocates a buffer. - * @exception IOException If reading from the source or writing to the - * destination fails. - */ - private static void copyStream(InputStream source, OutputStream destination, byte[] buffer) throws IOException { - if (source == null) { - throw new NullPointerException("Argument \"source\" must not be null."); - } - if (buffer == null) { - buffer = new byte[8192]; - } - - if (destination != null) { - int bytesRead; - while ((bytesRead = source.read(buffer)) >= 0) { - destination.write(buffer, 0, bytesRead); - } - } else { - while (source.read(buffer) >= 0); - } - } - - /** - * Gets the stack trace of the Throwable passed in as a string. - * @param t The Throwable. - * @return a String representing the stack trace of the Throwable. - */ - public static String getStackTraceAsString(Throwable t) - { - ByteArrayOutputStream stackTraceBIS = new ByteArrayOutputStream(); - t.printStackTrace(new PrintStream(stackTraceBIS)); - return new String(stackTraceBIS.toByteArray()); - } -} -- cgit v1.2.3