CRLDistributionPoint.
- *
- * @param issuerName
- * The name of the CA issuing the CRL referred to by this DP.
- *
- * @param uri
- * The URI of the distribution point.
- *
- * @param reasonCodeStr
- * A list of reason codes (a space-separated enumeration).
- */
- public CRLDistributionPoint(String issuerName, String uri, String reasonCodeStr) {
- super(uri);
- issuerName_ = issuerName;
- this.reasonCodes = extractReasonCodes(reasonCodeStr);
- }
-
- /**
- * @see DistributionPoint#getType()
- */
- public String getType() {
- return RevocationSourceTypes.CRL;
- }
-
- /**
- * Convert a list of reason codes provided as a String to a
- * binary representation.
- *
- * @param reasonCodeStr
- * A String containing a blank-separated, textual
- * representation of reason codes.
- * @return int A binary representation of reason codes.
- * @see iaik.asn1.structures.DistributionPoint
- */
- private int extractReasonCodes(String reasonCodeStr) {
- int codes = 0;
- StringTokenizer tokenizer = new StringTokenizer(reasonCodeStr);
- String token;
- Integer reasonCode;
-
- while (tokenizer.hasMoreTokens()) {
- token = tokenizer.nextToken();
- reasonCode = (Integer) RC_MAPPING.get(token);
- if (reasonCode != null) {
- codes |= reasonCode.intValue();
- } else {
- MessageProvider msg = MessageProvider.getInstance();
- Logger.warn(new LogMsg(msg.getMessage("config.07", new Object[] { token })));
- }
- }
-
- // If reasonCodeStr is empty, set all possible reason codes
- if (codes == 0)
- codes = iaik.asn1.structures.DistributionPoint.unused | iaik.asn1.structures.DistributionPoint.keyCompromise
- | iaik.asn1.structures.DistributionPoint.cACompromise
- | iaik.asn1.structures.DistributionPoint.affiliationChanged
- | iaik.asn1.structures.DistributionPoint.superseded
- | iaik.asn1.structures.DistributionPoint.cessationOfOperation
- | iaik.asn1.structures.DistributionPoint.certificateHold
- | iaik.asn1.structures.DistributionPoint.privilegeWithdrawn
- | iaik.asn1.structures.DistributionPoint.aACompromise;
-
- return codes;
- }
-
- /**
- * Return a binary representation of the reason codes of this distribution
- * point.
- *
- * @return The binary representation of the reason codes.
- */
- public int getReasonCodes() {
- return reasonCodes;
- }
-
- /**
- * Return a String representation of this distribution point.
- *
- * @return The String representation of this distribution
- * point.
- * @see java.lang.Object#toString()
- */
- public String toString() {
- return "(DistributionPoint - " + ("URI<" + getUri()) + ("> REASONCODES<" + getReasonCodes() + ">)");
- }
-
- /**
- * @see iaik.pki.revocation.CRLDistributionPoint#getIssuerName()
- */
- public String getIssuerName() {
- return issuerName_;
- }
-
- @Override
- public Name getIssuerDN() {
- try {
- return new Name(this.issuerName_);
- } catch (RFC2253NameParserException e) {
- throw new RuntimeException(e);
- }
- }
+public class CRLDistributionPoint extends DistributionPoint implements
+ iaik.pki.revocation.CRLDistributionPoint {
+
+ private static Map RC_MAPPING = new HashMap();
+
+ static {
+
+ // create the mapping between reason code strings and their integer
+ // values
+ RC_MAPPING.put("unused", new Integer(iaik.asn1.structures.DistributionPoint.unused));
+ RC_MAPPING.put("keyCompromise", new Integer(iaik.asn1.structures.DistributionPoint.keyCompromise));
+ RC_MAPPING.put("cACompromise", new Integer(iaik.asn1.structures.DistributionPoint.cACompromise));
+ RC_MAPPING.put("affiliationChanged", new Integer(
+ iaik.asn1.structures.DistributionPoint.affiliationChanged));
+ RC_MAPPING.put("superseded", new Integer(iaik.asn1.structures.DistributionPoint.superseded));
+ RC_MAPPING.put("cessationOfOperation",
+ new Integer(iaik.asn1.structures.DistributionPoint.cessationOfOperation));
+ RC_MAPPING.put("certificateHold", new Integer(iaik.asn1.structures.DistributionPoint.certificateHold));
+ RC_MAPPING.put("privilegeWithdrawn", new Integer(
+ iaik.asn1.structures.DistributionPoint.privilegeWithdrawn));
+ RC_MAPPING.put("aACompromise", new Integer(iaik.asn1.structures.DistributionPoint.aACompromise));
+ }
+
+ /**
+ * The name of the CA issuing the CRL referred to by this DP.
+ */
+ private final String issuerName_;
+
+ /**
+ * The reason codes applicable for the distribution point.
+ */
+ private final int reasonCodes;
+
+ /**
+ * Create a CRLDistributionPoint.
+ *
+ * @param issuerName The name of the CA issuing the CRL referred to by this
+ * DP.
+ *
+ * @param uri The URI of the distribution point.
+ *
+ * @param reasonCodeStr A list of reason codes (a space-separated enumeration).
+ */
+ public CRLDistributionPoint(String issuerName, String uri, String reasonCodeStr) {
+ super(uri);
+ issuerName_ = issuerName;
+ this.reasonCodes = extractReasonCodes(reasonCodeStr);
+ }
+
+ /**
+ * @see DistributionPoint#getType()
+ */
+ @Override
+ public String getType() {
+ return RevocationSourceTypes.CRL;
+ }
+
+ /**
+ * Convert a list of reason codes provided as a String to a binary
+ * representation.
+ *
+ * @param reasonCodeStr A String containing a blank-separated,
+ * textual representation of reason codes.
+ * @return int A binary representation of reason codes.
+ * @see iaik.asn1.structures.DistributionPoint
+ */
+ private int extractReasonCodes(String reasonCodeStr) {
+ int codes = 0;
+ final StringTokenizer tokenizer = new StringTokenizer(reasonCodeStr);
+ String token;
+ Integer reasonCode;
+
+ while (tokenizer.hasMoreTokens()) {
+ token = tokenizer.nextToken();
+ reasonCode = (Integer) RC_MAPPING.get(token);
+ if (reasonCode != null) {
+ codes |= reasonCode.intValue();
+ } else {
+ final MessageProvider msg = MessageProvider.getInstance();
+ Logger.warn(new LogMsg(msg.getMessage("config.07", new Object[] { token })));
+ }
+ }
+
+ // If reasonCodeStr is empty, set all possible reason codes
+ if (codes == 0) {
+ codes = iaik.asn1.structures.DistributionPoint.unused
+ | iaik.asn1.structures.DistributionPoint.keyCompromise
+ | iaik.asn1.structures.DistributionPoint.cACompromise
+ | iaik.asn1.structures.DistributionPoint.affiliationChanged
+ | iaik.asn1.structures.DistributionPoint.superseded
+ | iaik.asn1.structures.DistributionPoint.cessationOfOperation
+ | iaik.asn1.structures.DistributionPoint.certificateHold
+ | iaik.asn1.structures.DistributionPoint.privilegeWithdrawn
+ | iaik.asn1.structures.DistributionPoint.aACompromise;
+ }
+
+ return codes;
+ }
+
+ /**
+ * Return a binary representation of the reason codes of this distribution
+ * point.
+ *
+ * @return The binary representation of the reason codes.
+ */
+ @Override
+ public int getReasonCodes() {
+ return reasonCodes;
+ }
+
+ /**
+ * Return a String representation of this distribution point.
+ *
+ * @return The String representation of this distribution point.
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ return "(DistributionPoint - " + "URI<" + getUri() + "> REASONCODES<" + getReasonCodes() + ">)";
+ }
+
+ /**
+ * @see iaik.pki.revocation.CRLDistributionPoint#getIssuerName()
+ */
+ public String getIssuerName() {
+ return issuerName_;
+ }
+
+ @Override
+ public Name getIssuerDN() {
+ try {
+ return new Name(this.issuerName_);
+ } catch (final RFC2253NameParserException e) {
+ throw new RuntimeException(e);
+ }
+ }
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
index 6546e88..13f1de9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationException.java
@@ -21,27 +21,26 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import at.gv.egovernment.moa.spss.MOASystemException;
/**
* Exception signalling an error in the configuration.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class ConfigurationException extends MOASystemException {
/**
- *
- */
- private static final long serialVersionUID = -1934466124930228755L;
+ *
+ */
+ private static final long serialVersionUID = -1934466124930228755L;
-/**
+ /**
* Create a ConfigurationException.
- *
+ *
* @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[])
*/
public ConfigurationException(String messageId, Object[] parameters) {
@@ -50,12 +49,14 @@ public class ConfigurationException extends MOASystemException {
/**
* Create a ConfigurationException.
- * @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[], Throwable)
+ *
+ * @see at.gv.egovernment.moa.spss.MOAException#MOAException(String, Object[],
+ * Throwable)
*/
public ConfigurationException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
+ String messageId,
+ Object[] parameters,
+ Throwable wrapped) {
super(messageId, parameters, wrapped);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 3c00232..41b0c29 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -20,22 +20,8 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
-import iaik.asn1.structures.Name;
-//import iaik.ixsil.exceptions.URIException;
-//import iaik.ixsil.util.URI;
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.server.modules.xml.BlackListEntry;
-import iaik.server.modules.xml.ExternalReferenceChecker;
-import iaik.server.modules.xml.WhiteListEntry;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-import iaik.xml.crypto.utils.URI;
-import iaik.xml.crypto.utils.URIException;
-
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
@@ -70,14 +56,25 @@ import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.Constants;
import at.gv.egovernment.moaspss.util.DOMUtils;
-import at.gv.egovernment.moaspss.util.FileUtils;
import at.gv.egovernment.moaspss.util.MiscUtil;
import at.gv.egovernment.moaspss.util.StringUtils;
import at.gv.egovernment.moaspss.util.XPathUtils;
+import iaik.asn1.structures.Name;
+//import iaik.ixsil.exceptions.URIException;
+//import iaik.ixsil.util.URI;
+import iaik.pki.pathvalidation.ChainingModes;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.server.modules.xml.BlackListEntry;
+import iaik.server.modules.xml.ExternalReferenceChecker;
+import iaik.server.modules.xml.WhiteListEntry;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+import iaik.xml.crypto.utils.URI;
+import iaik.xml.crypto.utils.URIException;
/**
* A class that builds configuration data from a DOM based representation.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
@@ -102,271 +99,274 @@ public class ConfigurationPartsBuilder {
//
private static final String ROOT = "/" + CONF + "MOAConfiguration/";
-
+
private static final String PDFAS_CONFIGURATION_XPATH =
- ROOT + CONF + "Common/" + CONF + "PDFASConfig";
-
+ ROOT + CONF + "Common/" + CONF + "PDFASConfig";
+
private static final String FORMRESULT_CONFIGURATION_XPATH =
- ROOT + CONF + "Common/" + CONF + "AdESFormResult";
-
+ ROOT + CONF + "Common/" + CONF + "AdESFormResult";
+
private static final String DIGEST_METHOD_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "XMLDSig/"
- + CONF + "DigestMethodAlgorithm";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XMLDSig/"
+ + CONF + "DigestMethodAlgorithm";
private static final String XADES_VERSION_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "XAdES/"
- + CONF + "Version";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XAdES/"
+ + CONF + "Version";
private static final String C14N_ALGORITHM_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "XMLDSig/"
- + CONF + "CanonicalizationAlgorithm";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "XMLDSig/"
+ + CONF + "CanonicalizationAlgorithm";
private static final String HARDWARE_CRYPTO_MODULE_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "HardwareCryptoModule";
+ ROOT + CONF + "Common/"
+ + CONF + "HardwareCryptoModule";
private static final String PERMIT_EXTERNAL_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "PermitExternalUris";
+ ROOT + CONF + "Common/"
+ + CONF + "PermitExternalUris";
private static final String BLACK_LIST_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "PermitExternalUris/"
- + CONF + "BlackListUri";
+ ROOT + CONF + "Common/"
+ + CONF + "PermitExternalUris/"
+ + CONF + "BlackListUri";
private static final String FORBID_EXTERNAL_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "ForbidExternalUris";
+ ROOT + CONF + "Common/"
+ + CONF + "ForbidExternalUris";
private static final String WHITE_LIST_URIS_XPATH =
- ROOT + CONF + "Common/"
- + CONF + "ForbidExternalUris/"
- + CONF + "WhiteListUri";
-
+ ROOT + CONF + "Common/"
+ + CONF + "ForbidExternalUris/"
+ + CONF + "WhiteListUri";
+
private static final String HARDWARE_KEY_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyModules/"
- + CONF + "HardwareKeyModule";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyModules/"
+ + CONF + "HardwareKeyModule";
private static final String SOFTWARE_KEY_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyModules/"
- + CONF + "SoftwareKeyModule";
- private static final String KEYGROUP_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyGroup";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyModules/"
+ + CONF + "SoftwareKeyModule";
+ private static final String KEYGROUP_XPATH =
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyGroup";
private static final String KEYGROUP_MAPPING_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "KeyGroupMapping";
- private static final String ISSUER_XPATH =
- DSIG + "X509IssuerName";
- private static final String SERIAL_XPATH =
- DSIG + "X509SerialNumber";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "KeyGroupMapping";
+ private static final String ISSUER_XPATH =
+ DSIG + "X509IssuerName";
+ private static final String SERIAL_XPATH =
+ DSIG + "X509SerialNumber";
private static final String CERTSTORE_LOCATION_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "CertificateStore/"
- + CONF + "DirectoryStore/"
- + CONF + "Location";
- private static final String AUTO_ADD_CERTIFICATES_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "AutoAddCertificates";
-
- private static final String AUTO_ADD_EE_CERTIFICATES_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "AutoAddEECertificates";
-
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "CertificateStore/"
+ + CONF + "DirectoryStore/"
+ + CONF + "Location";
+ private static final String AUTO_ADD_CERTIFICATES_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "AutoAddCertificates";
+
+ private static final String AUTO_ADD_EE_CERTIFICATES_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "AutoAddEECertificates";
+
private static final String USE_AUTHORITY_INFO_ACCESS_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathConstruction/"
