From aebb5cd04d43b25b8d65237ba49fddf5f5dd1a8c Mon Sep 17 00:00:00 2001
From: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Tue, 7 Jul 2009 14:27:40 +0000
Subject: git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1114
d688527b-c9ab-4aba-bd8d-4036d912da1d
---
.../server/config/ConfigurationPartsBuilder.java | 36 +++++++++++++++++++
.../spss/server/config/ConfigurationProvider.java | 40 ++++++++++++++++++----
.../spss/server/iaik/config/IaikConfigurator.java | 2 +-
.../iaik/config/RevocationConfigurationImpl.java | 12 +++++++
4 files changed, 82 insertions(+), 8 deletions(-)
(limited to 'spss/server/serverlib/src/main/java')
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 058ce5280..3ad7b761f 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -39,6 +39,7 @@ import org.w3c.dom.traversal.NodeIterator;
import org.xml.sax.SAXException;
+import iaik.asn1.structures.Name;
import iaik.ixsil.exceptions.URIException;
import iaik.ixsil.util.URI;
import iaik.pki.pathvalidation.ChainingModes;
@@ -149,6 +150,12 @@ public class ConfigurationPartsBuilder {
+ CONF + "CertificateValidation/"
+ CONF + "RevocationChecking/"
+ CONF + "DistributionPoint";
+ private static final String CRL_RETENTION_INTERVALS_CA_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "CrlRetentionIntervals/"
+ + CONF + "CA";
private static final String ENABLE_REVOCATION_CHECKING_XPATH_ =
ROOT + CONF + "SignatureVerification/"
+ CONF + "CertificateValidation/"
@@ -1264,4 +1271,33 @@ public class ConfigurationPartsBuilder {
return Boolean.valueOf(permitFileURIs).booleanValue();
}
+ /**
+ * Returns a map of CRL retention intervals
+ * @return
+ */
+ public Map getCrlRetentionIntervals() {
+ Map map = new HashMap();
+ NodeIterator modIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ CRL_RETENTION_INTERVALS_CA_XPATH);
+
+ Element modElem;
+ while ((modElem = (Element) modIter.nextNode()) != null) {
+ String x509IssuerName = getElementValue(modElem, CONF + "X509IssuerName", null);
+ String i = getElementValue(modElem, CONF + "Interval", null);
+ Integer interval = new Integer(i);
+ try {
+ RFC2253NameParser parser = new RFC2253NameParser(x509IssuerName);
+ Name name = parser.parse();
+ map.put(name.getRFC2253String(), interval);
+ } catch (RFC2253NameParserException e) {
+ map.put(x509IssuerName, interval);
+ }
+
+ //System.out.println("Name: " + x509IssuerName + " - Interval: " + interval);
+ }
+
+ return map;
+ }
+
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 05bd43087..7b72e3cc5 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -15,6 +15,11 @@
*/
package at.gv.egovernment.moa.spss.server.config;
+import iaik.asn1.structures.Name;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
@@ -24,22 +29,17 @@ import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.w3c.dom.Element;
-import iaik.asn1.structures.Name;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
import at.gv.egovernment.moa.logging.LogMsg;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-
import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.DOMUtils;
/**
* A class providing access to the MOA configuration data.
@@ -226,6 +226,11 @@ public class ConfigurationProvider
*/
private boolean permitFileURIs;
+ /**
+ * Indicates the CRL retention intervals
+ */
+ private Map crlRetentionIntervals;
+
/**
* Return the single instance of configuration data.
*
@@ -306,6 +311,7 @@ public class ConfigurationProvider
// build the internal datastructures
try {
builder = new ConfigurationPartsBuilder(configElem, configRoot);
+
digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName();
canonicalizationAlgorithmName =
builder.getCanonicalizationAlgorithmName();
@@ -339,6 +345,16 @@ public class ConfigurationProvider
supplementProfiles = builder.buildSupplementProfiles();
warnings = new ArrayList(builder.getWarnings());
permitFileURIs = builder.getPermitFileURIs();
+ crlRetentionIntervals = builder.getCrlRetentionIntervals();
+
+// Set set = crlRetentionIntervals.entrySet();
+// Iterator i = set.iterator();
+// while(i.hasNext()){
+// Map.Entry me = (Map.Entry)i.next();
+// System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() );
+// }
+
+
} catch (Throwable t) {
throw new ConfigurationException("config.11", null, t);
} finally {
@@ -714,4 +730,14 @@ public class ConfigurationProvider
{
return permitFileURIs;
}
+
+ /**
+ * Returns the map of retention intervals
+ * @return The map of retention intervals
+ */
+ public Map getCrlRetentionIntervals() {
+ return crlRetentionIntervals;
+ }
+
+
}
\ No newline at end of file
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index 12c560855..4625ccf88 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -72,7 +72,7 @@ public class IaikConfigurator {
// Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat
RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
- rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
+ //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) {
dumpKeyEntryIDs();
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
index 74a268519..67eac5b55 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -19,6 +19,7 @@ import iaik.pki.revocation.RevocationConfiguration;
import java.security.cert.X509Certificate;
import java.util.Date;
+import java.util.Map;
import java.util.Set;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
@@ -65,4 +66,15 @@ public class RevocationConfigurationImpl
return config.getEnableRevocationArchiving();
}
+ /**
+ * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String)
+ */
+ public Integer getCrlRetentionInterval(String issuername)
+ {
+ Map map = config.getCrlRetentionIntervals();
+ Integer interval = (Integer)map.get(issuername);
+
+ return interval;
+}
+
}
--
cgit v1.2.3