From 403896aef0f9d3c76bbfcf3e970ae7dbc983ffd4 Mon Sep 17 00:00:00 2001 From: Klaus Stranacher Date: Mon, 10 Mar 2014 15:48:06 +0100 Subject: Update trustprofiles and certstore Update TSL processing (working directory handling) Update groupId of IAIK dependencies --- .../F86591A6D86718886A0234B8E54E21AAEA63E24B | Bin 0 -> 1586 bytes .../159E42D4A53599389431771D5C936552BB22B084 | Bin 0 -> 1576 bytes .../969A71FDCC5302167A60158828B9E7862DED3B4D | Bin 0 -> 1580 bytes .../2A5945E1FC2006BE0D59C3375253C9D3327D197D | Bin 0 -> 1580 bytes .../2E66C9841181C08FB1DFABD4FF8D5CC72BE08F02 | Bin 0 -> 1485 bytes ...Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer | Bin 0 -> 1580 bytes ...Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer | Bin 0 -> 1580 bytes ...n-corporate-05.20130923-20230920.SerNoFCE21.cer | Bin 0 -> 1576 bytes ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 0 -> 1485 bytes ...Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer | Bin 0 -> 1580 bytes ...mium-mobile-05.20130923-20230920.SerNoFCDD4.cer | Bin 0 -> 1586 bytes ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 0 -> 1485 bytes spss/server/history.txt | 4 +- spss/server/readme.update.txt | 8 +- spss/server/serverlib/pom.xml | 10 +- .../server/config/ConfigurationPartsBuilder.java | 123 ++++++++++++++++++--- .../spss/server/config/ConfigurationProvider.java | 78 ++++++++++++- .../properties/spss_messages_de.properties | 1 + .../.settings/org.eclipse.wst.common.component | 3 + spss/server/serverws/pom.xml | 17 ++- 20 files changed, 206 insertions(+), 38 deletions(-) create mode 100644 spss/handbook/conf/moa-spss/certstore/54A361D38F73772377E15E145772C03EC0197142/F86591A6D86718886A0234B8E54E21AAEA63E24B create mode 100644 spss/handbook/conf/moa-spss/certstore/CCBA90ED697BA209AB6093FC19FB15B53EE26933/159E42D4A53599389431771D5C936552BB22B084 create mode 100644 spss/handbook/conf/moa-spss/certstore/D866A07634012B24DB601087D8B3A9FFEDF5CADB/969A71FDCC5302167A60158828B9E7862DED3B4D create mode 100644 spss/handbook/conf/moa-spss/certstore/E583DB7202A8D1570A18CD11146B0CBCA438F71A/2A5945E1FC2006BE0D59C3375253C9D3327D197D create mode 100644 spss/handbook/conf/moa-spss/certstore/FE51079176B9F46204816CABA94824B3B14A3830/2E66C9841181C08FB1DFABD4FF8D5CC72BE08F02 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-corporate-05.20130923-20230920.SerNoFCE21.cer create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-premium-mobile-05.20130923-20230920.SerNoFCDD4.cer create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer (limited to 'spss') diff --git a/spss/handbook/conf/moa-spss/certstore/54A361D38F73772377E15E145772C03EC0197142/F86591A6D86718886A0234B8E54E21AAEA63E24B b/spss/handbook/conf/moa-spss/certstore/54A361D38F73772377E15E145772C03EC0197142/F86591A6D86718886A0234B8E54E21AAEA63E24B new file mode 100644 index 000000000..2bf4ad712 Binary files /dev/null and b/spss/handbook/conf/moa-spss/certstore/54A361D38F73772377E15E145772C03EC0197142/F86591A6D86718886A0234B8E54E21AAEA63E24B differ diff --git a/spss/handbook/conf/moa-spss/certstore/CCBA90ED697BA209AB6093FC19FB15B53EE26933/159E42D4A53599389431771D5C936552BB22B084 b/spss/handbook/conf/moa-spss/certstore/CCBA90ED697BA209AB6093FC19FB15B53EE26933/159E42D4A53599389431771D5C936552BB22B084 new file mode 100644 index 000000000..9a777fd34 Binary files /dev/null and b/spss/handbook/conf/moa-spss/certstore/CCBA90ED697BA209AB6093FC19FB15B53EE26933/159E42D4A53599389431771D5C936552BB22B084 differ diff --git a/spss/handbook/conf/moa-spss/certstore/D866A07634012B24DB601087D8B3A9FFEDF5CADB/969A71FDCC5302167A60158828B9E7862DED3B4D b/spss/handbook/conf/moa-spss/certstore/D866A07634012B24DB601087D8B3A9FFEDF5CADB/969A71FDCC5302167A60158828B9E7862DED3B4D new file mode 100644 index 000000000..d17d07619 