- + CONF + "UseAuthorityInformationAccess";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathConstruction/"
+ + CONF + "UseAuthorityInformationAccess";
private static final String CHAINING_MODES_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathValidation/"
- + CONF + "ChainingMode";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathValidation/"
+ + CONF + "ChainingMode";
private static final String CHAINING_MODES_DEFAULT_XPATH =
- CHAINING_MODES_XPATH + "/"
- + CONF + "DefaultMode";
+ CHAINING_MODES_XPATH + "/"
+ + CONF + "DefaultMode";
private static final String TRUST_ANCHOR_XPATH =
- CHAINING_MODES_XPATH + "/"
- + CONF + "TrustAnchor";
+ CHAINING_MODES_XPATH + "/"
+ + CONF + "TrustAnchor";
private static final String TRUST_PROFILE_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "PathValidation/"
- + CONF + "TrustProfile";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "PathValidation/"
+ + CONF + "TrustProfile";
private static final String DISTRIBUTION_POINTS_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "DistributionPoint";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "DistributionPoint";
private static final String CRL_RETENTION_INTERVALS_CA_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "CrlRetentionIntervals/"
- + CONF + "CA";
- private static final String ENABLE_REVOCATION_CHECKING_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "EnableChecking";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "CrlRetentionIntervals/"
+ + CONF + "CA";
+ private static final String ENABLE_REVOCATION_CHECKING_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "EnableChecking";
private static final String MAX_REVOCATION_AGE_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "MaxRevocationAge";
- private static final String REVOCATION_SERVICEORDER_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "ServiceOrder/"
- + CONF + "Service";
- private static final String ENABLE_ARCHIVING_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "EnableArchiving";
- private static final String CRL_ARCHIVE_DURATION_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "ArchiveDuration";
- private static final String ACHIVE_JDBC_URL_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "Archive/"
- + CONF + "DatabaseArchive/"
- + CONF + "JDBCURL";
- private static final String ACHIVE_JDBC_DRIVER_CLASS_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "RevocationChecking/"
- + CONF + "Archiving/"
- + CONF + "Archive/"
- + CONF + "DatabaseArchive/"
- + CONF + "JDBCDriverClassName";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "MaxRevocationAge";
+ private static final String REVOCATION_SERVICEORDER_XPATH_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "ServiceOrder/"
+ + CONF + "Service";
+ private static final String ENABLE_ARCHIVING_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "EnableArchiving";
+ private static final String CRL_ARCHIVE_DURATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "ArchiveDuration";
+ private static final String ACHIVE_JDBC_URL_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "Archive/"
+ + CONF + "DatabaseArchive/"
+ + CONF + "JDBCURL";
+ private static final String ACHIVE_JDBC_DRIVER_CLASS_ =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "RevocationChecking/"
+ + CONF + "Archiving/"
+ + CONF + "Archive/"
+ + CONF + "DatabaseArchive/"
+ + CONF + "JDBCDriverClassName";
private static final String CREATE_TRANSFORMS_INFO_PROFILE_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "CreateTransformsInfoProfile";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "CreateTransformsInfoProfile";
private static final String CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH =
- ROOT + CONF + "SignatureCreation/"
- + CONF + "CreateSignatureEnvironmentProfile";
+ ROOT + CONF + "SignatureCreation/"
+ + CONF + "CreateSignatureEnvironmentProfile";
private static final String VERIFY_TRANSFORMS_INFO_PROFILE_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "VerifyTransformsInfoProfile";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "VerifyTransformsInfoProfile";
private static final String SUPPLEMENT_PROFILE_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "SupplementProfile";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "SupplementProfile";
private static final String PERMIT_FILE_URIS_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "PermitFileURIs";
-
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "PermitFileURIs";
+
private static final String CONNECTION_TIMEOUT_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "ConnectionTimeout";
-
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "ConnectionTimeout";
+
private static final String READ_TIMEOUT_XPATH_ =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "ReadTimeout";
-
- private static final String TSL_CONFIGURATION_XPATH =
- ROOT + CONF + "SignatureVerification/"
- + CONF + "CertificateValidation/"
- + CONF + "TSLConfiguration/";
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "ReadTimeout";
+
+ private static final String TSL_CONFIGURATION_XPATH =
+ ROOT + CONF + "SignatureVerification/"
+ + CONF + "CertificateValidation/"
+ + CONF + "TSLConfiguration/";
//
- // default values for configuration parameters
+ // default values for configuration parameters
//
/** The accepted canonicalization algorithm URIs, as an array */
private static final String[] ACCEPTED_C14N_ALGORITHMS_ARRAY =
- {
- Constants.C14N_URI,
- Constants.C14N_WITH_COMMENTS_URI,
- Constants.EXC_C14N_URI,
- Constants.EXC_C14N_WITH_COMMENTS_URI };
+ {
+ Constants.C14N_URI,
+ Constants.C14N_WITH_COMMENTS_URI,
+ Constants.EXC_C14N_URI,
+ Constants.EXC_C14N_WITH_COMMENTS_URI };
/** The accepted canonicalization algorithm URIs, as a Set */
private static final Set ACCEPTED_C14N_ALGORITHMS =
- new HashSet(Arrays.asList(ACCEPTED_C14N_ALGORITHMS_ARRAY));
+ new HashSet(Arrays.asList(ACCEPTED_C14N_ALGORITHMS_ARRAY));
/** Default canonicalization algorithm, if none/illegal has been configured */
private static final String C14N_ALGORITHM_DEFAULT = Constants.C14N_URI;
/** The accepted digest method algorithm URIs, as an array */
private static final String[] ACCEPTED_DIGEST_ALGORITHMS_ARRAY =
- { Constants.SHA1_URI,
- Constants.SHA256_URI,
- Constants.SHA384_URI,
- Constants.SHA512_URI};
+ { Constants.SHA1_URI,
+ Constants.SHA256_URI,
+ Constants.SHA384_URI,
+ Constants.SHA512_URI };
/** The accepted digest method algorithm URIs, as a Set */
private static final Set ACCEPTED_DIGEST_ALGORITHMS =
- new HashSet(Arrays.asList(ACCEPTED_DIGEST_ALGORITHMS_ARRAY));
-
-
- /** Default digest algorithm URI, if none/illegal has been configured (for XAdES 1.1.1) */
+ new HashSet(Arrays.asList(ACCEPTED_DIGEST_ALGORITHMS_ARRAY));
+
+ /**
+ * Default digest algorithm URI, if none/illegal has been configured (for XAdES
+ * 1.1.1)
+ */
private static final String DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 = Constants.SHA1_URI;
-
- /** Default digest algorithm URI, if none/illegal has been configured (for XAdES 1.4.2) */
+
+ /**
+ * Default digest algorithm URI, if none/illegal has been configured (for XAdES
+ * 1.4.2)
+ */
private static final String DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 = Constants.SHA256_URI;
-
+
/** The root element of the MOA configuration */
- private Element configElem;
-
+ private final Element configElem;
+
/**
* The directory containing the underlying configuration file.
*/
- private File configRoot_;
+ private final File configRoot_;
/** Whether any warnings were encountered building the configuration. */
- private List warnings = new ArrayList();
+ private final List warnings = new ArrayList();
/**
* Create a new ConfigurationPartsBuilder.
- *
+ *
* @param configElem The root element of the MOA configuration.
- *
+ *
* @param configRoot The directory containing the underlying configuration file.
*/
- public ConfigurationPartsBuilder(Element configElem, File configRoot)
- {
+ public ConfigurationPartsBuilder(Element configElem, File configRoot) {
this.configElem = configElem;
configRoot_ = configRoot;
}
/**
- * Returns the root element of the MOA configuration.
- *
+ * Returns the root element of the MOA configuration.
+ *
* @return The root element of the MOA configuration.
*/
public Element getConfigElem() {
return configElem;
}
-
- /**
+
+ /**
* Returns the directory containing the underlying configuration file.
- *
+ *
* @return the directory containing the underlying configuration file.
*/
- public File getConfigRoot()
- {
+ public File getConfigRoot() {
return configRoot_;
}
/**
* Returns the warnings encountered during building the configuration.
- *
- * @return A List of Strings, containing the
- * warning messages.
+ *
+ * @return A List of Strings, containing the warning
+ * messages.
*/
public List getWarnings() {
return warnings;
@@ -374,124 +374,114 @@ public class ConfigurationPartsBuilder {
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public String getDigestMethodAlgorithmName()
- {
+ public String getDigestMethodAlgorithmName() {
String digestMethod = getElementValue(getConfigElem(), DIGEST_METHOD_XPATH, null);
-
- if (digestMethod == null || !ACCEPTED_DIGEST_ALGORITHMS.contains(digestMethod))
- {
- String xadesVersion = this.getXAdESVersion();
- if (xadesVersion == null) {
- info(
- "config.23",
- new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 });
- digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1;
- }
- else {
- info(
- "config.23",
- new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 });
- digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2;
- }
-
-
+
+ if (digestMethod == null || !ACCEPTED_DIGEST_ALGORITHMS.contains(digestMethod)) {
+ final String xadesVersion = this.getXAdESVersion();
+ if (xadesVersion == null) {
+ info(
+ "config.23",
+ new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1 });
+ digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_1_1;
+ } else {
+ info(
+ "config.23",
+ new Object[] { "DigestMethodAlgorithm", DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2 });
+ digestMethod = DIGEST_ALGORITHM_DEFAULT_XADES_1_4_2;
+ }
+
}
return digestMethod;
}
-
+
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public String getXAdESVersion()
- {
- String xadesVersion = getElementValue(getConfigElem(), XADES_VERSION_XPATH, null);
-
+ public String getXAdESVersion() {
+ final String xadesVersion = getElementValue(getConfigElem(), XADES_VERSION_XPATH, null);
+
return xadesVersion;
}
-
+
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public String getPDFASConfiguration()
- {
- String pdfasConfiguration = getElementValue(getConfigElem(), PDFAS_CONFIGURATION_XPATH, null);
-
+ public String getPDFASConfiguration() {
+ final String pdfasConfiguration = getElementValue(getConfigElem(), PDFAS_CONFIGURATION_XPATH, null);
+
return pdfasConfiguration;
}
-
+
/**
* Returns the digest method algorithm name.
- *
+ *
* @return The digest method algorithm name from the configuration.
*/
- public int getConnectionTimeout()
- {
- String connectionTimeout = getElementValue(getConfigElem(), CONNECTION_TIMEOUT_XPATH_, "30");
+ public int getConnectionTimeout() {
+ final String connectionTimeout = getElementValue(getConfigElem(), CONNECTION_TIMEOUT_XPATH_, "30");
int defaultConnectionTimeout = 30;
-
- if(connectionTimeout != null) {
- try {
- defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
- } catch(NumberFormatException e) {
- Logger.warn("Configuration value " + CONNECTION_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
- }
+
+ if (connectionTimeout != null) {
+ try {
+ defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
+ } catch (final NumberFormatException e) {
+ Logger.warn("Configuration value " + CONNECTION_TIMEOUT_XPATH_
+ + " should be a number defaulting to 30");
+ }
}
-
- if(defaultConnectionTimeout < 0) {
- defaultConnectionTimeout = 30;
+
+ if (defaultConnectionTimeout < 0) {
+ defaultConnectionTimeout = 30;
}
-
+
return defaultConnectionTimeout * 1000;
}
-
- public int getReadTimeout()
- {
- String connectionTimeout = getElementValue(getConfigElem(), READ_TIMEOUT_XPATH_, "30");
+
+ public int getReadTimeout() {
+ final String connectionTimeout = getElementValue(getConfigElem(), READ_TIMEOUT_XPATH_, "30");
int defaultConnectionTimeout = 30;
-
- if(connectionTimeout != null) {
- try {
- defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
- } catch(NumberFormatException e) {
- Logger.warn("Configuration value " + READ_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
- }
+
+ if (connectionTimeout != null) {
+ try {
+ defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
+ } catch (final NumberFormatException e) {
+ Logger.warn("Configuration value " + READ_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
+ }
}
-
- if(defaultConnectionTimeout < 0) {
- defaultConnectionTimeout = 30;
+
+ if (defaultConnectionTimeout < 0) {
+ defaultConnectionTimeout = 30;
}
-
+
return defaultConnectionTimeout * 1000;
}
-
- public boolean getAdesFormResult()
- {
- String enableArchiving = getElementValue(getConfigElem(), FORMRESULT_CONFIGURATION_XPATH, null);
- return Boolean.valueOf(enableArchiving).booleanValue();
+
+ public boolean getAdesFormResult() {
+ final String enableArchiving = getElementValue(getConfigElem(), FORMRESULT_CONFIGURATION_XPATH, null);
+ return Boolean.valueOf(enableArchiving).booleanValue();
}
-
+
/**
* Returns the canonicalization algorithm name.
- *
+ *
* @return The canonicalization algorithm name from the configuration.
*/
- public String getCanonicalizationAlgorithmName()
- {
+ public String getCanonicalizationAlgorithmName() {
String c14nAlgorithm = getElementValue(getConfigElem(), C14N_ALGORITHM_XPATH, null);
- if (c14nAlgorithm == null || !ACCEPTED_C14N_ALGORITHMS.contains(c14nAlgorithm))
- {
+ if (c14nAlgorithm == null || !ACCEPTED_C14N_ALGORITHMS.contains(c14nAlgorithm)) {
info(
- "config.23",
- new Object[] { "CanonicalizationAlgorithm", C14N_ALGORITHM_DEFAULT });
+ "config.23",
+ new Object[] { "CanonicalizationAlgorithm", C14N_ALGORITHM_DEFAULT });
c14nAlgorithm = C14N_ALGORITHM_DEFAULT;
}
@@ -500,189 +490,172 @@ public class ConfigurationPartsBuilder {
/**
* Build the configured hardware crypto modules.
- *
+ *
* @return The hardware crypto modules from the configuration.
