aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
diff options
context:
space:
mode:
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java')
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java173
1 files changed, 93 insertions, 80 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index 00ea64d..8ca19e4 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -21,30 +21,18 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.iaik.config;
-import iaik.cms.IaikCCProvider;
-import iaik.esi.sva.Configuration;
-import iaik.logging.LogFactory;
-import iaik.pki.store.revocation.RevocationFactory;
-import iaik.pki.store.revocation.RevocationSourceStore;
-import iaik.pki.store.truststore.TrustStoreFactory;
-import iaik.security.ec.provider.ECCelerate;
-import iaik.server.ConfigurationData;
-import iaik.server.Configurator;
-import iaik.server.modules.keys.KeyEntryID;
-import iaik.server.modules.keys.KeyModule;
-import iaik.server.modules.keys.KeyModuleFactory;
-
-import java.security.Provider;
-import java.security.Security;
+import java.io.PrintWriter;
+import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
+import org.slf4j.LoggerFactory;
+
import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.KeyGroup;
@@ -55,78 +43,103 @@ import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moa.spss.util.SecProviderUtils;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
+import iaik.logging.LogFactory;
+import iaik.pki.store.revocation.RevocationFactory;
+import iaik.pki.store.revocation.RevocationSourceStore;
+import iaik.pki.store.truststore.TrustStoreFactory;
+import iaik.server.ConfigurationData;
+import iaik.server.Configurator;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
/**
* A class responsible for configuring the IAIK MOA modules.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IaikConfigurator {
+ private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class);
+
/** The warnings encountered during configuration. */
private List warnings = new ArrayList();
/**
* Configure the IAIK MOA subsystem.
- *
- *
+ *
+ *
* @param moaConfig The underlying MOA configuration.
* @return Returns the config data of the underlying MOA subsystem
- * @throws ConfigurationException An error occurred configuring the IAIK
- * MOA subsystem.
+ * @throws ConfigurationException An error occurred configuring the IAIK MOA
+ * subsystem.
*/
public ConfigurationData configure(ConfigurationProvider moaConfig)
- throws ConfigurationException {
- ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
-
+ throws ConfigurationException {
+ final ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
+
warnings = new ArrayList();
try {
- TransactionId transId = new TransactionId("IaikConfigurator");
-
- //iaik.esi.sva.Configuration config = new Configuration(IaikConfigurator.class.getResourceAsStream("/sva.config"));
-
- //SecProviderUtils.dumpSecProviders("Starting configuration");
-
+ final TransactionId transId = new TransactionId("IaikConfigurator");
+
+ // iaik.esi.sva.Configuration config = new
+ // Configuration(IaikConfigurator.class.getResourceAsStream("/sva.config"));
+
+ // SecProviderUtils.dumpSecProviders("Starting configuration");
+
LogFactory.configure(configData.getLoggerConfig());
-
+
try {
- iaik.pki.Configurator.initCommon(configData.getLoggerConfig(),
- transId);
- //SecProviderUtils.dumpSecProviders("initCommon");
- String certStoreRoot = moaConfig.getCertStoreLocation();
- CertStoreConverter.convert(certStoreRoot, transId);
+ iaik.pki.Configurator.initCommon(configData.getLoggerConfig(),
+ transId);
+ // SecProviderUtils.dumpSecProviders("initCommon");
+ final String certStoreRoot = moaConfig.getCertStoreLocation();
+ CertStoreConverter.convert(certStoreRoot, transId);
} finally {
- //Security.removeProvider(ECCelerate.getInstance().getName());
+ // Security.removeProvider(ECCelerate.getInstance().getName());
}
-
+
Configurator.init(configData, transId);
-
+
SecProviderUtils.dumpSecProviders("Fully configured!");
-
- // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat
- RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
- //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
- if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) {
+
+ // Set customized CRL retriever to overcome a classloader problem when MOA is
+ // deployed in Tomcat
+ final RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
+ // rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
+ if (moaConfig.getSoftwareKeyModules().size() > 0 || moaConfig.getHardwareKeyModules().size() > 0) {
dumpKeyEntryIDs();
}
checkKeyGroupConfig(moaConfig);
TrustStoreFactory.reset();
-
+
return configData;
- } catch (iaik.server.ConfigurationException e) {
+ } catch (final iaik.server.ConfigurationException e) {
+ logException(e);
throw new ConfigurationException("config.08", null, e);
- } catch (Throwable t) {
+
+ } catch (final Throwable t) {
+ logException(t);
throw new ConfigurationException("config.08", null, t);
+
}
}
+ private void logException(Throwable e) {
+ final StringWriter out = new StringWriter();
+ final PrintWriter writer = new PrintWriter(out);
+ e.printStackTrace(writer);
+ logger.error("IAIK_Module error: {}", out.toString());
+
+ }
+
/**
* Return the warnings encountered during configuration.