Binary files /dev/null and b/spss/handbook/conf/moa-spss/certstore/D866A07634012B24DB601087D8B3A9FFEDF5CADB/969A71FDCC5302167A60158828B9E7862DED3B4D differ diff --git a/spss/handbook/conf/moa-spss/certstore/E583DB7202A8D1570A18CD11146B0CBCA438F71A/2A5945E1FC2006BE0D59C3375253C9D3327D197D b/spss/handbook/conf/moa-spss/certstore/E583DB7202A8D1570A18CD11146B0CBCA438F71A/2A5945E1FC2006BE0D59C3375253C9D3327D197D new file mode 100644 index 000000000..a6a9acdc3 Binary files /dev/null and b/spss/handbook/conf/moa-spss/certstore/E583DB7202A8D1570A18CD11146B0CBCA438F71A/2A5945E1FC2006BE0D59C3375253C9D3327D197D differ diff --git a/spss/handbook/conf/moa-spss/certstore/FE51079176B9F46204816CABA94824B3B14A3830/2E66C9841181C08FB1DFABD4FF8D5CC72BE08F02 b/spss/handbook/conf/moa-spss/certstore/FE51079176B9F46204816CABA94824B3B14A3830/2E66C9841181C08FB1DFABD4FF8D5CC72BE08F02 new file mode 100644 index 000000000..b9a0e5a61 Binary files /dev/null and b/spss/handbook/conf/moa-spss/certstore/FE51079176B9F46204816CABA94824B3B14A3830/2E66C9841181C08FB1DFABD4FF8D5CC72BE08F02 differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer new file mode 100644 index 000000000..d17d07619 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Enc-05.20130923-20230920.SerNoFCDEE.cer differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer new file mode 100644 index 000000000..a6a9acdc3 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-corporate-05.20130923-20230920.SerNoFCE21.cer b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-corporate-05.20130923-20230920.SerNoFCE21.cer new file mode 100644 index 000000000..9a777fd34 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/a-sign-corporate-05.20130923-20230920.SerNoFCE21.cer differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer new file mode 100644 index 000000000..b9a0e5a61 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer new file mode 100644 index 000000000..a6a9acdc3 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-Premium-Sig-05.20130923-20230920.SerNoFCDB8.cer differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-premium-mobile-05.20130923-20230920.SerNoFCDD4.cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-premium-mobile-05.20130923-20230920.SerNoFCDD4.cer new file mode 100644 index 000000000..2bf4ad712 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature-qual-only/a-sign-premium-mobile-05.20130923-20230920.SerNoFCDD4.cer differ diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer new file mode 100644 index 000000000..b9a0e5a61 Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer differ diff --git a/spss/server/history.txt b/spss/server/history.txt index 02419a3fa..d2ea71698 100644 --- a/spss/server/history.txt +++ b/spss/server/history.txt @@ -5,7 +5,9 @@ - Signaturerstellung: - Unterstuetzung von XAdES Version 1.4.2 - Unterstuetzung von CMS/CAdES Signaturen Version 2.2.1 -- TSL Unterstuetzung +- Signaturpruefung: + - Trust-service Status List (TSL) Unterstuetzung +- Update der Standard Trustprofile und Standard Konfigurationen - Sicherheitsupdates - Angabe einer Whitelist um das Aufloesen externer Referenzen von den angegebenen Quellen zu aktivieren. - Libraries aktualisiert bzw. hinzugefuegt: diff --git a/spss/server/readme.update.txt b/spss/server/readme.update.txt index 28796ddcb..4f40604bb 100644 --- a/spss/server/readme.update.txt +++ b/spss/server/readme.update.txt @@ -26,9 +26,9 @@ Update Variante A Ihrer MOA-SPSS-Installation. 2.) Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis - JAVA_HOME\jre\lib\ext, und l�schen Sie diese Dateien danach. + JAVA_HOME\jre\lib\ext, und loeschen Sie diese Dateien danach. -3.) F�hren Sie eine Neuinstallation gemaess Handbuch durch. +3.) Fuehren Sie eine Neuinstallation gemaess Handbuch durch. 