aboutsummaryrefslogtreecommitdiff
path: root/moaSig
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2018-07-27 10:49:33 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2018-07-27 10:49:33 +0200
commit0bcaff326d60df0d5549ef13a9d4bb7d9195b833 (patch)
tree9ca50a959ec53c10141ed8ac24ee3c1ea8a5e52a /moaSig
parent25b88dfe530bdfe50e88f8c12c04fc037701556a (diff)
downloadmoa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.tar.gz
moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.tar.bz2
moa-sig-0bcaff326d60df0d5549ef13a9d4bb7d9195b833.zip
add configFlag to support autoAddEECertificates
Diffstat (limited to 'moaSig')
-rw-r--r--moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-config-3.0.0.xsd1
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java18
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java21
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java11
4 files changed, 46 insertions, 5 deletions
diff --git a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-config-3.0.0.xsd b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-config-3.0.0.xsd
index 1a1b74b..c9739d3 100644
--- a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-config-3.0.0.xsd
+++ b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-config-3.0.0.xsd
@@ -145,6 +145,7 @@
<xs:complexType>
<xs:sequence>
<xs:element name="AutoAddCertificates" type="xs:boolean"/>
+ <xs:element name="AutoAddEECertificates" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
<xs:element name="CertificateStore">
<xs:complexType>
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 89f4c1e..3c00232 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -169,6 +169,13 @@ public class ConfigurationPartsBuilder {
+ CONF + "CertificateValidation/"
+ CONF + "PathConstruction/"
+ CONF + "AutoAddCertificates";
+
+ private static final String AUTO_ADD_EE_CERTIFICATES_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "AutoAddEECertificates";
+
private static final String USE_AUTHORITY_INFO_ACCESS_XPATH_ =
ROOT + CONF + "SignatureVerification/"
+ CONF + "CertificateValidation/"
@@ -1635,6 +1642,16 @@ public class ConfigurationPartsBuilder {
return Boolean.valueOf(autoAdd).booleanValue();
}
+
+ public boolean getAutoEEAddCertificates() {
+ String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_EE_CERTIFICATES_XPATH_, null);
+ if (autoAdd != null)
+ return Boolean.valueOf(autoAdd).booleanValue();
+ else
+ return false;
+
+ }
+
/**
* Returns whether file URIs are permitted
* @return whether file URIs are permitted
@@ -1796,5 +1813,4 @@ public class ConfigurationPartsBuilder {
return map;
}
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 6a007cf..34db547 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -239,6 +239,10 @@ public class ConfigurationProvider
*/
private boolean autoAddCertificates_;
+
+ private boolean autoAddEECertificates_;
+
+
/**
* Indicates whether the certificate extension Authority Info Access should
* be used during certificate path construction.
@@ -273,6 +277,8 @@ public class ConfigurationProvider
* A <code>TSLConfiguration</code> that represents the global TSL configuration
*/
private TSLConfiguration tslconfiguration_;
+
+
/**
@@ -389,6 +395,7 @@ public class ConfigurationProvider
chainingModes = builder.buildChainingModes();
useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess();
autoAddCertificates_ = builder.getAutoAddCertificates();
+ autoAddEECertificates_ = builder.getAutoEEAddCertificates();
//trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
@@ -964,6 +971,18 @@ public class ConfigurationProvider
}
/**
+ * Returns whether EE certificates found during certificate path construction
+ * should be added to the certificate store.
+ *
+ * @return whether certificates found during certificate path construction
+ * should be added to the certificate store.
+ */
+ public boolean getAutoAddEECertificates()
+ {
+ return autoAddEECertificates_;
+ }
+
+ /**
* Returns whether the certificate extension Authority Info Access should
* be used during certificate path construction.
*
@@ -999,5 +1018,7 @@ public class ConfigurationProvider
public TSLConfiguration getTSLConfiguration() {
return tslconfiguration_;
}
+
+
} \ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
index f79cf7a..97eb6ef 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -212,11 +212,14 @@ public class PKIProfileImpl implements PKIProfile {
@Override
public int autoAddCertificates() {
if(config.getAutoAddCertificates()) {
- return PKIProfile.AUTO_ADD_EE_DISABLE;
- } else {
+ if (config.getAutoAddEECertificates())
+ return PKIProfile.AUTO_ADD_ENABLE;
+ else
+ return PKIProfile.AUTO_ADD_EE_DISABLE;
+
+ } else
return PKIProfile.AUTO_ADD_DISABLE;
- }
- // TODO AFITZEK allow saving of end entity certificates
+
}
@Override