initial commit

4 files changed, 536 insertions, 0 deletions

diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
new file mode 100644
index 0000000..491986b
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -0,0 +1,158 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.iaik.pki;
+
+import iaik.pki.PKIProfile;
+import iaik.pki.pathvalidation.ValidationProfile;
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.store.truststore.TrustStoreProfile;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation.ValidationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.revocation.RevocationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
+
+/**
+ * Implementation of the <code>PKIProfile</code> interface containing
+ * information needed for certificate path validation. It uses configuration
+ * data from the MOA configuration.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class PKIProfileImpl implements PKIProfile {
+
+	/** Profile information for revocation checking. */
+	private RevocationProfile revocationProfile;
+	/** Profile information about the trust profile to use. */
+	private TrustStoreProfile trustStoreProfile;
+	/** Profile information about the certificate validation. */
+	private ValidationProfile validationProfile;
+	/**
+	 * The <code>ConfigurationProvider</code> to read the MOA configuration data
+	 * from.
+	 */
+	private ConfigurationProvider config;
+
+	/**
+	 * Create a new <code>PKIProfileImpl</code>.
+	 * 
+	 * @param config
+	 *            The MOA configuration providing configuration data about
+	 *            certificate path validation.
+	 * @param trustProfileID
+	 *            The trust profile ID denoting the location of the trust store.
+	 * @throws MOAApplicationException
+	 *             An error occurred building the profile.
+	 */
+	public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException {
+
+		this.config = config;
+		setRevocationProfile(new RevocationProfileImpl(config));
+		setTrustStoreProfile(new TrustStoreProfileImpl(config, trustProfileID));
+		setValidationProfile(new ValidationProfileImpl(config));
+	}
+
+	/**
+	 * @see iaik.pki.PKIProfile#autoAddCertificates()
+	 */
+	/*public boolean autoAddCertificates() {
+		return useAuthorityInfoAccess() ? true : config.getAutoAddCertificates();
+	}*/
+
+	/**
+	 * @see iaik.pki.PKIProfile#getRevocationProfile()
+	 */
+	public RevocationProfile getRevocationProfile() {
+		return revocationProfile;
+	}
+
+	/**
+	 * Sets the <code>RevocationProfile</code>.
+	 * 
+	 * @param revocationProfile
+	 *            The <code>RevocationProfile</code> used for revocation
+	 *            checking.
+	 */
+	protected void setRevocationProfile(RevocationProfile revocationProfile) {
+		this.revocationProfile = revocationProfile;
+	}
+
+	/**
+	 * @see iaik.pki.PKIProfile#getTrustStoreProfile()
+	 */
+	public TrustStoreProfile getTrustStoreProfile() {
+		return trustStoreProfile;
+	}
+
+	/**
+	 * Sets the <code>TrustStoreProfile</code>.
+	 * 
+	 * @param trustStoreProfile
+	 *            The <code>TrustStoreProfile</code>.
+	 */
+	protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) {
+		this.trustStoreProfile = trustStoreProfile;
+	}
+
+	/**
+	 * @see iaik.pki.PKIProfile#getValidationProfile()
+	 */
+	public ValidationProfile getValidationProfile() {
+		return validationProfile;
+	}
+
+	/**
+	 * Sets the <code>ValidationProfile</code>.
+	 * 
+	 * @param validationProfile
+	 *            The <code>ValidationProfile</code> to set.
