diff options
Diffstat (limited to 'moaSig/moa-sig-lib')
7 files changed, 180 insertions, 18 deletions
diff --git a/moaSig/moa-sig-lib/build.gradle b/moaSig/moa-sig-lib/build.gradle index 80c5cba..3ba7574 100644 --- a/moaSig/moa-sig-lib/build.gradle +++ b/moaSig/moa-sig-lib/build.gradle @@ -12,15 +12,16 @@ dependencies { testImplementation project(path: ':common', configuration: 'testArtifacts') api fileTree(dir: '../libs', include: '*.jar') - api group: 'at.gv.egovernment.moa.sig', name: 'tsl-lib', version: '2.0.5.1' + api group: 'at.gv.egovernment.moa.sig', name: 'tsl-lib', version: '2.1.0' api 'commons-logging:commons-logging:1.2' - api 'commons-io:commons-io:2.8.0' + api 'commons-io:commons-io:2.11.0' api 'commons-codec:commons-codec:1.15' api 'org.apache.axis:axis-jaxrpc:1.4' api 'org.xerial:sqlite-jdbc:3.39.3.0' - api 'javax.xml.bind:jaxb-api:2.3.1' - api 'com.sun.xml.bind:jaxb-core:2.3.0.1' - api 'com.sun.xml.bind:jaxb-impl:2.3.2' + api 'javax.activation:activation:1.1.1' + api 'jakarta.xml.bind:jakarta.xml.bind-api:3.0.1' + api 'com.sun.xml.bind:jaxb-core:3.0.2' + api 'com.sun.xml.bind:jaxb-impl:3.0.2' api 'org.postgresql:postgresql:42.5.0' api group: 'org.apache.pdfbox', name: 'pdfbox', version: '2.0.27' api group: 'org.apache.pdfbox', name: 'pdfbox-tools', version: '2.0.27' @@ -29,11 +30,12 @@ dependencies { api group: 'org.apache.pdfbox', name: 'preflight-app', version: '2.0.27' api group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0' api group: 'org.apache.httpcomponents', name: 'httpclient-cache', version: '4.5.13' + api group: 'org.slf4j', name: 'jcl-over-slf4j', version: '1.7.36' - testImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-migrationsupport', version: '5.7.1' - testImplementation group: 'org.junit.platform', name: 'junit-platform-engine', version: '1.7.1' - testImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-engine', version: '5.7.1' - testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.3' + testImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-migrationsupport', version: '5.8.2' + testImplementation group: 'org.junit.platform', name: 'junit-platform-engine', version: '1.8.2' + testImplementation group: 'org.junit.jupiter', name: 'junit-jupiter-engine', version: '5.8.2' + testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.9' } task releases(type: Copy) { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java index dff1fcc..1156aa1 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java @@ -31,7 +31,6 @@ import java.util.Date; import java.util.GregorianCalendar; import java.util.TimeZone; -import javax.xml.bind.DatatypeConverter; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -51,6 +50,7 @@ import at.gv.egovernment.moaspss.util.Constants; import at.gv.egovernment.moaspss.util.MiscUtil; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; +import jakarta.xml.bind.DatatypeConverter; /** * Utility methods used by the verious <code>ResponseBuilder</code> classes. diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 8fe31c5..5daf1a6 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -41,7 +41,6 @@ import java.util.List; import java.util.Map; import java.util.Set; -import javax.xml.bind.DatatypeConverter; import javax.xml.parsers.ParserConfigurationException; import org.w3c.dom.Attr; @@ -71,6 +70,7 @@ import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; import iaik.xml.crypto.utils.URI; import iaik.xml.crypto.utils.URIException; +import jakarta.xml.bind.DatatypeConverter; /** * A class that builds configuration data from a DOM based representation. @@ -1562,10 +1562,12 @@ public class ConfigurationPartsBuilder { public boolean getAutoEEAddCertificates() { final String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_EE_CERTIFICATES_XPATH_, null); - if (autoAdd != null) { + if (autoAdd != null) { return Boolean.valueOf(autoAdd).booleanValue(); + } else { return false; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index 64bd066..4596109 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -47,6 +47,8 @@ import at.gv.egovernment.moaspss.util.DOMUtils; import at.gv.egovernment.moaspss.util.MiscUtil; import iaik.asn1.structures.Name; import iaik.pki.revocation.RevocationSourceTypes; +import iaik.pki.utils.NameUtils; +import iaik.pki.utils.UtilsException; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; @@ -724,16 +726,14 @@ public class ConfigurationProvider { */ public Set getDistributionPoints(X509Certificate cert) { try { - final RFC2253NameParser nameParser = - new RFC2253NameParser(cert.getIssuerDN().toString()); - final