*/
- public List buildHardwareCryptoModules()
- {
- List modules = new ArrayList();
- NodeIterator modIter = XPathUtils.selectNodeIterator(
- getConfigElem(),
- HARDWARE_CRYPTO_MODULE_XPATH);
+ public List buildHardwareCryptoModules() {
+ final List modules = new ArrayList();
+ final NodeIterator modIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ HARDWARE_CRYPTO_MODULE_XPATH);
Element modElem;
while ((modElem = (Element) modIter.nextNode()) != null) {
- String name = getElementValue(modElem, CONF + "Name", null);
- String slotId = getElementValue(modElem, CONF + "SlotId", null);
- String userPIN = getElementValue(modElem, CONF + "UserPIN", null);
- HardwareCryptoModule module = new HardwareCryptoModule(name, slotId, userPIN);
+ final String name = getElementValue(modElem, CONF + "Name", null);
+ final String slotId = getElementValue(modElem, CONF + "SlotId", null);
+ final String userPIN = getElementValue(modElem, CONF + "UserPIN", null);
+ final HardwareCryptoModule module = new HardwareCryptoModule(name, slotId, userPIN);
modules.add(module);
}
return modules;
}
-
+
/**
- *
+ *
* @return
*/
public boolean allowExternalUris() {
- Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH);
-
- // if PermitExternalUris element does not exist - don't allow external uris
- if (permitExtUris == null) {
- // set permitExtUris for iaik-moa
- ExternalReferenceChecker.setPermitExternalURLs(false);
- return false;
- }
- else {
- // set permitExtUris for iaik-moa
- ExternalReferenceChecker.setPermitExternalURLs(true);
- return true;
- }
+ final Element permitExtUris = (Element) XPathUtils.selectSingleNode(getConfigElem(),
+ PERMIT_EXTERNAL_URIS_XPATH);
+
+ // if PermitExternalUris element does not exist - don't allow external uris
+ if (permitExtUris == null) {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(false);
+ return false;
+ } else {
+ // set permitExtUris for iaik-moa
+ ExternalReferenceChecker.setPermitExternalURLs(true);
+ return true;
+ }
}
-
-
+
/**
- *
+ *
* @return
*/
public List buildPermitExternalUris() {
-
- info("config.33", null);
-
- List blacklist = new ArrayList();
- List blackListIaikMoa = new ArrayList();
-
- NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
- getConfigElem(),
- BLACK_LIST_URIS_XPATH);
-
- Element permitExtElem = null;
- while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) {
- String host = getElementValue(permitExtElem, CONF + "IP", null);
- String port = getElementValue(permitExtElem, CONF + "Port", null);
-
- BlackListEntry entry =null;
- if (port == null) {
- entry = new BlackListEntry(host, -1);
- info("config.34", new Object[]{host});
- }
- else {
- entry = new BlackListEntry(host, new Integer(port).intValue());
- info("config.34", new Object[]{host + ":" + port});
- }
-
- // add entry to iaik-moa blacklist
- blackListIaikMoa.add(entry);
-
-
- String array[] = new String[2];
- array[0] = host;
- array[1] = port;
- blacklist.add(array);
-
- }
-
-
- // set blacklist for iaik-moa
- ExternalReferenceChecker.setBlacklist(blackListIaikMoa);
-
-
- if(blacklist.isEmpty()) // no blacklisted uris given
- info("config.36", null);
-
-
- return blacklist;
+
+ info("config.33", null);
+
+ final List blacklist = new ArrayList();
+ final List blackListIaikMoa = new ArrayList();
+
+ final NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ BLACK_LIST_URIS_XPATH);
+
+ Element permitExtElem = null;
+ while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) {
+ final String host = getElementValue(permitExtElem, CONF + "IP", null);
+ final String port = getElementValue(permitExtElem, CONF + "Port", null);
+
+ BlackListEntry entry = null;
+ if (port == null) {
+ entry = new BlackListEntry(host, -1);
+ info("config.34", new Object[] { host });
+ } else {
+ entry = new BlackListEntry(host, new Integer(port).intValue());
+ info("config.34", new Object[] { host + ":" + port });
+ }
+
+ // add entry to iaik-moa blacklist
+ blackListIaikMoa.add(entry);
+
+ final String array[] = new String[2];
+ array[0] = host;
+ array[1] = port;
+ blacklist.add(array);
+
+ }
+
+ // set blacklist for iaik-moa
+ ExternalReferenceChecker.setBlacklist(blackListIaikMoa);
+
+ if (blacklist.isEmpty()) {
+ info("config.36", null);
+ }
+
+ return blacklist;
}
-
+
/**
- *
+ *
* @return
*/
public List buildForbidExternalUris() {
-
- //info("config.47", null);
-
- List whitelist = new ArrayList();
- List whiteListIaikMoa = new ArrayList();
-
- NodeIterator forbidExtIter = XPathUtils.selectNodeIterator(
- getConfigElem(),
- WHITE_LIST_URIS_XPATH);
-
- Element permitExtElem = null;
- while ((permitExtElem = (Element) forbidExtIter.nextNode()) != null) {
- String host = getElementValue(permitExtElem, CONF + "IP", null);
- String port = getElementValue(permitExtElem, CONF + "Port", null);
-
- // WhiteListeEntry
- WhiteListEntry entry =null;
- if (port == null) {
- entry = new WhiteListEntry(host, -1);
- info("config.49", new Object[]{host});
+
+ // info("config.47", null);
+
+ final List whitelist = new ArrayList();
+ final List whiteListIaikMoa = new ArrayList();
+
+ final NodeIterator forbidExtIter = XPathUtils.selectNodeIterator(
+ getConfigElem(),
+ WHITE_LIST_URIS_XPATH);
+
+ Element permitExtElem = null;
+ while ((permitExtElem = (Element) forbidExtIter.nextNode()) != null) {
+ final String host = getElementValue(permitExtElem, CONF + "IP", null);
+ final String port = getElementValue(permitExtElem, CONF + "Port", null);
+
+ // WhiteListeEntry
+ WhiteListEntry entry = null;
+ if (port == null) {
+ entry = new WhiteListEntry(host, -1);
+ info("config.49", new Object[] { host });
+ } else {
+ entry = new WhiteListEntry(host, new Integer(port).intValue());
+ info("config.49", new Object[] { host + ":" + port });
}
- else {
- entry = new WhiteListEntry(host, new Integer(port).intValue());
- info("config.49", new Object[]{host + ":" + port});
- }
-
- // add entry to iaik-moa whitelist
- whiteListIaikMoa.add(entry);
-
-
- String array[] = new String[2];
- array[0] = host;
- array[1] = port;
- whitelist.add(array);
-
- }
-
-
- // set whitelist for iaik-moa
- ExternalReferenceChecker.setWhitelist(whiteListIaikMoa);
-
-
- if(whitelist.isEmpty()) // no whitelisted uris given
- info("config.48", null);
-
-
- return whitelist;
+
+ // add entry to iaik-moa whitelist
+ whiteListIaikMoa.add(entry);
+
+ final String array[] = new String[2];
+ array[0] = host;
+ array[1] = port;
+ whitelist.add(array);
+
+ }
+
+ // set whitelist for iaik-moa
+ ExternalReferenceChecker.setWhitelist(whiteListIaikMoa);
+
+ if (whitelist.isEmpty()) {
+ info("config.48", null);
+ }
+
+ return whitelist;
}
-
-
/**
- * Build the configured hardware keys.
- *
- * @param keyModules The keyModules that the configuration already knows about. To
- * prevent multiple key modules with the same ID.
+ * Build the configured hardware keys.
+ *
+ * @param keyModules The keyModules that the configuration already knows about.
+ * To prevent multiple key modules with the same ID.
* @return The hardware keys contained in the configuration.
*/
- public List buildHardwareKeyModules(List keyModules)
- {
- Set existingIds = toIdSet(keyModules);
- List hardwareKeys = new ArrayList();
- NodeIterator hkIter =
- XPathUtils.selectNodeIterator(getConfigElem(), HARDWARE_KEY_XPATH);
+ public List buildHardwareKeyModules(List keyModules) {
+ final Set existingIds = toIdSet(keyModules);
+ final List hardwareKeys = new ArrayList();
+ final NodeIterator hkIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), HARDWARE_KEY_XPATH);
Element keyElem;
- while ((keyElem = (Element) hkIter.nextNode()) != null)
- {
- String id = getElementValue(keyElem, CONF + "Id", null);
- String name = getElementValue(keyElem, CONF + "Name", null);
- String slotId = getElementValue(keyElem, CONF + "SlotId", null);
- String userPIN = getElementValue(keyElem, CONF + "UserPIN", null);
+ while ((keyElem = (Element) hkIter.nextNode()) != null) {
+ final String id = getElementValue(keyElem, CONF + "Id", null);
+ final String name = getElementValue(keyElem, CONF + "Name", null);
+ final String slotId = getElementValue(keyElem, CONF + "SlotId", null);
+ final String userPIN = getElementValue(keyElem, CONF + "UserPIN", null);
- if (existingIds.contains(id))
- {
+ if (existingIds.contains(id)) {
warn(
- "config.04",
- new Object[] { "Hardware- oder SoftwareKeyModule", id });
- }
- else
- {
- KeyModule key = new HardwareKeyModule(id, name, slotId, userPIN);
+ "config.04",
+ new Object[] { "Hardware- oder SoftwareKeyModule", id });
+ } else {
+ final KeyModule key = new HardwareKeyModule(id, name, slotId, userPIN);
hardwareKeys.add(key);
existingIds.add(id);
}
@@ -694,34 +667,29 @@ public class ConfigurationPartsBuilder {
/**
* Build the configured software keys.
- *
- * @param keyModules The keyModules that the configuration already knows about. To
- * prevent multiple key modules with the same ID.
+ *
+ * @param keyModules The keyModules that the configuration already knows about.
+ * To prevent multiple key modules with the same ID.
*
* @return The software keys contained in the configuration.
*/
- public List buildSoftwareKeyModules(List keyModules)
- {
- Set existingIds = toIdSet(keyModules);
- List softwareKeys = new ArrayList();
- NodeIterator skIter =
- XPathUtils.selectNodeIterator(getConfigElem(), SOFTWARE_KEY_XPATH);
+ public List buildSoftwareKeyModules(List keyModules) {
+ final Set existingIds = toIdSet(keyModules);
+ final List softwareKeys = new ArrayList();
+ final NodeIterator skIter =
+ XPathUtils.selectNodeIterator(getConfigElem(), SOFTWARE_KEY_XPATH);
Element keyElem;
- while ((keyElem = (Element) skIter.nextNode()) != null)
- {
- String id = getElementValue(keyElem, CONF + "Id", null);
- String fileName = getElementValue(keyElem, CONF + "FileName", null);
- String passWord = getElementValue(keyElem, CONF + "Password", null);
+ while ((keyElem = (Element) skIter.nextNode()) != null) {
+ final String id = getElementValue(keyElem, CONF + "Id", null);
+ final String fileName = getElementValue(keyElem, CONF + "FileName", null);
+ final String passWord = getElementValue(keyElem, CONF + "Password", null);
- if (existingIds.contains(id))
- {
+ if (existingIds.contains(id)) {
warn(
- "config.04",
- new Object[] { "Hardware- oder SoftwareKeyModule", id });
- }
- else
- {
+ "config.04",
+ new Object[] { "Hardware- oder SoftwareKeyModule", id });
+ } else {
File keyFile;
KeyModule key;
@@ -733,7 +701,7 @@ public class ConfigurationPartsBuilder {
// check for existence
if (!keyFile.exists() || keyFile.isDirectory()) {
- warn("config.25", new Object[] { id, keyFile.getAbsolutePath()});
+ warn("config.25", new Object[] { id, keyFile.getAbsolutePath() });
} else {
// create a new key module
key = new SoftwareKeyModule(id, keyFile.getAbsolutePath(), passWord);
@@ -748,39 +716,36 @@ public class ConfigurationPartsBuilder {
/**
* Build the key group configuration.
- *
- * @param keyModules The KeyModules that the configuration
- * knows about. Used to check for errors in the configuration.
+ *
+ * @param keyModules The KeyModules that the configuration knows
+ * about. Used to check for errors in the configuration.
* @return The mapping between key group IDs and key groups.
*/
- public Map buildKeyGroups(List keyModules)
- {
- Set keyModuleIds = toIdSet(keyModules);
- Map keyGroups = new HashMap();
+ public Map buildKeyGroups(List keyModules) {
+ final Set keyModuleIds = toIdSet(keyModules);
+ final Map keyGroups = new HashMap();
NodeIterator kgIter;
Element keyGroupElem;
// select all KeyGroup elements and build the KeyGroup objects from them
kgIter = XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_XPATH);
- while ((keyGroupElem = (Element) kgIter.nextNode()) != null)
- {
+ while ((keyGroupElem = (Element) kgIter.nextNode()) != null) {
String keyGroupId = getElementValue(keyGroupElem, CONF + "Id", null);
- //switch all keyGroupIds to lower case, only
- if (MiscUtil.isNotEmpty(keyGroupId))
- keyGroupId = keyGroupId.trim().toLowerCase();
-
- String keyGroupDigestMethodAlgorithm = getElementValue(keyGroupElem, CONF + "DigestMethodAlgorithm", null);
- Set keyGroupEntries =
- buildKeyGroupEntries(keyGroupId, keyModuleIds, keyGroupElem);
- KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries, keyGroupDigestMethodAlgorithm);
+ // switch all keyGroupIds to lower case, only
+ if (MiscUtil.isNotEmpty(keyGroupId)) {
+ keyGroupId = keyGroupId.trim().toLowerCase();
+ }
- if (keyGroups.containsKey(keyGroupId))
- {
+ final String keyGroupDigestMethodAlgorithm = getElementValue(keyGroupElem, CONF
+ + "DigestMethodAlgorithm", null);
+ final Set keyGroupEntries =
+ buildKeyGroupEntries(keyGroupId, keyModuleIds, keyGroupElem);
+ final KeyGroup keyGroup = new KeyGroup(keyGroupId, keyGroupEntries, keyGroupDigestMethodAlgorithm);
+
+ if (keyGroups.containsKey(keyGroupId)) {
warn("config.04", new Object[] { "KeyGroup", keyGroupId });
- }
- else
- {
+ } else {
keyGroups.put(keyGroup.getId(), keyGroup);
}
}
@@ -790,17 +755,16 @@ public class ConfigurationPartsBuilder {
/**
* Return the set of IDs contained in the given KeyModules.
- *
- * @param keyModules The KeyModules from which to extract the
- * IDs.
+ *
+ * @param keyModules The KeyModules from which to extract the IDs.
