From 2f27021c8b5ee53c0d03d5fbf442c202e4cc4750 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 27 Sep 2022 17:42:41 +0200 Subject: refact(iaik-moa): implement custom IAIK-MOA configuration because original implementation initialize Commons-PKI twice --- .../spss/server/iaik/config/IaikConfigurator.java | 31 +++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java index c9a76f4..54e1e17 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -45,6 +45,7 @@ import at.gv.egovernment.moaspss.logging.LogMsg; import at.gv.egovernment.moaspss.logging.Logger; import iaik.logging.LogFactory; import iaik.pki.PKIException; +import iaik.pki.PKIFactory; import iaik.pki.store.revocation.RevocationFactory; import iaik.pki.store.revocation.RevocationSourceStore; import iaik.pki.store.truststore.TrustStoreFactory; @@ -53,7 +54,8 @@ import iaik.server.Configurator; import iaik.server.modules.keys.KeyEntryID; import iaik.server.modules.keys.KeyModule; import iaik.server.modules.keys.KeyModuleFactory; -import iaik.util.logging.Log; +import iaik.servertools.PublicAuthorityIdentifier; +import iaik.x509.X509Extensions; /** * A class responsible for configuring the IAIK MOA modules. @@ -61,7 +63,7 @@ import iaik.util.logging.Log; * @author Patrick Peck * @version $Id$ */ -public class IaikConfigurator { +public class IaikConfigurator extends Configurator { private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class); @@ -96,7 +98,7 @@ public class IaikConfigurator { initializePkiCommons(moaConfig, transId, configData); // initialze IAIK MOA - Configurator.init(configData, transId); + customIaikInit(configData, transId); SecProviderUtils.dumpSecProviders("Fully configured!"); @@ -122,6 +124,29 @@ public class IaikConfigurator { } } + public static void customIaikInit(ConfigurationData config, TransactionId transactionId) throws ConfigurationException, iaik.server.ConfigurationException { + if (config == null) { + throw new NullPointerException("Config data must not be null"); + } else { + initXSect(LogFactory.getLog("init-xsect"), transactionId); + X509Extensions.register(PublicAuthorityIdentifier.oid, PublicAuthorityIdentifier.class); + + // initialize PKI module only if it is not done yet + if (!PKIFactory.getInstance().isAlreadyConfigured()) { + initPkiModule(config.getPKIConfiguration(), transactionId); + + } else { + logger.trace("IAIK PKI-module is still configurated"); + + } + + + initCryptoModule(config.getCryptoModuleConfigurations(), transactionId); + initKeyModule(config.getKeyModuleConfigurations(), transactionId); + } + } + + private static void initializePkiCommons(ConfigurationProvider moaConfig, TransactionId transId, ConfigurationData configData) throws PKIException { if (!iaik.pki.Configurator.isInitialized()) { logger.info("Initializing IAIK PKI-Commons ... "); -- cgit v1.2.3