String caIssuerDN = nameParser.parse().getName(); + final String caIssuerDN = NameUtils.getNormalizedName((Name)cert.getIssuerDN()); final Set dps = (Set) distributionPoints.get(caIssuerDN); if (dps == null) { return Collections.EMPTY_SET; } return dps; - } catch (final RFC2253NameParserException e) { + } catch (final UtilsException e) { return Collections.EMPTY_SET; } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java index 0032dc6..a53bce8 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -211,12 +211,15 @@ public class PKIProfileImpl implements PKIProfile { if (config.getAutoAddCertificates()) { if (config.getAutoAddEECertificates()) { return PKIProfile.AUTO_ADD_ENABLE; + } else { return PKIProfile.AUTO_ADD_EE_DISABLE; + } } else { return PKIProfile.AUTO_ADD_DISABLE; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java new file mode 100644 index 0000000..79a0401 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.spss.util; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileFilter; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; + +import iaik.pkcs.PKCS7CertList; +import iaik.pkcs.PKCSParsingException; +import iaik.security.provider.IAIK; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.xml.crypto.EccProviderAdapter; + +// Copyright (C) 2011 IAIK +// http://jce.iaik.at +// +// Copyright (C) 2011 Stiftung Secure Information and +// Communication Technologies SIC +// http://www.sic.st +// +// All rights reserved. +// +// This source is provided for inspection purposes and recompilation only, +// unless specified differently in a contract with IAIK. This source has to +// be kept in strict confidence and must not be disclosed to any third party +// under any circumstances. Redistribution in source and binary forms, with +// or without modification, are <not> permitted in any case! +// +// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +// SUCH DAMAGE. +// +// + +public class CertificateReader { + + /** + * Filter for reading certificate files from a directory. + * The filter accepts a file if its name ends with + * ".cer", ".der", ".crt" + * or ".pem". + * + * @author Harald Bratko + * @author Konrad Lanz + */ + static class CertificateFileFilter implements FileFilter { + + /** + * Accepts a file if it is not a directory and its name ends with + * ".cer", ".der", ".crt" or ".pem". + * + * @see java.io.FileFilter#accept(java.io.File) + */ + public boolean accept(File file) { + String name = file.getName(); + if (name.endsWith(".der") || + name.endsWith(".cer") || + name.endsWith(".crt") || + name.endsWith(".pem")) + { + return true; + } else { + return false; + } + } + } + + + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ + + File file = new File(directory); + File[] certificateFiles = file.listFiles(new CertificateFileFilter()); + int l = certificateFiles.length; + X509Certificate[] certs = new X509Certificate[l]; + for (int i=0; i<certificateFiles.length; i++) { + X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i])); + certs[i] = certificate; + } + //return certs; + return Util.arrangeCertificateChain(certs, false); + } + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static List<X509Certificate> readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ + + return Arrays.asList(readCertificatesIntoArray(directory)); + } + + public static void main(String[] args) { + try { + + IAIK.addAsJDK14Provider(); + //IAIK.addAsProvider(); + //Security.addProvider(new IAIK()); + + // install ECC provider + Security.addProvider(EccProviderAdapter.getEccProvider()); + + String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; + List l = readCertificates(dir); + Iterator<X509Certificate> it = l.iterator(); + while (it.hasNext()) { + System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); + } + } catch (Exception e) { + e.printStackTrace(); + System.exit(1); + } + + } + + public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { + PKCS7CertList p7certList = new PKCS7CertList( + new BufferedInputStream( + new FileInputStream( + path + ) + ) + ); + return p7certList.getCertificateList(); + } + }
\ No newline at end of file diff --git a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java index dd7890c..315f56e 100644 --- a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java +++ b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java @@ -24,8 +24,6 @@ package test.at.gv.egovernment.moa.spss; -import java.security.Security; - import test.at.gv.egovernment.moa.MOATestCase; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.logging.LoggingContext; |