add configFlag to support autoAddEECertificates

author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2018-07-27 10:49:33 +0200
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2018-07-27 10:49:33 +0200
commit: 0bcaff326d60df0d5549ef13a9d4bb7d9195b833 (patch)
tree: 9ca50a959ec53c10141ed8ac24ee3c1ea8a5e52a /moaSig/moa-sig-lib
parent: 25b88dfe530bdfe50e88f8c12c04fc037701556a (diff)
download: moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.tar.gz
moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.tar.bz2
moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.zip
3 files changed, 45 insertions, 5 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 89f4c1e..3c00232 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -169,6 +169,13 @@ public class ConfigurationPartsBuilder {
     + CONF + "CertificateValidation/"
     + CONF + "PathConstruction/"
     + CONF + "AutoAddCertificates";
+  
+  private static final String AUTO_ADD_EE_CERTIFICATES_XPATH_ = 
+		    ROOT + CONF + "SignatureVerification/" 
+		    	    + CONF + "CertificateValidation/"
+		    	    + CONF + "PathConstruction/"
+		    	    + CONF + "AutoAddEECertificates";
+  
   private static final String USE_AUTHORITY_INFO_ACCESS_XPATH_ =
     ROOT + CONF + "SignatureVerification/" 
     + CONF + "CertificateValidation/"
@@ -1635,6 +1642,16 @@ public class ConfigurationPartsBuilder {
     return Boolean.valueOf(autoAdd).booleanValue();
   }
   
+  
+  public boolean getAutoEEAddCertificates() {
+	  String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_EE_CERTIFICATES_XPATH_, null);
+	  if (autoAdd != null)
+		  return Boolean.valueOf(autoAdd).booleanValue();
+	  else
+		  return false;
+	  
+	}
+  
   /**
    * Returns whether file URIs are permitted  
    * @return whether file URIs are permitted
@@ -1796,5 +1813,4 @@ public class ConfigurationPartsBuilder {
      return map;
   }
   
-  
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 6a007cf..34db547 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -239,6 +239,10 @@ public class ConfigurationProvider
    */
   private boolean autoAddCertificates_;
 
+  
+  private boolean autoAddEECertificates_;
+  
+  
   /**
    * Indicates whether the certificate extension Authority Info Access should 
    * be used during certificate path construction.
@@ -273,6 +277,8 @@ public class ConfigurationProvider
    * A <code>TSLConfiguration</code> that represents the global TSL configuration
    */
   private TSLConfiguration tslconfiguration_;
+
+
   
   
   /**
@@ -389,6 +395,7 @@ public class ConfigurationProvider
       chainingModes = builder.buildChainingModes();
       useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess();
       autoAddCertificates_ = builder.getAutoAddCertificates();
+      autoAddEECertificates_ = builder.getAutoEEAddCertificates();
       //trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
       
       
@@ -964,6 +971,18 @@ public class ConfigurationProvider
   }
 
   /**
+   * Returns whether EE certificates found during certificate path construction 
+   * should be added to the certificate store.
+   * 
+   * @return whether certificates found during certificate path construction 
+   *         should be added to the certificate store.
+   */
+  public boolean getAutoAddEECertificates()
+  {
+    return autoAddEECertificates_;
+  }
+  
+  /**
    * Returns whether the certificate extension Authority Info Access should 
    * be used during certificate path construction.
    * 
@@ -999,5 +1018,7 @@ public class ConfigurationProvider
   public TSLConfiguration getTSLConfiguration() {
 	  return tslconfiguration_;
   }
+
+
  
 }
 \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
index f79cf7a..97eb6ef 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -212,11 +212,14 @@ public class PKIProfileImpl implements PKIProfile {
 	@Override
 	public int autoAddCertificates() {
 		if(config.getAutoAddCertificates()) {
-			return PKIProfile.AUTO_ADD_EE_DISABLE;
-		} else {
+			if (config.getAutoAddEECertificates())
+				return PKIProfile.AUTO_ADD_ENABLE;
+			else
+				return PKIProfile.AUTO_ADD_EE_DISABLE;
+			
+		} else
 			return PKIProfile.AUTO_ADD_DISABLE;
-		}
-		// TODO AFITZEK allow saving of end entity certificates
+		
 	}
 
 	@Override
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2018-07-27 10:49:33 +0200
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2018-07-27 10:49:33 +0200
commit	0bcaff326d60df0d5549ef13a9d4bb7d9195b833 (patch)
tree	9ca50a959ec53c10141ed8ac24ee3c1ea8a5e52a /moaSig/moa-sig-lib
parent	25b88dfe530bdfe50e88f8c12c04fc037701556a (diff)
download	moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.tar.gz moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.tar.bz2 moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.zip