- *
+ *
* @return The warnings.
- */
+ */
public List getWarnings() {
return warnings;
}
@@ -136,71 +149,71 @@ public class IaikConfigurator {
* <code>KeyModule</code>s to the log file.
*/
private void dumpKeyEntryIDs() {
- MessageProvider msg = MessageProvider.getInstance();
- KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
- Set keyEntryIds = module.getPrivateKeyEntryIDs();
+ final MessageProvider msg = MessageProvider.getInstance();
+ final KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
+ final Set keyEntryIds = module.getPrivateKeyEntryIDs();
Iterator iter;
for (iter = keyEntryIds.iterator(); iter.hasNext();) {
- KeyEntryID keyEntryId = (KeyEntryID) iter.next();
+ final KeyEntryID keyEntryId = (KeyEntryID) iter.next();
Logger.info(
- new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
+ new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
}
}
/**
- * Check that each key group entry in each key group can be resolved to a
+ * Check that each key group entry in each key group can be resolved to a
* KeyEntryID.
- *
+ *
* Logs a warning for each key group entry that cannot be resolved.
- *
+ *
* @param moaConfig The MOA configuration to check.
*/
private void checkKeyGroupConfig(ConfigurationProvider moaConfig) {
- Map keyGroups = moaConfig.getKeyGroups();
+ final Map keyGroups = moaConfig.getKeyGroups();
Iterator iter;
for (iter = keyGroups.values().iterator(); iter.hasNext();) {
- KeyGroup keyGroup = (KeyGroup) iter.next();
- Set keyGroupEntries = keyGroup.getKeyGroupEntries();
+ final KeyGroup keyGroup = (KeyGroup) iter.next();
+ final Set keyGroupEntries = keyGroup.getKeyGroupEntries();
Iterator kgIter;
for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) {
- KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();
+ final KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();
if (!findKeyEntryID(entry)) {
warn(
- "config.31",
- new Object[] {
- keyGroup.getId(),
- entry.getModuleID(),
- entry.getIssuerDN(),
- entry.getSerialNumber()});
+ "config.31",
+ new Object[] {
+ keyGroup.getId(),
+ entry.getModuleID(),
+ entry.getIssuerDN(),
+ entry.getSerialNumber() });
}
}
}
}
/**
- * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID
- * by the Configurator.
+ * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID by
+ * the Configurator.
*
* @param keyGroupEntry The key group entry to find.
* @return <code>true</code>, if the <code>keyGroupEntry</code> could be
- * resolved to a <code>KeyEntryID</code>; otherwise <code>false</code>.
+ * resolved to a <code>KeyEntryID</code>; otherwise <code>false</code>.
*/
private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) {
- KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
- Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+ final KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
+ final Set keyEntryIDs = module.getPrivateKeyEntryIDs();
Iterator iter;
for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
- KeyEntryID entry = (KeyEntryID) iter.next();
+ final KeyEntryID entry = (KeyEntryID) iter.next();
if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN())
- && entry.getCertificateSerialNumber().equals(
- keyGroupEntry.getSerialNumber())
- && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
+ && entry.getCertificateSerialNumber().equals(
+ keyGroupEntry.getSerialNumber())
+ && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
return true;
}
}
@@ -210,14 +223,14 @@ public class IaikConfigurator {
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
warnings.add(txt);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 18:57:34 +0000