From ac3296bb205048da5a1e4494dd4956f4312cf948 Mon Sep 17 00:00:00 2001 From: gregor Date: Mon, 18 Jul 2005 07:19:15 +0000 Subject: =?UTF-8?q?Fix=20f=C3=BCr=20Bug=20267=20getestet.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@382 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../server/config/ConfigurationPartsBuilder.java | 25 ++++++++++------------ .../invoke/XMLSignatureVerificationInvoker.java | 16 +++++++++++--- 2 files changed, 24 insertions(+), 17 deletions(-) (limited to 'spss.server/src/at/gv/egovernment/moa') diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 33e9daca1..96a90980d 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -829,8 +829,6 @@ public class ConfigurationPartsBuilder { String uriStr = profileElem.getAttribute("uri"); String signerCertsUriStr = profileElem.getAttribute("signerCertsUri"); - boolean createTrustProfile = true; - URI uri = null; try { @@ -841,23 +839,23 @@ public class ConfigurationPartsBuilder { } catch (URIException e) { warn("config.14", new Object[] { "uri", id, uriStr }, e); - createTrustProfile = false; + continue; } catch (MalformedURLException e) { warn("config.15", new Object[] {id}, e); - createTrustProfile = false; + continue; } File profileDir = new File(uri.getPath()); if (!profileDir.exists() || !profileDir.isDirectory()) { warn("config.27", new Object[] { "uri", id }); - createTrustProfile = false; + continue; } if (trustProfiles.containsKey(id)) { warn("config.04", new Object[] { "TrustProfile", id }); - createTrustProfile = false; + continue; } URI signerCertsUri = null; @@ -866,28 +864,27 @@ public class ConfigurationPartsBuilder { try { signerCertsUri = new URI(signerCertsUriStr); - if (!signerCertsUri.isAbsolute()) uri = new URI(configRoot.toURL() + signerCertsUriStr); + if (!signerCertsUri.isAbsolute()) signerCertsUri = new URI(configRoot.toURL() + signerCertsUriStr); File signerCertsDir = new File(signerCertsUri.getPath()); if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) { warn("config.27", new Object[] { "signerCertsUri", id }); - createTrustProfile = false; + continue; } } catch (URIException e) { warn("config.14", new Object[] { "signerCertsUri", id, uriStr }, e); - createTrustProfile = false; + continue; } catch (MalformedURLException e) { warn("config.15", new Object[] {id}, e); - createTrustProfile = false; + continue; } } - if (createTrustProfile) { - TrustProfile profile = new TrustProfile(id, uri.toString(), signerCertsUri.toString()); - trustProfiles.put(id, profile); - } + signerCertsUriStr = (signerCertsUri != null) ? signerCertsUri.toString() : null; + TrustProfile profile = new TrustProfile(id, uri.toString(), signerCertsUriStr); + trustProfiles.put(id, profile); } return trustProfiles; diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java index e8b2a5e10..1f9d45ed1 100644 --- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java @@ -20,6 +20,7 @@ import iaik.x509.X509Certificate; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; +import java.io.IOException; import java.util.ArrayList; import java.util.Arrays; import java.util.Date; @@ -241,6 +242,8 @@ public class XMLSignatureVerificationInvoker { private CheckResult validateSignerCertificate(XMLSignatureVerificationResult result, TrustProfile trustProfile) throws MOAException { + MessageProvider msg = MessageProvider.getInstance(); + int resultCode = result.getCertificateValidationResult().getValidationResultCode().intValue(); if (resultCode == 0 && trustProfile.getSignerCertsUri() != null) { @@ -275,14 +278,21 @@ public class XMLSignatureVerificationInvoker { try { X509Certificate currentCert = new X509Certificate(currentFIS); + currentFIS.close(); if (currentCert.equals(signerCertificate)) break; } catch (Exception e) { // Simply ignore file if it cannot be interpreted as certificate - Logger.warn("Signatorzertifiat aus Trustprofile mit id=" + - trustProfile.getId() + " kann nicht geparst werden: " + - e.getMessage()); + String logMsg = msg.getMessage("invoker.03", new Object[]{trustProfile.getId(), files[i].getName()}); + Logger.warn(logMsg); + try + { + currentFIS.close(); + } + catch (IOException e1) { + // If clean-up fails, do nothing + } } } } -- cgit v1.2.3