* @return The IDs from the given KeyModules.
*/
private Set toIdSet(List keyModules) {
- Set ids = new HashSet();
+ final Set ids = new HashSet();
Iterator iter;
for (iter = keyModules.iterator(); iter.hasNext();) {
- KeyModule keyModule = (KeyModule) iter.next();
+ final KeyModule keyModule = (KeyModule) iter.next();
ids.add(keyModule.getId());
}
@@ -809,35 +773,36 @@ public class ConfigurationPartsBuilder {
/**
* Build the key entries belonging to a key group.
- *
- * @param keyGroupId The ID of the key group we are building here. Passed
- * for logging purposes.
+ *
+ * @param keyGroupId The ID of the key group we are building here. Passed for
+ * logging purposes.
* @param keyModuleIds The IDs of the HardwareKeyModules and
- * SoftwareKeyModules that exist in the configuration.
+ * SoftwareKeyModules that exist in the
+ * configuration.
* @param keyGroupElem The KeyGroup DOM element to parse.
* @return A Set of KeyGroupEntry objects.
*/
private Set buildKeyGroupEntries(
- String keyGroupId,
- Set keyModuleIds,
- Element keyGroupElem) {
+ String keyGroupId,
+ Set keyModuleIds,
+ Element keyGroupElem) {
- Set entries = new HashSet();
+ final Set entries = new HashSet();
NodeIterator keyEntryIter;
Element keyEntryElem;
// select all Key elements and put them into the Map
keyEntryIter = XPathUtils.selectNodeIterator(keyGroupElem, CONF + "Key");
- while ((keyEntryElem = (Element) keyEntryIter.nextNode()) != null)
- {
- String keyModuleId = getElementValue(keyEntryElem, CONF + "KeyModuleId", "");
- Element keyCertElem = (Element) XPathUtils.selectSingleNode(keyEntryElem, CONF + "KeyCertIssuerSerial");
- IssuerAndSerial issuerSerial = buildIssuerAndSerial(keyCertElem);
+ while ((keyEntryElem = (Element) keyEntryIter.nextNode()) != null) {
+ final String keyModuleId = getElementValue(keyEntryElem, CONF + "KeyModuleId", "");
+ final Element keyCertElem = (Element) XPathUtils.selectSingleNode(keyEntryElem, CONF
+ + "KeyCertIssuerSerial");
+ final IssuerAndSerial issuerSerial = buildIssuerAndSerial(keyCertElem);
if (!keyModuleIds.contains(keyModuleId)) {
warn("config.26", new Object[] { keyGroupId, keyModuleId });
} else if (issuerSerial != null) {
- KeyGroupEntry entry = new KeyGroupEntry(keyModuleId, issuerSerial);
+ final KeyGroupEntry entry = new KeyGroupEntry(keyModuleId, issuerSerial);
entries.add(entry);
}
}
@@ -846,34 +811,31 @@ public class ConfigurationPartsBuilder {
/**
* Build the key group mapping.
- *
+ *
* @param keyGroups The available key groups.
* @param anonymous The IssuerAndSerial to be used for key group
- * mappings not protected by a certificate.
+ * mappings not protected by a certificate.
* @return The key group mapping.
*/
public Map buildKeyGroupMappings(Map keyGroups, IssuerAndSerial anonymous) {
- Map mappings = new HashMap();
+ final Map mappings = new HashMap();
NodeIterator mappingIter;
Element mappingElem;
// select all KeyGroupMapping elements
mappingIter =
- XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_MAPPING_XPATH);
+ XPathUtils.selectNodeIterator(getConfigElem(), KEYGROUP_MAPPING_XPATH);
// build the mapping for each KeyGroupMapping element
- while ((mappingElem = (Element) mappingIter.nextNode()) != null)
- {
- Element issuerSerialElem = (Element) XPathUtils.selectSingleNode(mappingElem, CONF + "CustomerId");
+ while ((mappingElem = (Element) mappingIter.nextNode()) != null) {
+ final Element issuerSerialElem = (Element) XPathUtils.selectSingleNode(mappingElem, CONF
+ + "CustomerId");
// build the IssuerAndSerial who has access to the key groups
IssuerAndSerial issuerAndSerial;
- if (issuerSerialElem != null)
- {
+ if (issuerSerialElem != null) {
issuerAndSerial = buildIssuerAndSerial(issuerSerialElem);
- }
- else
- {
+ } else {
// IssuerSerial element: the keygroup is generally available
issuerAndSerial = anonymous;
}
@@ -884,8 +846,7 @@ public class ConfigurationPartsBuilder {
NodeIterator keyGroupIter;
Element keyGroupElem;
- if (groups == null)
- {
+ if (groups == null) {
// no mapping exist -> build one
groups = new HashMap();
mappings.put(issuerAndSerial, groups);
@@ -893,16 +854,13 @@ public class ConfigurationPartsBuilder {
// select the available key groups and add them to the mapping
keyGroupIter = XPathUtils.selectNodeIterator(mappingElem, CONF + "KeyGroupId");
- while ((keyGroupElem = (Element) keyGroupIter.nextNode()) != null)
- {
- String keyGroupId = getElementValue(keyGroupElem, ".", null);
- KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
-
- if (keyGroup != null)
- {
+ while ((keyGroupElem = (Element) keyGroupIter.nextNode()) != null) {
+ final String keyGroupId = getElementValue(keyGroupElem, ".", null);
+ final KeyGroup keyGroup = (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
+
+ if (keyGroup != null) {
groups.put(keyGroupId, keyGroup);
- } else
- {
+ } else {
warn("config.00", new Object[] { keyGroupId });
}
}
@@ -914,15 +872,14 @@ public class ConfigurationPartsBuilder {
/**
* Returns the default chaining mode from the configuration.
- *
+ *
* @return The default chaining mode.
*/
- public String getDefaultChainingMode()
- {
- String defaultChaining = getElementValue(
- getConfigElem(),
- CHAINING_MODES_DEFAULT_XPATH,
- CM_PKIX);
+ public String getDefaultChainingMode() {
+ final String defaultChaining = getElementValue(
+ getConfigElem(),
+ CHAINING_MODES_DEFAULT_XPATH,
+ CM_PKIX);
return translateChainingMode(defaultChaining);
@@ -930,23 +887,20 @@ public class ConfigurationPartsBuilder {
/**
* Build the chaining modes for all configured trust anchors.
- *
+ *
* @return The mapping from trust anchors to chaining modes.
*/
- public Map buildChainingModes()
- {
- Map chainingModes = new HashMap();
- NodeIterator trustIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
+ public Map buildChainingModes() {
+ final Map chainingModes = new HashMap();
+ final NodeIterator trustIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
Element trustAnchorElem;
- while ((trustAnchorElem = (Element) trustIter.nextNode()) != null)
- {
- IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(
- (Element)XPathUtils.selectSingleNode(trustAnchorElem, CONF + "Identification"));
- String mode = getElementValue(trustAnchorElem, CONF + "Mode", null);
+ while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) {
+ final IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(
+ (Element) XPathUtils.selectSingleNode(trustAnchorElem, CONF + "Identification"));
+ final String mode = getElementValue(trustAnchorElem, CONF + "Mode", null);
- if (issuerAndSerial != null)
- {
+ if (issuerAndSerial != null) {
chainingModes.put(issuerAndSerial, translateChainingMode(mode));
}
}
@@ -956,26 +910,26 @@ public class ConfigurationPartsBuilder {
/**
* Build an IssuerAndSerial from the DOM representation.
- *
+ *
* @param root The root element (being of type dsig:
* X509IssuerSerialType.
* @return The issuer and serial number contained in the root
- * element or null if could not be built for any reason.
+ * element or null if could not be built for any reason.
*/
private IssuerAndSerial buildIssuerAndSerial(Element root) {
- String issuer = getElementValue(root, ISSUER_XPATH, null);
- String serial = getElementValue(root, SERIAL_XPATH, null);
+ final String issuer = getElementValue(root, ISSUER_XPATH, null);
+ final String serial = getElementValue(root, SERIAL_XPATH, null);
if (issuer != null && serial != null) {
try {
- RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
- Principal issuerDN = nameParser.parse();
+ final RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
+ final Principal issuerDN = nameParser.parse();
return new IssuerAndSerial(issuerDN, new BigInteger(serial));
- } catch (RFC2253NameParserException e) {
+ } catch (final RFC2253NameParserException e) {
warn("config.16", new Object[] { issuer, serial }, e);
return null;
- } catch (NumberFormatException e) {
+ } catch (final NumberFormatException e) {
warn("config.16", new Object[] { issuer, serial }, e);
return null;
}
@@ -986,10 +940,10 @@ public class ConfigurationPartsBuilder {
/**
* Translate the chaining mode from the configuration file to one used in the
* IAIK MOA API.
- *
+ *
* @param chainingMode The chaining mode from the configuration.
* @return The chaining mode as provided by the ChainingModes
- * interface.
+ * interface.
* @see iaik.pki.pathvalidation.ChainingModes
*/
private String translateChainingMode(String chainingMode) {
@@ -1004,55 +958,50 @@ public class ConfigurationPartsBuilder {
/**
* Build the distribution points mapping.
- *
+ *
* @return The mapping from certificate authorities to distribution points.
*/
- public Map buildDistributionPoints()
- {
- Map dPs = new HashMap();
+ public Map buildDistributionPoints() {
+ final Map dPs = new HashMap();
NodeIterator dPIter;
Element dPElem;
- // select all DistributionPoint elements
+ // select all DistributionPoint elements
dPIter = XPathUtils.selectNodeIterator(getConfigElem(), DISTRIBUTION_POINTS_XPATH);
- // build the mapping of CA name to distribution points
+ // build the mapping of CA name to distribution points
while ((dPElem = (Element) dPIter.nextNode()) != null) {
- String caIssuerDNText = getElementValue(dPElem, CONF + "CAIssuerDN", "");
- RFC2253NameParser nameParser = new RFC2253NameParser(caIssuerDNText);
- NodeIterator cRLDPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "CRLDP");
- NodeIterator oCSPDPPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "OCSPDP");
+ final String caIssuerDNText = getElementValue(dPElem, CONF + "CAIssuerDN", "");
+ final RFC2253NameParser nameParser = new RFC2253NameParser(caIssuerDNText);
+ final NodeIterator cRLDPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "CRLDP");
+ final NodeIterator oCSPDPPIter = XPathUtils.selectNodeIterator(dPElem, CONF + "OCSPDP");
- try
- {
- String caIssuerDN = nameParser.parse().getName();
+ try {
+ final String caIssuerDN = nameParser.parse().getName();
- // check, if a mapping exists or make a new mapping
+ // check, if a mapping exists or make a new mapping
Set dPsForCA = (Set) dPs.get(caIssuerDN);
- if (dPsForCA == null)
- {
+ if (dPsForCA == null) {
dPsForCA = new HashSet();
dPs.put(caIssuerDN, dPsForCA);
}
// add the CRL distribution points of this CA to the set
Element cRLDPElem;
- while ((cRLDPElem = (Element) cRLDPIter.nextNode()) != null)
- {
- CRLDistributionPoint cRLDP = (CRLDistributionPoint) buildDistributionPoint(cRLDPElem, caIssuerDN);
+ while ((cRLDPElem = (Element) cRLDPIter.nextNode()) != null) {
+ final CRLDistributionPoint cRLDP = (CRLDistributionPoint) buildDistributionPoint(cRLDPElem,
+ caIssuerDN);
dPsForCA.add(cRLDP);
}
// add the OCSP distribution points of this CA to the set
Element oCSPPElem;
- while ((oCSPPElem = (Element) oCSPDPPIter.nextNode()) != null)
- {
- OCSPDistributionPoint oCSPDP = (OCSPDistributionPoint) buildDistributionPoint(oCSPPElem, null);
+ while ((oCSPPElem = (Element) oCSPDPPIter.nextNode()) != null) {
+ final OCSPDistributionPoint oCSPDP = (OCSPDistributionPoint) buildDistributionPoint(oCSPPElem,
+ null);
dPsForCA.add(oCSPDP);
}
-}
- catch (RFC2253NameParserException e)
- {
+ } catch (final RFC2253NameParserException e) {
warn("config.13", new Object[] { caIssuerDNText }, e);
}
@@ -1063,143 +1012,126 @@ public class ConfigurationPartsBuilder {
/**
* Build a distribution point from the DOM representation.
- *
- * @param dpElem The root element of the distribution point.
- *
- * @param issuerName The name of the CA issuing the CRL referred to by this DP, or null
- * if this DP refers to an OCSP responder.
- *
+ *
+ * @param dpElem The root element of the distribution point.
+ *
+ * @param issuerName The name of the CA issuing the CRL referred to by this DP,
+ * or null if this DP refers to an OCSP
+ * responder.
+ *
* @return The distribution point.
*/
- private DistributionPoint buildDistributionPoint(Element dpElem, String issuerName)
- {
- String uri = getElementValue(dpElem, CONF + "Location", null);
-
- if ("CRLDP".equals(dpElem.getLocalName()))
- {
- NodeIterator reasonCodesIter = XPathUtils.selectNodeIterator(dpElem, CONF + "ReasonCode");
+ private DistributionPoint buildDistributionPoint(Element dpElem, String issuerName) {
+ final String uri = getElementValue(dpElem, CONF + "Location", null);
+
+ if ("CRLDP".equals(dpElem.getLocalName())) {
+ final NodeIterator reasonCodesIter = XPathUtils.selectNodeIterator(dpElem, CONF + "ReasonCode");
Element reasonCodeElem;
- StringBuffer reasonCodesSB = new StringBuffer();
- while ((reasonCodeElem = (Element)reasonCodesIter.nextNode()) != null)
- {
- if (reasonCodesSB.length() > 0) reasonCodesSB.append(" ");
+ final StringBuffer reasonCodesSB = new StringBuffer();
+ while ((reasonCodeElem = (Element) reasonCodesIter.nextNode()) != null) {
+ if (reasonCodesSB.length() > 0) {
+ reasonCodesSB.append(" ");
+ }
reasonCodesSB.append(getElementValue(reasonCodeElem, ".", "").trim());
}
return new CRLDistributionPoint(issuerName, uri, reasonCodesSB.toString());
- }
- else
- {
+ } else {
return new OCSPDistributionPoint(uri);
}
}
/**
* Return the CRL archive duration.
