From aebb5cd04d43b25b8d65237ba49fddf5f5dd1a8c Mon Sep 17 00:00:00 2001 From: kstranacher Date: Tue, 7 Jul 2009 14:27:40 +0000 Subject: git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1114 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../server/config/ConfigurationPartsBuilder.java | 36 +++++++++++++++++++ .../spss/server/config/ConfigurationProvider.java | 40 ++++++++++++++++++---- .../spss/server/iaik/config/IaikConfigurator.java | 2 +- .../iaik/config/RevocationConfigurationImpl.java | 12 +++++++ 4 files changed, 82 insertions(+), 8 deletions(-) (limited to 'spss/server/serverlib/src/main/java') diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 058ce5280..3ad7b761f 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -39,6 +39,7 @@ import org.w3c.dom.traversal.NodeIterator; import org.xml.sax.SAXException; +import iaik.asn1.structures.Name; import iaik.ixsil.exceptions.URIException; import iaik.ixsil.util.URI; import iaik.pki.pathvalidation.ChainingModes; @@ -149,6 +150,12 @@ public class ConfigurationPartsBuilder { + CONF + "CertificateValidation/" + CONF + "RevocationChecking/" + CONF + "DistributionPoint"; + private static final String CRL_RETENTION_INTERVALS_CA_XPATH = + ROOT + CONF + "SignatureVerification/" + + CONF + "CertificateValidation/" + + CONF + "RevocationChecking/" + + CONF + "CrlRetentionIntervals/" + + CONF + "CA"; private static final String ENABLE_REVOCATION_CHECKING_XPATH_ = ROOT + CONF + "SignatureVerification/" + CONF + "CertificateValidation/" @@ -1264,4 +1271,33 @@ public class ConfigurationPartsBuilder { return Boolean.valueOf(permitFileURIs).booleanValue(); } + /** + * Returns a map of CRL retention intervals + * @return + */ + public Map getCrlRetentionIntervals() { + Map map = new HashMap(); + NodeIterator modIter = XPathUtils.selectNodeIterator( + getConfigElem(), + CRL_RETENTION_INTERVALS_CA_XPATH); + + Element modElem; + while ((modElem = (Element) modIter.nextNode()) != null) { + String x509IssuerName = getElementValue(modElem, CONF + "X509IssuerName", null); + String i = getElementValue(modElem, CONF + "Interval", null); + Integer interval = new Integer(i); + try { + RFC2253NameParser parser = new RFC2253NameParser(x509IssuerName); + Name name = parser.parse(); + map.put(name.getRFC2253String(), interval); + } catch (RFC2253NameParserException e) { + map.put(x509IssuerName, interval); + } + + //System.out.println("Name: " + x509IssuerName + " - Interval: " + interval); + } + + return map; + } + } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index 05bd43087..7b72e3cc5 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -15,6 +15,11 @@ */ package at.gv.egovernment.moa.spss.server.config; +import iaik.asn1.structures.Name; +import iaik.pki.revocation.RevocationSourceTypes; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; + import java.io.File; import java.io.FileInputStream; import java.io.IOException; @@ -24,22 +29,17 @@ import java.security.Principal; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; +import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; import org.w3c.dom.Element; -import iaik.asn1.structures.Name; -import iaik.pki.revocation.RevocationSourceTypes; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; - import at.gv.egovernment.moa.spss.util.MessageProvider; +import at.gv.egovernment.moa.util.DOMUtils; /** * A class providing access to the MOA configuration data. @@ -226,6 +226,11 @@ public class ConfigurationProvider */ private boolean permitFileURIs; + /** + * Indicates the CRL retention intervals + */ + private Map crlRetentionIntervals; + /** * Return the single instance of configuration data. * @@ -306,6 +311,7 @@ public class ConfigurationProvider // build the internal datastructures try { builder = new ConfigurationPartsBuilder(configElem, configRoot); + digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName(); canonicalizationAlgorithmName = builder.getCanonicalizationAlgorithmName(); @@ -339,6 +345,16 @@ public class ConfigurationProvider supplementProfiles = builder.buildSupplementProfiles(); warnings = new ArrayList(builder.getWarnings()); permitFileURIs = builder.getPermitFileURIs(); + crlRetentionIntervals = builder.getCrlRetentionIntervals(); + +// Set set = crlRetentionIntervals.entrySet(); +// Iterator i = set.iterator(); +// while(i.hasNext()){ +// Map.Entry me = (Map.Entry)i.next(); +// System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() ); +// } + + } catch (Throwable t) { throw new ConfigurationException("config.11", null, t); } finally { @@ -714,4 +730,14 @@ public class ConfigurationProvider { return permitFileURIs; } + + /** + * Returns the map of retention intervals + * @return The map of retention intervals + */ + public Map getCrlRetentionIntervals() { + return crlRetentionIntervals; + } + + } \ No newline at end of file diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java index 12c560855..4625ccf88 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -72,7 +72,7 @@ public class IaikConfigurator { // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore(); - rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL); + //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL); if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) { dumpKeyEntryIDs(); } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java index 74a268519..67eac5b55 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java @@ -19,6 +19,7 @@ import iaik.pki.revocation.RevocationConfiguration; import java.security.cert.X509Certificate; import java.util.Date; +import java.util.Map; import java.util.Set; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; @@ -65,4 +66,15 @@ public class RevocationConfigurationImpl return config.getEnableRevocationArchiving(); } + /** + * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String) + */ + public Integer getCrlRetentionInterval(String issuername) + { + Map map = config.getCrlRetentionIntervals(); + Integer interval = (Integer)map.get(issuername); + + return interval; +} + } -- cgit v1.2.3