4.) Kopieren Sie etwaige Konfigurationsdateien, Trust-Profile und Key-Stores, die Sie aus Ihrer alten Installation beibehalten moechten, aus Ihrer @@ -110,7 +110,7 @@ Update Variante B 10.) Update des Cert-Stores. a) Kopieren Sie den Inhalt des Verzeichnisses MOA_SPSS_INST\conf\moa-spss\certstore in das Verzeichnis CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie - vorhandene Dateien oder Unterverzeichnisse �berschreiben sollen, dann bejahen Sie das. + vorhandene Dateien oder Unterverzeichnisse ueberschreiben sollen, dann bejahen Sie das. b) Falls vorhanden, loeschen Sie die Datei "890A4C8282E95EBB398685D9501486EF213941B5" aus dem Verzeichnis CATALINA_HOME\conf\moa-spss\certstore\10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D. @@ -123,7 +123,7 @@ Update Variante B CATALINA_HOME\conf\moa-spss\certstore\10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D. 11.) Nur wenn alte Installation aelter als Version 1.3.0: - Mit dem Wechsel auf Version 1.3.0 verwendet MOA SP ein neues Format f�r die + Mit dem Wechsel auf Version 1.3.0 verwendet MOA SP ein neues Format fuer die XML-Konfigurationsdatei. Sie muessen die Konfigurationsdatei fuer MOA-SP aus Ihrer alten Installation auf das neue Format konvertieren. Details dazu finden Sie im MOA-SPSS-Installationshandbuch. \ No newline at end of file diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml index 2a6fd382f..5a2f001d4 100644 --- a/spss/server/serverlib/pom.xml +++ b/spss/server/serverlib/pom.xml @@ -143,16 +143,16 @@ - iaik.prod + iaik iaik_tsl - iaik.prod + iaik iaik_util - iaik.prod - iaik_xsect + iaik + iaik_xsect_eval javax.xml.bind @@ -167,7 +167,7 @@ sqlite-jdbc - iaik.prod + iaik iaik_jsse diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 287d8225b..3d2da8384 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -1267,6 +1267,111 @@ public class ConfigurationPartsBuilder { return trustProfiles; } + /** + * Build the trust profile mapping. + * + * @return The profile ID to profile mapping. + */ + public Map buildTrustProfiles() + { + Map trustProfiles = new HashMap(); + NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH); + Element profileElem; + + while ((profileElem = (Element) profileIter.nextNode()) != null) + { + String id = getElementValue(profileElem, CONF + "Id", null); + String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null); + String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null); + + URI trustAnchorsLocURI = null; + try + { + trustAnchorsLocURI = new URI(trustAnchorsLocStr); + if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file + trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr); + } + } + catch (URIException e) { + warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e); + continue; + } + catch (MalformedURLException e) + { + warn("config.15", new Object[] {id}, e); + continue; + } + + File profileDir = new File(trustAnchorsLocURI.getPath()); + if (!profileDir.exists() || !profileDir.isDirectory()) { + warn("config.27", new Object[] { "uri", id }); + continue; + } + + + + if (trustProfiles.containsKey(id)) { + warn("config.04", new Object[] { "TrustProfile", id }); + continue; + } + + URI signerCertsLocURI = null; + if (signerCertsLocStr != null && !"".equals(signerCertsLocStr)) + { + try + { + signerCertsLocURI = new URI(signerCertsLocStr); + if (!signerCertsLocURI.isAbsolute()) signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr); + + File signerCertsDir = new File(signerCertsLocURI.getPath()); + if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) { + warn("config.27", new Object[] { "signerCertsUri", id }); + continue; + } + } + catch (URIException e) { + warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e); + continue; + } + catch (MalformedURLException