- *
- * @return The value of the CRL archive duration setting from the configuration, or 0 if
- * no value is set in the configuration.
+ *
+ * @return The value of the CRL archive duration setting from the configuration,
+ * or 0 if no value is set in the configuration.
*/
- public int getRevocationArchiveDuration()
- {
- String archiveDuration = getElementValue(getConfigElem(), CRL_ARCHIVE_DURATION_XPATH, null);
- try
- {
+ public int getRevocationArchiveDuration() {
+ final String archiveDuration = getElementValue(getConfigElem(), CRL_ARCHIVE_DURATION_XPATH, null);
+ try {
return Integer.parseInt(archiveDuration);
- }
- catch (NumberFormatException e)
- {
+ } catch (final NumberFormatException e) {
warn("config.01", null);
return 365;
}
}
/**
- * Build the CreateTransformsInfoProfiles.
- *
+ * Build the CreateTransformsInfoProfiles.
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildCreateTransformsInfoProfiles()
- {
+ public Map buildCreateTransformsInfoProfiles() {
return loadProfiles(CREATE_TRANSFORMS_INFO_PROFILE_XPATH, "CreateTransformsInfoProfile");
}
/**
* Build the CreateSignatureEnvironmentProfiles.
- *
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildCreateSignatureEnvironmentProfiles()
- {
+ public Map buildCreateSignatureEnvironmentProfiles() {
return loadProfiles(CREATE_SIGNATURE_ENVIRONMENT_PROFILE_XPATH, "CreateSignatureEnvironmentProfile");
}
/**
* Build the VerifyTransformsInfoProfiles.
- *
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildVerifyTransformsInfoProfiles()
- {
+ public Map buildVerifyTransformsInfoProfiles() {
return loadProfiles(VERIFY_TRANSFORMS_INFO_PROFILE_XPATH, "VerifyTransformsInfoProfile");
}
/**
* Build the SupplementProfiles.
- *
+ *
* @return The mapping from profile ID to profile.
*/
- public Map buildSupplementProfiles()
- {
+ public Map buildSupplementProfiles() {
return loadProfiles(SUPPLEMENT_PROFILE_XPATH, "SupplementProfile");
}
/**
* Load a profile mapping.
- *
- * @param xpath The XPath to select the profiles from the configuration.
- *
+ *
+ * @param xpath The XPath to select the profiles from the configuration.
+ *
* @param profileRoot The name of the profile root element.
- *
+ *
* @return Map The profile ID to profile mapping.
*/
- private Map loadProfiles(String xpath, String profileRoot)
- {
- Map profiles = new HashMap();
- NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), xpath);
+ private Map loadProfiles(String xpath, String profileRoot) {
+ final Map profiles = new HashMap();
+ final NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), xpath);
Element profileElem;
- while ((profileElem = (Element) profileIter.nextNode()) != null)
- {
- String id = getElementValue(profileElem, CONF + "Id", null);
- String fileName = getElementValue(profileElem, CONF + "Location", null);
+ while ((profileElem = (Element) profileIter.nextNode()) != null) {
+ final String id = getElementValue(profileElem, CONF + "Id", null);
+ final String fileName = getElementValue(profileElem, CONF + "Location", null);
- if (profiles.containsKey(id))
- {
+ if (profiles.containsKey(id)) {
warn("config.04", new Object[] { profileRoot, id });
- }
- else
- {
- try
- {
+ } else {
+ try {
File profileFile = new File(fileName);
// make profileFile absolute
- if (!profileFile.isAbsolute()) profileFile = new File(configRoot_, fileName);
+ if (!profileFile.isAbsolute()) {
+ profileFile = new File(configRoot_, fileName);
+ }
// load the profile
- info("config.22", new Object[] { profileRoot, id, profileFile.getAbsoluteFile()});
- Element profile = loadProfile(profileFile);
+ info("config.22", new Object[] { profileRoot, id, profileFile.getAbsoluteFile() });
+ final Element profile = loadProfile(profileFile);
- if (Constants.MOA_NS_URI.equals(profile.getNamespaceURI()) &&
- profile.getLocalName().equals(profileRoot))
- {
+ if (Constants.MOA_NS_URI.equals(profile.getNamespaceURI()) &&
+ profile.getLocalName().equals(profileRoot)) {
profiles.put(id, profile);
- }
- else
- {
+ } else {
warn("config.02", new Object[] { profileRoot, id, fileName });
}
- } catch (ConfigurationException e) {
+ } catch (final ConfigurationException e) {
warn("config.03", new Object[] { profileRoot, id });
}
}
@@ -1210,8 +1142,9 @@ public class ConfigurationPartsBuilder {
/**
* Load a profile from a file.
- *
- * @param root The absolute directory path of the main configuration file.
+ *
+ * @param root The absolute directory path of the main configuration
+ * file.
* @param profileFile The file containing the profile.
* @return The profile in its DOM representation.
* @throws ConfigurationException An error occurred loading the profile.
@@ -1222,7 +1155,7 @@ public class ConfigurationPartsBuilder {
try {
profile = parseXml(new FileInputStream(profileFile));
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new ConfigurationException("config.12", null, e);
}
@@ -1231,146 +1164,136 @@ public class ConfigurationPartsBuilder {
/**
* Build the trust profile mapping.
- *
+ *
* @return The profile ID to profile mapping.
*/
-
- public Map buildTrustProfiles()
- {
- Map trustProfiles = new HashMap();
- NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
+
+ public Map buildTrustProfiles() {
+ final Map trustProfiles = new HashMap();
+ final NodeIterator profileIter = XPathUtils.selectNodeIterator(getConfigElem(), TRUST_PROFILE_XPATH);
Element profileElem;
- while ((profileElem = (Element) profileIter.nextNode()) != null) {
- //load basic TrustProfile information
-
- //check TrustProfileId
- String id = getElementValue(profileElem, CONF + "Id", null);
- if (MiscUtil.isEmpty(id)) {
- warn("config.52", new Object[]{"Id des TrustProfiles ist leer."});
- continue;
-
- }
- //cast profileId to lowercase (changed in 3.0.1)
- id = id.trim().toLowerCase();
- if (trustProfiles.containsKey(id)) {
- warn("config.04", new Object[] { "TrustProfile", id });
+ while ((profileElem = (Element) profileIter.nextNode()) != null) {
+ // load basic TrustProfile information
+
+ // check TrustProfileId
+ String id = getElementValue(profileElem, CONF + "Id", null);
+ if (MiscUtil.isEmpty(id)) {
+ warn("config.52", new Object[] { "Id des TrustProfiles ist leer." });
+ continue;
+
+ }
+ // cast profileId to lowercase (changed in 3.0.1)
+ id = id.trim().toLowerCase();
+ if (trustProfiles.containsKey(id)) {
+ warn("config.04", new Object[] { "TrustProfile", id });
+ continue;
+ }
+
+ // check location of TrustAnchor directory
+ final String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
+ URI trustAnchorsLocURI = null;
+ try {
+ trustAnchorsLocURI = new URI(trustAnchorsLocStr);
+ if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file
+ trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr);
+ }
+ } catch (final URIException e) {
+ warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e);
+ continue;
+ } catch (final MalformedURLException e) {
+ warn("config.15", new Object[] { id }, e);
+ continue;
+ }
+ final File profileDir = new File(trustAnchorsLocURI.getPath());
+ if (!profileDir.exists() || !profileDir.isDirectory()) {
+ warn("config.27", new Object[] { "uri", id });
+ continue;
+ }
+
+ // check signerCertsLocation URL
+ String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
+ URI signerCertsLocURI = null;
+ if (signerCertsLocStr != null && !"".equals(signerCertsLocStr)) {
+ try {
+ signerCertsLocURI = new URI(signerCertsLocStr);
+ if (!signerCertsLocURI.isAbsolute()) {
+ signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr);
+ }
+
+ final File signerCertsDir = new File(signerCertsLocURI.getPath());
+ if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) {
+ warn("config.27", new Object[] { "signerCertsUri", id });
continue;
- }
-
- //check location of TrustAnchor directory
- String trustAnchorsLocStr = getElementValue(profileElem, CONF + "TrustAnchorsLocation", null);
- URI trustAnchorsLocURI = null;
- try
- {
- trustAnchorsLocURI = new URI(trustAnchorsLocStr);
- if (!trustAnchorsLocURI.isAbsolute()) { // make it absolute to the config file
- trustAnchorsLocURI = new URI(configRoot_.toURL() + trustAnchorsLocStr);
}
- }
- catch (URIException e) {
- warn("config.14", new Object[] { "uri", id, trustAnchorsLocStr }, e);
- continue;
- }
- catch (MalformedURLException e)
- {
- warn("config.15", new Object[] {id}, e);
+ } catch (final URIException e) {
+ warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e);
continue;
- }
- File profileDir = new File(trustAnchorsLocURI.getPath());
- if (!profileDir.exists() || !profileDir.isDirectory()) {
- warn("config.27", new Object[] { "uri", id });
+ } catch (final MalformedURLException e) {
+ warn("config.15", new Object[] { id }, e);
continue;
}
+ }
+ signerCertsLocStr = signerCertsLocURI != null ? signerCertsLocURI.toString() : null;
+
+ // check if TSL support is enabled
+ final Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL");
+ boolean tslEnabled = false;
+ if (eutslElem != null) {
+ tslEnabled = true;
+ }
+
+ // load TSL configuration
+ final String countries = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "CountrySelection",
+ null);
+ final String allowedTspStatus = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF
+ + "AllowedTSPStatus", null);
+ final String allowedTspServiceTypes = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF
+ + "AllowedTSPServiceTypes", null);
+
+ // create profile configuration
+ final TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr,
+ tslEnabled, countries, allowedTspStatus, allowedTspServiceTypes);
+ trustProfiles.put(id, profile);
- //check signerCertsLocation URL
- String signerCertsLocStr = getElementValue(profileElem, CONF + "SignerCertsLocation", null);
- URI signerCertsLocURI = null;
- if (signerCertsLocStr != null && !"".equals(signerCertsLocStr))
- {
- try
- {
- signerCertsLocURI = new URI(signerCertsLocStr);
- if (!signerCertsLocURI.isAbsolute()) signerCertsLocURI = new URI(configRoot_.toURL() + signerCertsLocStr);
-
- File signerCertsDir = new File(signerCertsLocURI.getPath());
- if (!signerCertsDir.exists() || !signerCertsDir.isDirectory()) {
- warn("config.27", new Object[] { "signerCertsUri", id });
- continue;
- }
- }
- catch (URIException e) {
- warn("config.14", new Object[] { "signerCertsUri", id, trustAnchorsLocStr }, e);
- continue;
- }
- catch (MalformedURLException e) {
- warn("config.15", new Object[] {id}, e);
- continue;
- }
- }
- signerCertsLocStr = (signerCertsLocURI != null) ? signerCertsLocURI.toString() : null;
-
-
- //check if TSL support is enabled
- Element eutslElem = (Element) XPathUtils.selectSingleNode(profileElem, CONF + "EUTSL");
- boolean tslEnabled = false;
- if (eutslElem != null) //EUTSL element found --> TSL enabled
- tslEnabled = true;
-
- //load TSL configuration
- String countries = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "CountrySelection", null);
- String allowedTspStatus = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "AllowedTSPStatus", null);
- String allowedTspServiceTypes = getElementValue(profileElem, CONF + "EUTSL" + "/" + CONF + "AllowedTSPServiceTypes", null);
-
-
- //create profile configuration
- TrustProfile profile = new TrustProfile(id, trustAnchorsLocURI.toString(), signerCertsLocStr,
- tslEnabled, countries, allowedTspStatus, allowedTspServiceTypes);
- trustProfiles.put(id, profile);
-
}
return trustProfiles;
}
-
+
/**
* Returns the location of the certificate store.
- *
+ *
* @return the location of the certificate store.
*/
- public String getCertStoreLocation()
- {
- String certStoreLocStr = getElementValue(getConfigElem(), CERTSTORE_LOCATION_XPATH, null);
+ public String getCertStoreLocation() {
+ final String certStoreLocStr = getElementValue(getConfigElem(), CERTSTORE_LOCATION_XPATH, null);
File certStoreLocFile;
-
- // No value specified in configuration file: Set it to a reasonable (absolute) default
- if (certStoreLocStr == null)
- return new File(configRoot_, "certstore").getAbsolutePath();
-
+
+ // No value specified in configuration file: Set it to a reasonable (absolute)
+ // default
+ if (certStoreLocStr == null) {
+ return new File(configRoot_, "certstore").getAbsolutePath();
+ }
+
// Make cert store location an absolute value
certStoreLocFile = new File(certStoreLocStr);
- if (!certStoreLocFile.isAbsolute())
- {
+ if (!certStoreLocFile.isAbsolute()) {
certStoreLocFile = new File(configRoot_, certStoreLocStr);
}
-
+
// Check if cert store location exists, eventually try to create it
- if (!certStoreLocFile.isDirectory())
- {
+ if (!certStoreLocFile.isDirectory()) {
boolean created = false;
- try
- {
+ try {
created = certStoreLocFile.mkdirs();
- }
- finally
- {
- if (!created)
- {
+ } finally {
+ if (!created) {
warn("config.32", new Object[] { certStoreLocFile.getAbsolutePath() });
}
}
}
-
+
return certStoreLocFile.getAbsolutePath();
}
@@ -1380,437 +1303,429 @@ public class ConfigurationPartsBuilder {
/**
* Parse a configuration XML file.
- *
+ *
* @param inputStream The stream from which to read the XML data.
* @return The DOM representation of the XML data.
* @throws ParserConfigurationException XML parser not configured properly.
- * @throws SAXException An error parsing the XML file.
- * @throws IOException An error reading the stream.
+ * @throws SAXException An error parsing the XML file.
+ * @throws IOException An error reading the stream.
*/
private static Element parseXml(InputStream inputStream)
- throws ParserConfigurationException, SAXException, IOException {
+ throws ParserConfigurationException, SAXException, IOException {
return DOMUtils
- .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
- .getDocumentElement();
+ .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
+ .getDocumentElement();
}
/**
* Return the value of an element located by an XPath.
