diff options
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl')
3 files changed, 187 insertions, 211 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/TSLServiceFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/TSLServiceFactory.java index bc902f2..d75240e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/TSLServiceFactory.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/TSLServiceFactory.java @@ -13,55 +13,59 @@ import iaik.pki.store.truststore.TrustStoreFactory; public class TSLServiceFactory { - private static ITslService tslClient = null; - private static TslConfigurationImpl interalConfig; - - public static void initialize(TslConfigurationImpl config) { - if (tslClient == null) { - try { - interalConfig = config; - tslClient = TslClientFactory.buildTslService(interalConfig); - - TrustStoreFactory.addTrustStoreHandler(new ChainingTrustStoreHandler()); - - //set global TSL client status - ServiceStatusContainer.setStatus(true); - ServiceStatusContainer.setStatusMsg(ServiceStatusContainer.STATUS_OK); - - } catch (TslException e) { - Logger.fatal(new LogMsg(MessageProvider.getInstance().getMessage("init.05", new Object[]{e.getMessage()})), e); - - //set global TSL client status - ServiceStatusContainer.setStatus(false); - ServiceStatusContainer.setStatusMsg( - new LogMsg(MessageProvider.getInstance().getMessage("init.05", new Object[]{e.getMessage()})).toString()); - - } - - } else { - Logger.error("TSL-Service client can only be initialized once."); - throw new IllegalStateException("TSL-Service client can only be initialized once."); - - } - - } - - public static boolean isInitialized() { - if (tslClient == null) - return false; - else - return true; - - } - - public static ITslService getTSLServiceClient() { - if (!isInitialized()) { - Logger.warn("TSL client is not initialized but config is available. Starting new initialization process ..."); - initialize(interalConfig); - } - - return tslClient; - - } - + private static ITslService tslClient = null; + private static TslConfigurationImpl interalConfig; + + public static void initialize(TslConfigurationImpl config) { + if (tslClient == null) { + try { + interalConfig = config; + tslClient = TslClientFactory.buildTslService(interalConfig); + + TrustStoreFactory.addTrustStoreHandler(new ChainingTrustStoreHandler()); + + // set global TSL client status + ServiceStatusContainer.setStatus(true); + ServiceStatusContainer.setStatusMsg(ServiceStatusContainer.STATUS_OK); + + } catch (final TslException e) { + Logger.fatal(new LogMsg(MessageProvider.getInstance().getMessage("init.05", new Object[] { e + .getMessage() })), e); + + // set global TSL client status + ServiceStatusContainer.setStatus(false); + ServiceStatusContainer.setStatusMsg( + new LogMsg(MessageProvider.getInstance().getMessage("init.05", new Object[] { e.getMessage() })) + .toString()); + + } + + } else { + Logger.error("TSL-Service client can only be initialized once."); + throw new IllegalStateException("TSL-Service client can only be initialized once."); + + } + + } + + public static boolean isInitialized() { + if (tslClient == null) { + return false; + } else { + return true; + } + + } + + public static ITslService getTSLServiceClient() { + if (!isInitialized()) { + Logger.warn( + "TSL client is not initialized but config is available. Starting new initialization process ..."); + initialize(interalConfig); + } + + return tslClient; + + } + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java index b5a7a8c..1a377b6 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java @@ -1,77 +1,49 @@ package at.gv.egovernment.moa.spss.tsl.timer;
-import iaik.asn1.ObjectID;
-import iaik.pki.store.certstore.CertStoreException;
-import iaik.pki.store.certstore.CertStoreParameters;
-import iaik.pki.store.truststore.TrustStoreException;
-import iaik.pki.store.truststore.TrustStoreProfile;
-import iaik.pki.store.utils.StoreUpdater;
-import iaik.server.ConfigurationData;
-import iaik.x509.X509Certificate;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.cert.CertificateException;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.Map;
import java.util.TimerTask;
import at.gv.egovernment.moa.sig.tsl.exception.TslException;