e) { + warn("config.15", new Object[] {id}, e); + continue; + } + } + + signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null; + + TrustProfile profile = null; + + profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr, false, null); + + trustProfiles.put(id, profile); + + } + + return trustProfiles; + } + + /** + * checks if a trustprofile with TSL support is enabled + * + * @return true if TSL support is enabled in at least one trustprofile, else false + */ + public boolean checkTrustProfilesTSLenabled() + { + NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH); + Element profileElem; + + boolean tslSupportEnabled = false; + while ((profileElem = (Element) profileIter.nextNode()) != null) { + Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL"); + if (eutslElem != null) //EUTSL element found --> TSL enabled + tslSupportEnabled = true; + } + + return tslSupportEnabled; + } + /** * Returns the location of the certificate store. * @@ -1593,7 +1698,7 @@ public class ConfigurationPartsBuilder { public TSLConfiguration getTSLConfiguration() { TSLConfigurationImpl tslconfiguration = new TSLConfigurationImpl(); - + String euTSLUrl = getElementValue(getConfigElem(), TSL_CONFIGURATION_XPATH + CONF + "EUTSLUrl", null); if (StringUtils.isEmpty(euTSLUrl)) { euTSLUrl = TSLConfiguration.DEFAULT_EU_TSL_URL; @@ -1654,24 +1759,12 @@ public class ConfigurationPartsBuilder { return null; } - File hashcache = new File(tslWorkingDir, "hashcache"); - if (!hashcache.exists()) { - hashcache.mkdir(); - } - if (!hashcache.isDirectory()) { - error("config.38", new Object[] { hashcache.getAbsolutePath() }); - return null; - } - - System.setProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR", hashcache.getAbsolutePath()); -// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR"); -// System.out.println("Hashcache: " + hashcachedir); - + debug("TSL Konfiguration - EUTSLUrl: " + euTSLUrl); debug("TSL Konfiguration - UpdateSchedule/Period: " + updateSchedulePeriod); debug("TSL Konfiguration - UpdateSchedule/StartTime: " + updateScheduleStartTime); debug("TSL Konfiguration - TSLWorkingDirectory: " + tslWorkingDir.getAbsolutePath()); - debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath()); + // set TSL configuration tslconfiguration.setEuTSLUrl(euTSLUrl); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index 87a4b50f4..d67cbf1b4 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -347,7 +347,15 @@ public class ConfigurationProvider try { builder = new ConfigurationPartsBuilder(configElem, configRoot); - tslconfiguration_ = builder.getTSLConfiguration(); + if (builder.checkTrustProfilesTSLenabled()) { + debug("TSL support enabled for at least one trustprofile."); + tslconfiguration_ = builder.getTSLConfiguration(); + trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory()); + } + else { + tslconfiguration_ = null; + trustProfiles = builder.buildTrustProfiles(); + } digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName(); canonicalizationAlgorithmName = @@ -368,7 +376,9 @@ public class ConfigurationProvider chainingModes = builder.buildChainingModes(); useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess(); autoAddCertificates_ = builder.getAutoAddCertificates(); - trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory()); + //trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory()); + + distributionPoints = builder.buildDistributionPoints(); enableRevocationChecking_ = builder.getEnableRevocationChecking(); maxRevocationAge_ = builder.getMaxRevocationAge(); @@ -429,7 +439,21 @@ public class ConfigurationProvider } } - private void checkTSLConfiguration() throws ConfigurationException { + private boolean checkTSLenableTrustprofilesExist()throws ConfigurationException { + boolean bTSLEnabledTPExist = false; + Iterator it = trustProfiles.entrySet().iterator(); + while (it.hasNext()) { + Map.Entry pairs = (Map.Entry)it.next(); + TrustProfile tp = (TrustProfile) pairs.getValue(); + if (tp.isTSLEnabled()) + bTSLEnabledTPExist = bTSLEnabledTPExist || true; + } + + return bTSLEnabledTPExist; + + } + + private void checkTSLConfiguration() throws ConfigurationException { boolean bTSLEnabledTPExist = false; Iterator it = trustProfiles.entrySet().iterator(); while (it.hasNext()) { @@ -450,6 +474,43 @@ public class ConfigurationProvider throw new ConfigurationException("config.40", null); } + File workingDir = new File(tslconfiguration_.getWorkingDirectory()); + File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu"); + if (!eu_trust.exists()) { + error("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"}); + throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"}); + } + else { + File[] eutrustFiles = eu_trust.listFiles(); + if (eutrustFiles == null) { + error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); + throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); + } + else { + if (eutrustFiles.length == 0) { + error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); + throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"}); + } + } + + } + + File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache"); + if (!hashcache.exists()) { + hashcache.mkdir(); + } + if (!hashcache.isDirectory()) { + error("config.38", new Object[] { hashcache.getAbsolutePath() }); + return; + } + + System.setProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR", hashcache.getAbsolutePath()); +// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR"); +// System.out.println("Hashcache: " + hashcachedir); + + + Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath()); + } @@ -760,6 +821,17 @@ public class ConfigurationProvider Logger.info(new LogMsg(msg.getMessage(messageId, parameters))); } + /** + * Log a debug message. + * + * @param messageId The message ID. + * @param parameters Additional parameters for the message. + * @see at.gv.egovernment.moa.spss.server.util.MessageProvider + */ + private static void debug(String message) { + Logger.debug(message); + } + /** * Log a warning. * diff --git a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties index e4ee607c0..9e2e0e490 100644 --- a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties +++ b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties @@ -159,6 +159,7 @@ config.46=Start periodical TSL update task at {0} and then every {1} millisecond config.48=No whitelisted URIs given. config.49=Whitelisted URI: {0}. config.50=Fehler beim Erstellen des TSL Vertrauensprofils: Das Verzeichnis ({0}) ist kein Verzeichnis. +config.51=Fehler beim Erstellen der TSL Konfiguration: TSL-Arbeitsverzeichnis ist fehlerhaft ({0}). handler.00=Starte neue Transaktion: TID={0}, Service={1} handler.01=Aufruf von Adresse={0} diff --git a/spss/server/serverws/.settings/org.eclipse.wst.common.component b/spss/server/serverws/.settings/org.eclipse.wst.common.component index 463d07fe3..5efe131f3 100644 --- a/spss/server/serverws/.settings/org.eclipse.wst.common.component +++ b/spss/server/serverws/.settings/org.eclipse.wst.common.component @@ -2,6 +2,9 @@ + + uses + uses diff --git a/spss/server/serverws/pom.xml b/spss/server/serverws/pom.xml index 0314cb454..a99a573c1 100644 --- a/spss/server/serverws/pom.xml +++ b/spss/server/serverws/pom.xml @@ -70,7 +70,7 @@ iaik_ixsil - iaik.prod + iaik iaik_tsl @@ -78,12 +78,12 @@ log4j - iaik.prod + iaik iaik_util - iaik.prod - iaik_xsect + iaik + iaik_xsect_eval javax.xml.bind @@ -98,13 +98,10 @@ sqlite-jdbc - iaik.prod + iaik iaik_jsse - - - iaik.prod - iaik_util - + + iaik.prod -- cgit v1.2.3