- *
- * @param root The root element from which to evaluate the xpath.
+ *
+ * @param root The root element from which to evaluate the xpath.
* @param xpath The XPath pointing to the element.
- * @param def The default value, if no element can be found with the given
- * xpath.
+ * @param def The default value, if no element can be found with the given
+ * xpath.
* @return The element value or def, if the element cannot be
- * found.
+ * found.
*/
private String getElementValue(Element root, String xpath, String def) {
- Element elem = (Element) XPathUtils.selectSingleNode(root, xpath);
+ final Element elem = (Element) XPathUtils.selectSingleNode(root, xpath);
return elem != null ? DOMUtils.getText(elem) : def;
}
/**
* Return the value of an attribute located by an XPath.
- *
- * @param root The root element from which to evaluate the xpath.
+ *
+ * @param root The root element from which to evaluate the xpath.
* @param xpath The XPath pointing to the attribute.
- * @param def The default value, if no attribute can be found with the given
- * xpath.
+ * @param def The default value, if no attribute can be found with the given
+ * xpath.
* @return The element value or def, if the attribute cannot be
- * found.
+ * found.
*/
private String getAttributeValue(Element root, String xpath, String def) {
- Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath);
+ final Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath);
return attr != null ? attr.getValue() : def;
}
/**
* Log an info message.
- *
- * @param messageId The message ID.
+ *
+ * @param messageId The message ID.
* @param parameters Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private static void info(String messageId, Object[] parameters) {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
}
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
warnings.add(txt);
}
-
+
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void debug(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.debug(new LogMsg(txt));
-
+
}
-
/**
* Log a debug message.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void debug(String message) {
Logger.debug(new LogMsg(message));
}
-
+
/**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
- * @param t An exception being the cause of the warning.
+ * @param args Additional parameters for the message.
+ * @param t An exception being the cause of the warning.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args, Throwable t) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
- Logger.warn(new LogMsg(txt), t);
+ Logger.warn(new LogMsg(txt), t);
warnings.add(txt);
}
/**
* Log an error.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void error(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.error(new LogMsg(txt));
warnings.add(txt);
}
-
+
/**
* Log an error.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
- * @param t An exception being the cause of the warning.
+ * @param args Additional parameters for the message.
+ * @param t An exception being the cause of the warning.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void error(String messageId, Object[] args, Throwable t) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
- Logger.error(new LogMsg(txt), t);
+ Logger.error(new LogMsg(txt), t);
warnings.add(txt);
}
-
+
/**
* Returns whether revocation information should be archived.
- *
+ *
* @return whether revocation information should be archived.
*/
- public boolean getEnableRevocationArchiving()
- {
- String enableArchiving = getElementValue(getConfigElem(), ENABLE_ARCHIVING_XPATH, null);
+ public boolean getEnableRevocationArchiving() {
+ final String enableArchiving = getElementValue(getConfigElem(), ENABLE_ARCHIVING_XPATH, null);
return Boolean.valueOf(enableArchiving).booleanValue();
}
/**
* Returns the JDBC URL for the revocation archive database.
- *
- * @return the JDBC URL for the revocation archive database, or nullnullnullnullConfiguration data is read from an XML file, whose location is given by
- * the moa.spss.server.configuration system property.
- * This class implements the Singleton pattern. The reload()
- * method can be used to update the configuration data. Therefore, it is not
- * guaranteed that consecutive calls to getInstance() will return
- * the same ConfigurationProvider all the time. During the
- * processing of a web service request, the current
- * TransactionContext should be used to obtain the
- * ConfigurationProvider local to that request.
- *
+ *
+ *
+ * Configuration data is read from an XML file, whose location is given by the
+ * moa.spss.server.configuration system property.
+ *
+ *
+ * This class implements the Singleton pattern. The reload() method
+ * can be used to update the configuration data. Therefore, it is not guaranteed
+ * that consecutive calls to getInstance() will return the same
+ * ConfigurationProvider all the time. During the processing of a
+ * web service request, the current TransactionContext should be
+ * used to obtain the ConfigurationProvider local to that request.
+ *
+ *
* @author Patrick Peck
* @author Sven Aigner
* @version $Id$
*/
-public class ConfigurationProvider
-{
- /**
- * The name of the system property which contains the file name of the
+public class ConfigurationProvider {
+ /**
+ * The name of the system property which contains the file name of the
* configuration file.
*/
public static final String CONFIG_PROPERTY_NAME =
- "moa.spss.server.configuration";
+ "moa.spss.server.configuration";
- /**
+ /**
* A fake IssuerAndSerial object for storing KeyGroup information
* accessible by all clients.
*/
private static final IssuerAndSerial ANONYMOUS_ISSUER_SERIAL =
- new IssuerAndSerial(new Name(), new BigInteger("0"));
+ new IssuerAndSerial(new Name(), new BigInteger("0"));
/** Singleton instance. null, if none has been created. */
private static ConfigurationProvider instance;
@@ -101,23 +100,23 @@ public class ConfigurationProvider
/** The default canonicalization algorithm name */
private String canonicalizationAlgorithmName;
-
+
/** The XAdES version used for signature creation */
private String xadesVersion;
-
+
/** PDF AS Configuration */
private String pdfAsConfiguration;
-
+
private int connectionTimeout;
private int readTimeout;
-
- /**
- * A List of HardwareCryptoModule objects for
+
+ /**
+ * A List of HardwareCryptoModule objects for
* configuring hardware modules.
*/
private List hardwareCryptoModules;
- /**
+ /**
* A List of HardwareKey objects containing the
* configuration data for hardware keys.
*/
@@ -144,29 +143,29 @@ public class ConfigurationProvider
/** The default chaining mode. */
private String defaultChainingMode;
- /**
+ /**
* A Map which contains the IssuerAndSerial to
* chaining mode (a String) mapping.
*/
private Map chainingModes;
/**
- * A Map which contains the CAIssuerDN (a String)
- * to distribution points (a Set of
- * DistributionPoints) mapping.
+ * A Map which contains the CAIssuerDN (a String) to
+ * distribution points (a Set of DistributionPoints)
+ * mapping.
*/
private Map distributionPoints;
- /**
- * The CRL archive duration.
+ /**
+ * The CRL archive duration.
*/
private int cRLArchiveDuration;
-
+
/**
* Indicates whether revocation information should be archived.
*/
private boolean enableRevocationArchiving_;
-
+
/**
* The location of the certificate store.
*/
@@ -180,29 +179,29 @@ public class ConfigurationProvider
private Map createSignatureEnvironmentProfiles;
/**
- * A Map which contains a mapping from
- * CreateTransformsInfoProfile Ids (String) to
- * CreateTransformsInfoProfile elements (an Element).
+ * A Map which contains a mapping from CreateTransformsInfoProfile
+ * Ids (String) to CreateTransformsInfoProfile elements (an
+ * Element).
*/
private Map createTransformsInfoProfiles;
/**
- * A Map which contains a mapping from
- * VerifyTransformsInfoProfile Ids (String) to
- * VerifyTransformsInfoProfile elements (an Element).
+ * A Map which contains a mapping from VerifyTransformsInfoProfile
+ * Ids (String) to VerifyTransformsInfoProfile elements (an
+ * Element).
*/
private Map verifyTransformsInfoProfiles;
/**
- * A Map which contains a mapping from
- * SupplementProfile Ids (String) to SupplementProfile elements
- * (an Element).
+ * A Map which contains a mapping from SupplementProfile Ids
+ * (String) to SupplementProfile elements (an
+ * Element).
*/
private Map supplementProfiles;
/**
- * A Map which contains a TrustProfile Id (a String
- * to trust profile (a TrustProfile) mapping.
+ * A Map which contains a TrustProfile Id (a String to
+ * trust profile (a TrustProfile) mapping.
*/
private Map trustProfiles;
@@ -222,7 +221,8 @@ public class ConfigurationProvider
private boolean enableRevocationChecking_;
/**
- * The maximum age of a revocation information for considering it still as valid.
+ * The maximum age of a revocation information for considering it still as
+ * valid.
*/
private long maxRevocationAge_;
@@ -232,63 +232,58 @@ public class ConfigurationProvider
private String[] serviceOrder_;
private boolean adesFormResults;
-
+
/**
- * Indicates whether certificates found during certificate path construction
+ * Indicates whether certificates found during certificate path construction
* should be added to the certificate store.
*/
private boolean autoAddCertificates_;
-
private boolean autoAddEECertificates_;
-
-
+
/**
- * Indicates whether the certificate extension Authority Info Access should
- * be used during certificate path construction.
+ * Indicates whether the certificate extension Authority Info Access should be
+ * used during certificate path construction.
*/
private boolean useAuthorityInfoAccess_;
/**
- * Indicates whether file URIs are allowed or not
+ * Indicates whether file URIs are allowed or not
*/
private boolean permitFileURIs;
-
+
/**
* Indicates the CRL retention intervals
*/
private Map crlRetentionIntervals;
-
+
/**
* Indicates wether external URIs are allowed or not
*/
private boolean allowExternalUris_;
-
+
/**
* A List of black listed URIs (host and port)
*/
private List blackListedUris_;
-
+
/**
* A List of white listed URIs (host and port)
*/
private List whiteListedUris_;
-
+
/**
* A TSLConfiguration that represents the global TSL configuration
*/
private TSLConfiguration tslconfiguration_;
-
-
-
/**
* Return the single instance of configuration data.
- *
+ *
* @return MOAConfigurationProvider The current configuration data.
* @throws ConfigurationException Failure to load the configuration data.
*/
public static synchronized ConfigurationProvider getInstance()
- throws ConfigurationException {
+ throws ConfigurationException {
if (instance == null) {
reload();
@@ -298,21 +293,21 @@ public class ConfigurationProvider
/**
* Reload the configuration data and set it if successful.
- *
+ *
* @return MOAConfigurationProvider The loaded configuration data.
* @throws ConfigurationException Failure to load the configuration data.
*/
public static synchronized ConfigurationProvider reload()
- throws ConfigurationException {
+ throws ConfigurationException {
String fileName = System.getProperty(CONFIG_PROPERTY_NAME);
if (fileName == null) {
// find out where we are running and use the configuration provided
// under WEB-INF/conf/moa-spss/MOA-SPSSConfiguration
- URL url = ConfigurationProvider.class.getResource("/");
+ final URL url = ConfigurationProvider.class.getResource("/");
fileName =
- new File(url.getPath()).getParent()
- + "/conf/moa-spss/MOA-SPSSConfiguration.xml";
+ new File(url.getPath()).getParent()
+ + "/conf/moa-spss/MOA-SPSSConfiguration.xml";
info("config.05", new Object[] { CONFIG_PROPERTY_NAME });
}
@@ -322,7 +317,7 @@ public class ConfigurationProvider
/**
* Constructor for ConfigurationProvider.
- *
+ *
* @param fileName The name of the configuration file.
* @throws ConfigurationException An error occurred loading the configuration.
*/
@@ -331,12 +326,11 @@ public class ConfigurationProvider
}
/**
- * Load the configuration data from XML file with the given name and build
- * the internal data structures representing the MOA configuration.
- *
+ * Load the configuration data from XML file with the given name and build the
+ * internal data structures representing the MOA configuration.
+ *
* @param fileName The name of the XML file to load.
- * @throws ConfigurationException The MOA configuration could not be
- * read/built.
+ * @throws ConfigurationException The MOA configuration could not be read/built.
*/
private void load(String fileName) throws ConfigurationException {
FileInputStream stream = null;
@@ -345,16 +339,15 @@ public class ConfigurationProvider
Element configElem;
ConfigurationPartsBuilder builder;
List allKeyModules;
-
// load the main config file
try {
configFile = new File(fileName);
configRoot = new File(configFile.getParent());
- info("config.21", new Object[] { configFile.getAbsoluteFile()});
+ info("config.21", new Object[] { configFile.getAbsoluteFile() });
stream = new FileInputStream(fileName);
configElem = DOMUtils.parseXmlValidating(new FileInputStream(fileName));
- } catch (Throwable t) {
+ } catch (final Throwable t) {
throw new ConfigurationException("config.10", null, t);
}
@@ -362,30 +355,29 @@ public class ConfigurationProvider
try {
builder = new ConfigurationPartsBuilder(configElem, configRoot);
- //build TSL configuration
+ // build TSL configuration
tslconfiguration_ = builder.getTSLConfiguration();
-
- //build TrustProfile configuration
- trustProfiles = builder.buildTrustProfiles();
-
- //check TSL configuration
+
+ // build TrustProfile configuration
+ trustProfiles = builder.buildTrustProfiles();
+
+ // check TSL configuration
checkTSLConfiguration();
-
-
+
digestMethodAlgorithmName = builder.getDigestMethodAlgorithmName();
canonicalizationAlgorithmName =
- builder.getCanonicalizationAlgorithmName();
+ builder.getCanonicalizationAlgorithmName();
hardwareCryptoModules = builder.buildHardwareCryptoModules();
hardwareKeyModules =
- builder.buildHardwareKeyModules(Collections.EMPTY_LIST);
+ builder.buildHardwareKeyModules(Collections.EMPTY_LIST);
softwareKeyModules =
- builder.buildSoftwareKeyModules(hardwareKeyModules);
+ builder.buildSoftwareKeyModules(hardwareKeyModules);
allKeyModules = new ArrayList(hardwareKeyModules);
allKeyModules.addAll(softwareKeyModules);
keyGroups = builder.buildKeyGroups(allKeyModules);
keyGroupMappings =
- builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL);
-
+ builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL);
+
connectionTimeout = builder.getConnectionTimeout();
readTimeout = builder.getReadTimeout();
pdfAsConfiguration = builder.getPDFASConfiguration();
@@ -396,9 +388,9 @@ public class ConfigurationProvider
useAuthorityInfoAccess_ = builder.getUseAuthorityInfoAccess();
autoAddCertificates_ = builder.getAutoAddCertificates();
autoAddEECertificates_ = builder.getAutoEEAddCertificates();
- //trustProfiles = builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
-
-
+ // trustProfiles =
+ // builder.buildTrustProfiles(tslconfiguration_.getWorkingDirectory());
+
distributionPoints = builder.buildDistributionPoints();
enableRevocationChecking_ = builder.getEnableRevocationChecking();
maxRevocationAge_ = builder.getMaxRevocationAge();
@@ -407,12 +399,10 @@ public class ConfigurationProvider
cRLArchiveDuration = builder.getRevocationArchiveDuration();
revocationArchiveJDBCURL_ = builder.getRevocationArchiveJDBCURL();
revocationArchiveJDBCDriverClass_ = builder.getRevocationArchiveJDBCDriverClass();
-
-
- //TODO!!!!