+	 */
+	protected void setValidationProfile(ValidationProfile validationProfile) {
+		this.validationProfile = validationProfile;
+	}
+
+	/**
+	 * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
+	 */
+	public boolean useAuthorityInfoAccess() {
+		return config.getUseAuthorityInfoAccess();
+	}
+
+	/**
+	 * @see iaik.pki.PKIProfile#autoAddCertificates()
+	 */
+	@Override
+	public int autoAddCertificates() {
+		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		return 0;
+	}
+
+	@Override
+	public TrustStoreProfile getIndirectRevocationTrustStoreProfile() {
+		// TODO AFITZEK TODO IMPLEMENT THIS METHOD
+		return null;
+	}
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
new file mode 100644
index 0000000..7e62d60
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
@@ -0,0 +1,131 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation;
+
+import iaik.pki.pathvalidation.ValidationProfile;
+
+import java.util.Collections;
+import java.util.Set;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>ValidationProfile</code> interface providing
+ * information about certificat path validation. 
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ValidationProfileImpl implements ValidationProfile {
+
+  /** The <code>ConfigurationProvider</code> to read the configuration data
+   * from. */
+  private ConfigurationProvider config;
+  private boolean initialAnyPolicyInhibit;
+  private boolean initialExplicitPolicy;
+  private boolean initialPolicyMappingInhibit;
+  private Set initialPolicySet;
+  private boolean nameConstraintsProcessing;
+  private boolean policyProcessing;
+
+  /**
+   * Create a new <code>ValidationProfileImpl</code> object.
+   * 
+   * This objects's fields are preset to the following values:
+   * 
+   * <ul>
+   * <li><code>initialAnyPolicyInhibit = true</code></li>
+   * <li><code>initialExplicitPoliy = true</code></li>
+   * <li><code>initialPolicyMappingInhibit = true</code></li>
+   * <li><code>initialPolicySet = empty</code></li>
+   * <li><code>policyProcessing = false</code></li>
+   * <li><code>nameConstraintsProcessing = false</code></li>
+   * <li><code>revocationChecking = false</code></li>
+   * </ul>
+   * 
+   * @param config MOA configuration data for additional configuration
+   * information (currently unused). 
+   */
+  public ValidationProfileImpl(ConfigurationProvider config) {
+    this.config = config;
+    initialAnyPolicyInhibit = true;
+    initialExplicitPolicy = true;
+    initialPolicyMappingInhibit = true;
+    initialPolicySet = Collections.EMPTY_SET;
+    policyProcessing = false;
+    nameConstraintsProcessing = false;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit()
+   */
+  public boolean getInitialAnyPolicyInhibit() {
+    return initialAnyPolicyInhibit;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy()
+   */
+  public boolean getInitialExplicitPolicy() {
+    return initialExplicitPolicy;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit()
+   */
+  public boolean getInitialPolicyMappingInhibit() {
+    return initialPolicyMappingInhibit;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet()
+   */
+  public Set getInitialPolicySet() {
+    return initialPolicySet;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing()
+   */
+  public boolean getPolicyProcessing() {
+    return policyProcessing;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing()
+   */
+  public boolean getNameConstraintsProcessing() {
+    return nameConstraintsProcessing;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking()
+   */
+  public boolean getRevocationChecking() 
+  {
+    return config.getEnableRevocationChecking();
+  }
+
+}
\ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
new file mode 100644
index 0000000..14627b2
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.pki.revocation;
+
+import java.security.cert.X509Certificate;
+
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.revocation.RevocationSourceTypes;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>RevocationProfile</code> interface providing
+ * information about revocation status checking, based on MOA configuration
+ * data.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RevocationProfileImpl implements RevocationProfile {
+  /** The default service order. */
+  private static final String[] DEFAULT_SERVICE_ORDER =
+    { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP };
+  /** The <code>ConfigurationProvider</code> to read the MOA configuration data
+   * from. */
+  private ConfigurationProvider config;
+  /** The OCSP request hash algorithm. Currently only "SHA" is supported. */
+  private static final String oCSPRequestHashAlgorithm = "SHA";
+
+  /**
+   * Create a new <code>RevocationProfileImpl</code>.
+   * 
+   * @param config The MOA configuration data.