import at.gv.egovernment.moa.sig.tsl.exception.TslUpdateException;
-import at.gv.egovernment.moa.spss.MOAApplicationException;
-import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
-import at.gv.egovernment.moa.spss.server.config.TrustProfile;
-import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
-import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
-import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer;
import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
-import at.gv.egovernment.moaspss.util.StringUtils;
-
public class TSLUpdaterTimerTask extends TimerTask {
-
- @Override
- public void run() {
-
- try {
- Logger.info("Start TSL Update");
- TSLServiceFactory.getTSLServiceClient().updateTSLInformation();
- Logger.info("Finished TSL Update");
-
- //set global TSL client status
- ServiceStatusContainer.setStatus(true);
- ServiceStatusContainer.setStatusMsg(ServiceStatusContainer.STATUS_OK);
-
- } catch (TslUpdateException e) {
- MessageProvider msg = MessageProvider.getInstance();
- Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
-
- //set global TSL client status
- ServiceStatusContainer.setStatus(false);
- ServiceStatusContainer.setStatusMsg(
- new LogMsg(msg.getMessage("tsl.00", null)).toString());
-
- } catch (TslException e) {
- MessageProvider msg = MessageProvider.getInstance();
- Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
-
- //set global TSL client status
- ServiceStatusContainer.setStatus(false);
- ServiceStatusContainer.setStatusMsg(
- new LogMsg(msg.getMessage("tsl.00", null)).toString());
-
- }
- }
+ @Override
+ public void run() {
+
+ try {
+ Logger.info("Start TSL Update");
+ TSLServiceFactory.getTSLServiceClient().updateTSLInformation();
+ Logger.info("Finished TSL Update");
+
+ // set global TSL client status
+ ServiceStatusContainer.setStatus(true);
+ ServiceStatusContainer.setStatusMsg(ServiceStatusContainer.STATUS_OK);
+
+ } catch (final TslUpdateException e) {
+ final MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+
+ // set global TSL client status
+ ServiceStatusContainer.setStatus(false);
+ ServiceStatusContainer.setStatusMsg(
+ new LogMsg(msg.getMessage("tsl.00", null)).toString());
+
+ } catch (final TslException e) {
+ final MessageProvider msg = MessageProvider.getInstance();
+ Logger.error(new LogMsg(msg.getMessage("tsl.00", null)), e);
+
+ // set global TSL client status
+ ServiceStatusContainer.setStatus(false);
+ ServiceStatusContainer.setStatusMsg(
+ new LogMsg(msg.getMessage("tsl.00", null)).toString());
+
+ }
+
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java index 763382a..eeff27c 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/CertificateReader.java @@ -1,10 +1,4 @@ package at.gv.egovernment.moa.spss.tsl.utils;
-import iaik.pkcs.PKCS7CertList;
-import iaik.pkcs.PKCSParsingException;
-import iaik.security.provider.IAIK;
-import iaik.utils.Util;
-import iaik.x509.X509Certificate;
-import iaik.xml.crypto.EccProviderAdapter;
import java.io.BufferedInputStream;
import java.io.File;
@@ -18,6 +12,13 @@ import java.util.Arrays; import java.util.Iterator;
import java.util.List;
+import iaik.pkcs.PKCS7CertList;
+import iaik.pkcs.PKCSParsingException;
+import iaik.security.provider.IAIK;
+import iaik.utils.Util;
+import iaik.x509.X509Certificate;
+import iaik.xml.crypto.EccProviderAdapter;
+
// Copyright (C) 2011 IAIK
// http://jce.iaik.at
//
@@ -49,107 +50,106 @@ import java.util.List; public class CertificateReader {
+ /**
+ * Filter for reading certificate files from a directory. The filter accepts a
+ * file if its name ends with ".cer", ".der",
+ * ".crt" or ".pem".
+ *
+ * @author Harald Bratko
+ * @author Konrad Lanz
+ */
+ static class CertificateFileFilter implements FileFilter {
+
/**
- * Filter for reading certificate files from a directory.
- * The filter accepts a file if its name ends with
- * ".cer", ".der", ".crt"
- * or ".pem".
+ * Accepts a file if it is not a directory and its name ends with
+ * ".cer", ".der", ".crt" or ".pem".
*
- * @author Harald Bratko
- * @author Konrad Lanz
+ * @see java.io.FileFilter#accept(java.io.File)
*/
- static class CertificateFileFilter implements FileFilter {
-
- /**
- * Accepts a file if it is not a directory and its name ends with
- * ".cer", ".der", ".crt" or ".pem".