+
+ // TODO!!!!
certStoreLocation_ = builder.getCertStoreLocation();
-
-
+
createTransformsInfoProfiles = builder.buildCreateTransformsInfoProfiles();
createSignatureEnvironmentProfiles = builder.buildCreateSignatureEnvironmentProfiles();
verifyTransformsInfoProfiles = builder.buildVerifyTransformsInfoProfiles();
@@ -421,41 +411,37 @@ public class ConfigurationProvider
permitFileURIs = builder.getPermitFileURIs();
crlRetentionIntervals = builder.getCrlRetentionIntervals();
- allowExternalUris_= builder.allowExternalUris();
-
- if (allowExternalUris_) {
- blackListedUris_ = builder.buildPermitExternalUris();
- whiteListedUris_ = null;
- }
- else {
- info("config.35", null);
- blackListedUris_ = null;
- whiteListedUris_ = builder.buildForbidExternalUris();
+ allowExternalUris_ = builder.allowExternalUris();
+
+ if (allowExternalUris_) {
+ blackListedUris_ = builder.buildPermitExternalUris();
+ whiteListedUris_ = null;
+ } else {
+ info("config.35", null);
+ blackListedUris_ = null;
+ whiteListedUris_ = builder.buildForbidExternalUris();
}
-
-
-
+
// Set set = crlRetentionIntervals.entrySet();
// Iterator i = set.iterator();
// while(i.hasNext()){
// Map.Entry me = (Map.Entry)i.next();
// System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() );
// }
-
-
- } catch (Throwable t) {
+
+ } catch (final Throwable t) {
throw new ConfigurationException("config.11", null, t);
} finally {
try {
if (stream != null) {
stream.close();
}
- } catch (IOException e) {
+ } catch (final IOException e) {
// don't complain about this
}
}
}
-
+
// private boolean checkTSLenableTrustprofilesExist()throws ConfigurationException {
// boolean bTSLEnabledTPExist = false;
// Iterator it = trustProfiles.entrySet().iterator();
@@ -465,78 +451,75 @@ public class ConfigurationProvider
// if (tp.isTSLEnabled())
// bTSLEnabledTPExist = bTSLEnabledTPExist || true;
// }
-//
+//
// return bTSLEnabledTPExist;
-//
+//
// }
-
- private void checkTSLConfiguration() throws ConfigurationException {
- boolean bTSLEnabledTPExist = false;
- Iterator it = trustProfiles.entrySet().iterator();
- while (it.hasNext()) {
- Map.Entry pairs = (Map.Entry)it.next();
- TrustProfile tp = (TrustProfile) pairs.getValue();
- if (tp.isTSLEnabled())
- bTSLEnabledTPExist = bTSLEnabledTPExist || true;
- }
-
- if (!bTSLEnabledTPExist) {
- // if no trustprofile has TSL support enabled, delete TSL configuration
- tslconfiguration_ = null;
- return;
- }
-
- if (bTSLEnabledTPExist && (tslconfiguration_ == null)) {
- error("config.40", null);
- throw new ConfigurationException("config.40", null);
- }
-
- File workingDir = new File(tslconfiguration_.getWorkingDirectory());
- File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu");
- if (!eu_trust.exists()) {
- error("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"});
- throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" existiert nicht"});
- }
- else {
- File[] eutrustFiles = eu_trust.listFiles();
- if (eutrustFiles == null) {
- error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- }
- else {
- if (eutrustFiles.length == 0) {
- error("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- throw new ConfigurationException("config.51", new Object[] {"Verzeichnis \"trust/eu\" ist leer"});
- }
- }
-
- }
-
- File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache");
- if (!hashcache.exists()) {
- hashcache.mkdir();
+
+ private void checkTSLConfiguration() throws ConfigurationException {
+ boolean bTSLEnabledTPExist = false;
+ final Iterator it = trustProfiles.entrySet().iterator();
+ while (it.hasNext()) {
+ final Map.Entry pairs = (Map.Entry) it.next();
+ final TrustProfile tp = (TrustProfile) pairs.getValue();
+ if (tp.isTSLEnabled()) {
+ bTSLEnabledTPExist = bTSLEnabledTPExist || true;
}
- if (!hashcache.isDirectory()) {
- error("config.38", new Object[] { hashcache.getAbsolutePath() });
- return;
+ }
+
+ if (!bTSLEnabledTPExist) {
+ // if no trustprofile has TSL support enabled, delete TSL configuration
+ tslconfiguration_ = null;
+ return;
+ }
+
+ if (bTSLEnabledTPExist && tslconfiguration_ == null) {
+ error("config.40", null);
+ throw new ConfigurationException("config.40", null);
+ }
+
+ final File workingDir = new File(tslconfiguration_.getWorkingDirectory());
+ final File eu_trust = new File(workingDir.getAbsolutePath() + "/trust/eu");
+ if (!eu_trust.exists()) {
+ error("config.51", new Object[] { "Verzeichnis \"trust/eu\" existiert nicht" });
+ throw new ConfigurationException("config.51", new Object[] {
+ "Verzeichnis \"trust/eu\" existiert nicht" });
+ } else {
+ final File[] eutrustFiles = eu_trust.listFiles();
+ if (eutrustFiles == null) {
+ error("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ throw new ConfigurationException("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ } else {
+ if (eutrustFiles.length == 0) {
+ error("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ throw new ConfigurationException("config.51", new Object[] { "Verzeichnis \"trust/eu\" ist leer" });
+ }
}
+ }
+
+ final File hashcache = new File(tslconfiguration_.getWorkingDirectory(), "hashcache");
+ if (!hashcache.exists()) {
+ hashcache.mkdir();
+ }
+ if (!hashcache.isDirectory()) {
+ error("config.38", new Object[] { hashcache.getAbsolutePath() });
+ return;
+ }
+
// System.setProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR", hashcache.getAbsolutePath());
// String hashcachedir = System.getProperty("iaik.xml.crypto.tsl.BinaryHashCache.DIR");
// System.out.println("Hashcache: " + hashcachedir);
+ Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath());
- Logger.debug("TSL Konfiguration - Hashcache: " + hashcache.getAbsolutePath());
-
-
}
-
/**
* Returns the warnings encountered during building the configuration.
- *
- * @return A List of Strings, containing the
- * warning messages.
+ *
+ * @return A List of Strings, containing the warning
+ * messages.
*/
public List getWarnings() {
return warnings;
@@ -544,57 +527,58 @@ public class ConfigurationProvider
/**
* Return the name of the digest algorithm used during signature creation.
- *
- * @return The digest method algorithm name, or an empty String,
- * if none has been configured.
+ *
+ * @return The digest method algorithm name, or an empty String, if
+ * none has been configured.
*/
public String getDigestMethodAlgorithmName() {
return digestMethodAlgorithmName;
}
-
+
/**
* Return the XAdES version used for signature creation.
- *
- * @return The XAdES version used for signature creation, or an empty String,
- * if none has been configured.
+ *
+ * @return The XAdES version used for signature creation, or an empty
+ * String, if none has been configured.
*/
public String getXAdESVersion() {
return xadesVersion;
}
-
+
public String getPDFASConfiguration() {
- return pdfAsConfiguration;
+ return pdfAsConfiguration;
}
-
+
public int getConnectionTimeout() {
- return this.connectionTimeout;
+ return this.connectionTimeout;
}
-
+
public int getReadTimeout() {
- return this.readTimeout;
+ return this.readTimeout;
}
-
+
public boolean getAdesFormResults() {
- return this.adesFormResults;
+ return this.adesFormResults;
}
-
+
public boolean getAllowExternalUris() {
- return this.allowExternalUris_;
+ return this.allowExternalUris_;
}
-
+
public List getBlackListedUris() {
- return this.blackListedUris_;
+ return this.blackListedUris_;
}
+
public List getWhiteListedUris() {
- return this.whiteListedUris_;
+ return this.whiteListedUris_;
}
-
+
/**
* Return the name of the canonicalization algorithm used during signature
* creation.
- *
- * @return The canonicalization algorithm name, or an empty
- * String if none has been configured.
+ *
+ * @return The canonicalization algorithm name, or an empty String
+ * if none has been configured.
*/
public String getCanonicalizationAlgorithmName() {
return canonicalizationAlgorithmName;
@@ -602,9 +586,9 @@ public class ConfigurationProvider
/**
* Return the configured hardware crypto modules.
- *
+ *
* @return A List of HardwareCryptoModule objects
- * containing the hardware crypto module configurations.
+ * containing the hardware crypto module configurations.
*/
public List getHardwareCryptoModules() {
return hardwareCryptoModules;
@@ -612,9 +596,9 @@ public class ConfigurationProvider
/**
* Return the hardware key modules configuration.
- *
+ *
* @return A List of HardwareKeyModule objects
- * containing the configuration of the hardware key modules.
+ * containing the configuration of the hardware key modules.
*/
public List getHardwareKeyModules() {
return hardwareKeyModules;
@@ -622,9 +606,9 @@ public class ConfigurationProvider
/**
* Return the software key module configuration.
- *
+ *
* @return A List of SoftwareKeyModule objects
- * containing the configuration of the software key modules.
+ * containing the configuration of the software key modules.
*/
public List getSoftwareKeyModules() {
return softwareKeyModules;
@@ -632,38 +616,38 @@ public class ConfigurationProvider
/**
* Return the key group mapping.
- *
- * @return A mapping from key group ID (a String) to
- * KeyGroup mapping.
+ *
+ * @return A mapping from key group ID (a String) to
+ * KeyGroup mapping.
*/
public Map getKeyGroups() {
return keyGroups;
}
-
+
public KeyGroup getKeyGroup(String keyGroupId) {
- if (MiscUtil.isNotEmpty(keyGroupId))
- return (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
-
- else
- return null;
+ if (MiscUtil.isNotEmpty(keyGroupId)) {
+ return (KeyGroup) keyGroups.get(keyGroupId.trim().toLowerCase());
+ } else {
+ return null;
+ }
}
/**
* Return the set of KeyGroupEntrys of a given key group, which a
* client (identified by an issuer/serial pair) may access.
- *
- * @param issuer The issuer of the client certificate.
- * @param serial The serial number of the client certificate.
+ *
+ * @param issuer The issuer of the client certificate.
+ * @param serial The serial number of the client certificate.
* @param keyGroupId The ID of the key group.
* @return A Set of all the KeyGroupEntrys in the
- * given key group, if the user may access them. Returns null, if
- * the user may not access the given key group or if the key group does not
- * exist.
+ * given key group, if the user may access them. Returns
+ * null, if the user may not access the given key group or
+ * if the key group does not exist.
*/
public Set getKeyGroupEntries(
- Principal issuer,
- BigInteger serial,
- String keyGroupId) {
+ Principal issuer,
+ BigInteger serial,
+ String keyGroupId) {
IssuerAndSerial issuerAndSerial;
Map mapping;
@@ -676,118 +660,115 @@ public class ConfigurationProvider
// System.out.println("Issuer: " + issuer);
// System.out.println("serial: " + serial);
-//
+//
// Iterator entries = keyGroupMappings.entrySet().iterator();
// while (entries.hasNext()) {
// Entry thisEntry = (Entry) entries.next();
// System.out.println("Entry: " + thisEntry.getKey());
// System.out.println("Value: " + thisEntry.getValue());
// }
-
+
mapping = (Map) keyGroupMappings.get(issuerAndSerial);
if (mapping != null) {
- KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+ final KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
if (keyGroup != null) {
return keyGroup.getKeyGroupEntries();
}
}
-
+
// If no key group is available for a client identified by a certificate,
// try to find a key group in the anonymous key group mapping
- if (issuer != null || serial != null)
- {
+ if (issuer != null || serial != null) {
mapping = (Map) keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL);
- if (mapping != null)
- {
- KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
- if (keyGroup != null) return keyGroup.getKeyGroupEntries();
+ if (mapping != null) {
+ final KeyGroup keyGroup = (KeyGroup) mapping.get(keyGroupId);
+ if (keyGroup != null) {
+ return keyGroup.getKeyGroupEntries();
+ }
}
}
-
+
return null;
}
/**
* Return the chaining mode for a given trust anchor.
- *
+ *
* @param trustAnchor The trust anchor for which the chaining mode should be
- * returned.
- * @return The chaining mode for the given trust anchor. If the trust anchor
- * has not been configured separately, the system default will be returned.
+ * returned.
+ * @return The chaining mode for the given trust anchor. If the trust anchor has
+ * not been configured separately, the system default will be returned.
*/
public String getChainingMode(X509Certificate trustAnchor) {
- Principal issuer = trustAnchor.getIssuerDN();
- BigInteger serial = trustAnchor.getSerialNumber();
- IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
+ final Principal issuer = trustAnchor.getIssuerDN();
+ final BigInteger serial = trustAnchor.getSerialNumber();
+ final IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
- String mode = (String) chainingModes.get(issuerAndSerial);
+ final String mode = (String) chainingModes.get(issuerAndSerial);
return mode != null ? mode : defaultChainingMode;
}
/**
* Return the distribution points for a given CA.
- *
+ *
* @param cert The certificate for which the distribution points should be
* looked up. The issuer information is used to perform the lookup.
- *
- * @return A Set of DistributionPoint objects. The
- * set will be empty, if no distribution points have been configured
- * for this certificate.
+ *
+ * @return A Set of DistributionPoint objects. The set
+ * will be empty, if no distribution points have been configured for
+ * this certificate.
*/
- public Set getDistributionPoints(X509Certificate cert)
- {
+ public Set getDistributionPoints(X509Certificate cert) {
try {
- RFC2253NameParser nameParser =
- new RFC2253NameParser(cert.getIssuerDN().toString());
- String caIssuerDN = nameParser.parse().getName();
- Set dps = (Set) distributionPoints.get(caIssuerDN);
+ final RFC2253NameParser nameParser =
+ new RFC2253NameParser(cert.getIssuerDN().toString());
+ final String caIssuerDN = nameParser.parse().getName();
+ final Set dps = (Set) distributionPoints.get(caIssuerDN);
if (dps == null) {
return Collections.EMPTY_SET;
}
return dps;
- } catch (RFC2253NameParserException e) {
+ } catch (final RFC2253NameParserException e) {
return Collections.EMPTY_SET;
}
}
/**
* Return the CRL archive duration.