+   */
+  public RevocationProfileImpl(ConfigurationProvider config) {
+    this.config = config;
+    // currently only "SHA" is supported
+//    this.oCSPRequestHashAlgorithm = "";
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(String)
+   */
+  public long getMaxRevocationAge(String distributionPointUri) 
+  {
+    return config.getMaxRevocationAge();
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm()
+   */
+  public String getOCSPRequestHashAlgorithm() {
+    return oCSPRequestHashAlgorithm;
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate)
+   */
+  public String[] getPreferredServiceOrder(X509Certificate cert) 
+  {
+    String[] serviceOrder = config.getServiceOrder();
+    if (serviceOrder == null || serviceOrder.length == 0) return DEFAULT_SERVICE_ORDER; 
+    return serviceOrder;
+  }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
new file mode 100644
index 0000000..50f237a
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
@@ -0,0 +1,159 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.pki.store.truststore.TrustStoreProfile;
+import iaik.pki.store.truststore.TrustStoreTypes;
+import iaik.pki.store.observer.NotificationData;
+import iaik.pki.store.observer.Observer;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+
+/**
+ * An implementation of the <code>TrustStoreProfile</code> interface, using data
+ * from the MOA configuration.
+ * 
+ * @see iaik.pki.store.truststore.TrustStoreProfile 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TrustStoreProfileImpl implements TrustStoreProfile {
+
+  /** The observers of this profile. */
+  private List observers = new ArrayList();
+  
+  /**
+   * The trust profile identifier. 
+   */
+  private String id_;
+  
+  /** The type of the trust profile. */
+  private String type;
+  /** The URI of the trust profile.*/
+  private String URI;
+
+  /**
+   * Create a new <code>TrustStoreProfileImpl</code>.
+   * 
+   * @param config The MOA configuration data, from which trust store
+   * configuration data is read.
+   * @param trustProfileId The trust profile id on which this
+   * <code>TrustStoreProfile</code> is based.
+   * @throws MOAApplicationException The <code>trustProfileId</code> could not
+   * be found in the MOA configuration.
+   */
+  public TrustStoreProfileImpl(
+    ConfigurationProvider config,
+    String trustProfileId)
+    throws MOAApplicationException {
+
+    TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId);
+    if (tp != null) 
+    {
+      id_ = trustProfileId;
+      setURI(tp.getUri());
+      setType(TrustStoreTypes.DIRECTORY);
+    } 
+    else 
+    {
+      throw new MOAApplicationException("2203", new Object[] { trustProfileId });
+    }
+  }
+
+  /**
+   * @see iaik.pki.store.truststore.TrustStoreProfile#getType()
+   */
+  public String getType() {
+    return type;
+  }
+
+  /**
+   * Sets the the trust store type.
+   * 
+   * @param type The trust store type to set. 
+   */
+  protected void setType(String type) {
+    this.type = type;
+  }
+
+  /**
+   * @see iaik.pki.store.truststore.TrustStoreProfile#getURI()
+   */
+  public String getURI() {
+    return URI;
+  }
+
+  /**
+   * Sets the trust store URI.
+   * 
+   * @param URI The trust store URI to set.
+   */
+  protected void setURI(String URI) {
+    this.URI = URI;
+  }
+
+  //
+  // Methods of iaik.pki.store.observer.Observable interface
+  //
+
+  /**
+   * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer)
+   */
+  public void addObserver(Observer observer) {
+    observers.add(observer);
+  }
+
+  /**
+   * @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer)
+   */
+  public boolean removeObserver(Observer observer) {
+    return observers.remove(observer);
+  }
+
+  /**
+   * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData)
+   */
+  public void notify(NotificationData notificationData) {
+    for (Iterator iter = observers.iterator(); iter.hasNext();) {
+      Observer observer = (Observer) iter.next();
+      observer.notify(notificationData);
+    }
+  }
+
+  /**
+   * @see iaik.pki.store.truststore.TrustStoreProfile#getId()
+   */
+  public String getId()
+  {
+    return id_;
+  }
+
+}