- *
- * @see java.io.FileFilter#accept(java.io.File)
- */
- public boolean accept(File file) {
- String name = file.getName();
- if (name.endsWith(".der") ||
+ @Override
+ public boolean accept(File file) {
+ final String name = file.getName();
+ if (name.endsWith(".der") ||
name.endsWith(".cer") ||
name.endsWith(".crt") ||
- name.endsWith(".pem"))
- {
- return true;
- } else {
- return false;
- }
+ name.endsWith(".pem")) {
+ return true;
+ } else {
+ return false;
}
}
-
-
-
- /**
- * Reads the certificates from the given directory and
- * returns the certificates as sorted list (end user certificate first).
- * @param directory
- * @return
- * @throws IOException
- * @throws FileNotFoundException
- * @throws CertificateException
- * @throws Exception
- */
- public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{
- File file = new File(directory);
- File[] certificateFiles = file.listFiles(new CertificateFileFilter());
- int l = certificateFiles.length;
- X509Certificate[] certs = new X509Certificate[l];
- for (int i=0; i<certificateFiles.length; i++) {
- X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i]));
- certs[i] = certificate;
- }
- return Util.arrangeCertificateChain(certs, false);
+ }
+
+ /**
+ * Reads the certificates from the given directory and returns the certificates
+ * as sorted list (end user certificate first).
+ *
+ * @param directory
+ * @return
+ * @throws IOException
+ * @throws FileNotFoundException
+ * @throws CertificateException
+ * @throws Exception
+ */
+ public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException,
+ FileNotFoundException, IOException {
+ final File file = new File(directory);
+ final File[] certificateFiles = file.listFiles(new CertificateFileFilter());
+ final int l = certificateFiles.length;
+ final X509Certificate[] certs = new X509Certificate[l];
+ for (int i = 0; i < certificateFiles.length; i++) {
+ final X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i]));
+ certs[i] = certificate;
}
-
- /**
- * Reads the certificates from the given directory and
- * returns the certificates as sorted list (end user certificate first).
- * @param directory
- * @return
- * @throws IOException
- * @throws FileNotFoundException
- * @throws CertificateException
- * @throws Exception
- */
- public static List<X509Certificate> readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{
-
- return Arrays.asList(readCertificatesIntoArray(directory));
- }
-
- public static void main(String[] args) {
- try {
-
- IAIK.addAsJDK14Provider();
- //IAIK.addAsProvider();
- //Security.addProvider(new IAIK());
-
- // install ECC provider
- Security.addProvider(EccProviderAdapter.getEccProvider());
-
- String dir = "spec/examples/EU/AT/certs/on-tsl/chain/";
- List l = readCertificates(dir);
- Iterator<X509Certificate> it = l.iterator();
- while (it.hasNext()) {
- System.out.println(((X509Certificate)it.next()).getSubjectDN().getName());
- }
- } catch (Exception e) {
- e.printStackTrace();
- System.exit(1);
+ return Util.arrangeCertificateChain(certs, false);
+ }
+
+ /**
+ * Reads the certificates from the given directory and returns the certificates
+ * as sorted list (end user certificate first).
+ *
+ * @param directory
+ * @return
+ * @throws IOException
+ * @throws FileNotFoundException
+ * @throws CertificateException
+ * @throws Exception
+ */
+ public static List<X509Certificate> readCertificates(String directory) throws CertificateException,
+ FileNotFoundException, IOException {
+
+ return Arrays.asList(readCertificatesIntoArray(directory));
+ }
+
+ public static void main(String[] args) {
+ try {
+
+ IAIK.addAsJDK14Provider();
+ // IAIK.addAsProvider();
+ // Security.addProvider(new IAIK());
+
+ // install ECC provider
+ Security.addProvider(EccProviderAdapter.getEccProvider());
+
+ final String dir = "spec/examples/EU/AT/certs/on-tsl/chain/";
+ final List l = readCertificates(dir);
+ final Iterator<X509Certificate> it = l.iterator();
+ while (it.hasNext()) {
+ System.out.println(it.next().getSubjectDN().getName());
}
-
+ } catch (final Exception e) {
+ e.printStackTrace();
+ System.exit(1);
}
- public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException {
- PKCS7CertList p7certList = new PKCS7CertList(
- new BufferedInputStream(
- new FileInputStream(
- path
- )
- )
- );
- return p7certList.getCertificateList();
- }
- }
\ No newline at end of file + }
+
+ public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException,
+ IOException {
+ final PKCS7CertList p7certList = new PKCS7CertList(
+ new BufferedInputStream(
+ new FileInputStream(
+ path)));
+ return p7certList.getCertificateList();
+ }
+}
\ No newline at end of file |