- *
+ *
* @return The duration of how long to keep CRL archive entries (measured in
- * days).
+ * days).
*/
public int getCRLArchiveDuration() {
return cRLArchiveDuration;
}
-
+
/**
* Returns whether revocation information should be archived.
- *
+ *
* @return whether revocation information should be archived.
*/
- public boolean getEnableRevocationArchiving()
- {
+ public boolean getEnableRevocationArchiving() {
return enableRevocationArchiving_;
}
-
+
/**
* Returns the location of the certificate store.
- *
+ *
* @return the location of the certificate store.
*/
- public String getCertStoreLocation()
- {
+ public String getCertStoreLocation() {
return certStoreLocation_;
}
/**
* Return a CreateTransformsInfoProfile with the given ID.
- *
+ *
* @param id The CreateTransformsInfoProfile ID.
- * @return The CreateTransformsInfoProfile with the given
- * ID or null, if none exists.
+ * @return The CreateTransformsInfoProfile with the given ID or
+ * null, if none exists.
*/
public Element getCreateTransformsInfoProfile(String id) {
return (Element) createTransformsInfoProfiles.get(id);
@@ -795,10 +776,10 @@ public class ConfigurationProvider
/**
* Return a CreateSignatureEnvironmentProfile with the given ID.
- *
+ *
* @param id The CreateSignatureEnvironmentProfile ID.
- * @return The CreateSignatureEnvironmentProfile with the given
- * ID or null, if none exists.
+ * @return The CreateSignatureEnvironmentProfile with the given ID
+ * or null, if none exists.
*/
public Element getCreateSignatureEnvironmentProfile(String id) {
return (Element) createSignatureEnvironmentProfiles.get(id);
@@ -806,10 +787,10 @@ public class ConfigurationProvider
/**
* Return a VerifyTransformsInfoProfile with the given ID.
- *
+ *
* @param id The VerifyTransformsInfoProfile ID.
* @return The VerifyTransformsInfoProfile with the given ID or
- * null, if none exists.
+ * null, if none exists.
*/
public Element getVerifyTransformsInfoProfile(String id) {
return (Element) verifyTransformsInfoProfiles.get(id);
@@ -817,10 +798,10 @@ public class ConfigurationProvider
/**
* Return a SupplementProfile with the given ID.
- *
+ *
* @param id The SupplementProfile ID.
* @return The SupplementProfile with the given ID or
- * null, if none exists.
+ * null, if none exists.
*/
public Element getSupplementProfile(String id) {
return (Element) supplementProfiles.get(id);
@@ -828,63 +809,64 @@ public class ConfigurationProvider
/**
* Return a TrustProfile with the given ID.
- *
+ *
* @param id The TrustProfile ID.
- * @return The TrustProfile with the given ID or
- * null, if none exists.
+ * @return The TrustProfile with the given ID or null,
+ * if none exists.
*/
public TrustProfile getTrustProfile(String id) {
- if (MiscUtil.isNotEmpty(id)) {
- id = id.trim().toLowerCase();
- return (TrustProfile) trustProfiles.get(id);
-
- }
-
- return null;
+ if (MiscUtil.isNotEmpty(id)) {
+ id = id.trim().toLowerCase();
+ return (TrustProfile) trustProfiles.get(id);
+
+ }
+
+ return null;
}
-
+
/**
* Returns a map of TrustProfiles
+ *
* @return
*/
public Map getTrustProfiles() {
- return trustProfiles;
+ return trustProfiles;
}
/**
* Log a warning.
- *
- * @param messageId The message ID.
+ *
+ * @param messageId The message ID.
* @param parameters Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private static void info(String messageId, Object[] parameters) {
- MessageProvider msg = MessageProvider.getInstance();
+ final MessageProvider msg = MessageProvider.getInstance();
Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
}
-
+
/**
* Log a debug message.
- *
- * @param messageId The message ID.
+ *
+ * @param messageId The message ID.
* @param parameters Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private static void debug(String message) {
Logger.debug(message);
}
-
- /**
+
+ /**
* Log a warning.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void warn(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
warnings.add(txt);
@@ -892,133 +874,126 @@ public class ConfigurationProvider
/**
* Log an error.
- *
+ *
* @param messageId The message ID.
- * @param args Additional parameters for the message.
+ * @param args Additional parameters for the message.
* @see at.gv.egovernment.moa.spss.server.util.MessageProvider
*/
private void error(String messageId, Object[] args) {
- MessageProvider msg = MessageProvider.getInstance();
- String txt = msg.getMessage(messageId, args);
+ final MessageProvider msg = MessageProvider.getInstance();
+ final String txt = msg.getMessage(messageId, args);
Logger.warn(new LogMsg(txt));
// warnings.add(txt);
}
-
+
/**
* Returns the JDBC URL for the revocation archive database.
- *
+ *
* @return the JDBC URL for the revocation archive database.
*/
- public String getRevocationArchiveJDBCURL()
- {
+ public String getRevocationArchiveJDBCURL() {
return revocationArchiveJDBCURL_;
}
/**
* Returns the JDBC driver class name for the revocation archive database.
- *
+ *
* @return the JDBC driver class name for the revocation archive database.
*/
- public String getRevocationArchiveJDBCDriverClass()
- {
+ public String getRevocationArchiveJDBCDriverClass() {
return revocationArchiveJDBCDriverClass_;
}
/**
* Returns whether revocation checking should be done.
- *
+ *
* @return whether revocation checking should be done.
*/
- public boolean getEnableRevocationChecking()
- {
+ public boolean getEnableRevocationChecking() {
return enableRevocationChecking_;
}
/**
- * Returns the maximum age of a revocation information for considering it
- * still as valid.
- *
- * @return the maximum age of a revocation information for considering it
- * still as valid.
+ * Returns the maximum age of a revocation information for considering it still
+ * as valid.
+ *
+ * @return the maximum age of a revocation information for considering it still
+ * as valid.
*/
- public long getMaxRevocationAge()
- {
+ public long getMaxRevocationAge() {
return maxRevocationAge_;
}
/**
* Returns the service order for revocation checking.
- *
+ *
* @return the service order for revocation checking. Valid array entries are
- * {@link RevocationSourceTypes#OCSP} and {@link RevocationSourceTypes#CRL}.
+ * {@link RevocationSourceTypes#OCSP} and
+ * {@link RevocationSourceTypes#CRL}.
*/
- public String[] getServiceOrder()
- {
+ public String[] getServiceOrder() {
return serviceOrder_;
}
/**
- * Returns whether certificates found during certificate path construction
+ * Returns whether certificates found during certificate path construction
* should be added to the certificate store.
- *
- * @return whether certificates found during certificate path construction
+ *
+ * @return whether certificates found during certificate path construction
* should be added to the certificate store.
*/
- public boolean getAutoAddCertificates()
- {
+ public boolean getAutoAddCertificates() {
return autoAddCertificates_;
}
/**
- * Returns whether EE certificates found during certificate path construction
+ * Returns whether EE certificates found during certificate path construction
* should be added to the certificate store.
- *
- * @return whether certificates found during certificate path construction
+ *
+ * @return whether certificates found during certificate path construction
* should be added to the certificate store.
*/
- public boolean getAutoAddEECertificates()
- {
+ public boolean getAutoAddEECertificates() {
return autoAddEECertificates_;
}
-
+
/**
- * Returns whether the certificate extension Authority Info Access should
- * be used during certificate path construction.
- *
- * @return whether the certificate extension Authority Info Access should
- * be used during certificate path construction.
+ * Returns whether the certificate extension Authority Info Access should be
+ * used during certificate path construction.
+ *
+ * @return whether the certificate extension Authority Info Access should be
+ * used during certificate path construction.
*/
- public boolean getUseAuthorityInfoAccess()
- {
+ public boolean getUseAuthorityInfoAccess() {
return useAuthorityInfoAccess_;
}
-
+
/**
* Returns whether the file URIs are permitted or not
+ *
* @return whether the file URIs are permitted or not
*/
- public boolean getPermitFileURIs()
- {
- return permitFileURIs;
+ public boolean getPermitFileURIs() {
+ return permitFileURIs;
}
-
+
/**
* Returns the map of retention intervals
+ *
* @return The map of retention intervals
*/
public Map getCrlRetentionIntervals() {
- return crlRetentionIntervals;
+ return crlRetentionIntervals;
}
-
+
/**
* Returns the global TSL configuration
+ *
* @return The global TSL configuration
*/
public TSLConfiguration getTSLConfiguration() {
- return tslconfiguration_;
+ return tslconfiguration_;
}
-
-
}
\ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
index a2e5b93..bf911df 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/DistributionPoint.java
@@ -21,42 +21,40 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* Abstract base class for distribution points.
- *
+ *
* @author Gregor Karlinger
* @version $Id$
- * */
-public abstract class DistributionPoint implements iaik.pki.revocation.DistributionPoint
-{
- /**
- * The distribution point URI.
+ */
+public abstract class DistributionPoint implements iaik.pki.revocation.DistributionPoint {
+ /**
+ * The distribution point URI.
*/
- private String uri_;
+ private final String uri_;
/**
* Create a DistributionPoint with a URI.
- *
+ *
* @param uri The URI of the distribution point.
*/
- public DistributionPoint(String uri)
- {
+ public DistributionPoint(String uri) {
uri_ = uri;
}
-
+
/**
* @see iaik.pki.revocation.DistributionPoint#getType()
*/
+ @Override
public abstract String getType();
/**
* @see iaik.pki.revocation.DistributionPoint#getUri()
*/
- public String getUri()
- {
+ @Override
+ public String getUri() {
return uri_;
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
index c0487f6..99ca1c3 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareCryptoModule.java
@@ -21,40 +21,38 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* Contains configuration data for a hardware crypto module.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class HardwareCryptoModule {
/** The name of the module. */
- private String name;
+ private final String name;
/** The slod ID of the module. */
- private String slotID;
+ private final String slotID;
/** The user PIN of the module. */
- private String userPIN;
-
+ private final String userPIN;
+
/**
* Create a new HardwareCryptoModule.
- *
- * @param name The name of this HardwareCryptoModule.
- * @param slotID The slot ID of this HardwareCryptoModule.
- * @param userPIN The user PIN to access this
- * HardwareCryptoModule.
+ *
+ * @param name The name of this HardwareCryptoModule.
+ * @param slotID The slot ID of this HardwareCryptoModule.
+ * @param userPIN The user PIN to access this HardwareCryptoModule.
*/
public HardwareCryptoModule(String name, String slotID, String userPIN) {
this.name = name;
this.slotID = slotID;
this.userPIN = userPIN;
}
-
+
/**
* Returns the name of this HardwareCryptoModule.
- *
+ *
* @return The name of this HardwareCryptoModule.
*/
public String getName() {
@@ -63,22 +61,20 @@ public class HardwareCryptoModule {
/**
* Returns the slot ID of this HardwareCryptoModule.
- *
+ *
* @return The slot ID.
*/
public String getSlotID() {
return slotID;
}
-
/**
* Returns the user PIN of this HardwareCryptoModule.
- *
+ *
* @return The user PIN used to access the module.
*/
public String getUserPIN() {
return userPIN;
}
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
index 18fd085..5fa408c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/HardwareKeyModule.java
@@ -21,60 +21,59 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* A class that contains information about a hardware key module.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class HardwareKeyModule extends KeyModule {
/** The name of the module. */
- private String name;
+ private final String name;
/** The slod ID of the module. */
- private String slotID;
+ private final String slotID;
/** The user PIN of the module. */
- private String userPIN;
-
+ private final String userPIN;
+
/**
* Create a new HardwareKey.
- *
- * @param id The key module ID.
- * @param name The name of the key.
- * @param slotID The slot ID of the key within the hardware module. May be
- * null.
+ *
+ * @param id The key module ID.
+ * @param name The name of the key.
+ * @param slotID The slot ID of the key within the hardware module. May be
+ * null.
* @param userPIN The user PIN to access the key.
*/
public HardwareKeyModule(String id, String name, String slotID, String userPIN) {
super(id);
this.name = name;
this.slotID = slotID;
- this.userPIN = userPIN;
+ this.userPIN = userPIN;
}
-
+
/**
* Return the name of this HardwareKey.
- *
+ *
* @return The name of this HardwareKey.
*/
public String getName() {
return name;
}
-
+
/**
* Return the slot ID of this HardwareKey.
- *
+ *
* @return The slot ID of this HardwareKey.
*/
public String getSlotID() {
return slotID;
}
-
+
/**
* Return the user PIN to access this HardwareKey.
- *
+ *
* @return The user PIN to access this HardwareKey.
*/
public String getUserPIN() {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
index 38a3ae9..03827f2 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/IssuerAndSerial.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.math.BigInteger;
@@ -34,25 +33,25 @@ import iaik.utils.RFC2253NameParserException;
/**
* A class containing the issuer and serial number of a certificate, which can
* be used to uniquely identify the certificate.
- *
+ *
* The issuer is contained as an RFC2253 encoded String.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class IssuerAndSerial {
/** The issuer distinguished name. */
- private String issuerDN;
+ private final String issuerDN;
/** The certificate serial number. */
- private BigInteger serial;
+ private final BigInteger serial;
/**
* Create an IssuerAndSerial object.
- *
+ *
* The name of the issuer is converted to RFC2253. If it cannot be parsed, the
- * DN contained in the issuer is set.
- *
+ * DN contained in the issuer is set.
+ *
* @param issuer The isser of a certificate.
* @param serial The serial number of the certificate.
*/
@@ -60,28 +59,28 @@ public class IssuerAndSerial {
String issuerDN = null;
if (issuer instanceof Name) {
try {
- issuerDN = ((Name)issuer).getRFC2253String();
- } catch (RFC2253NameParserException e) {
+ issuerDN = ((Name) issuer).getRFC2253String();
+ } catch (final RFC2253NameParserException e) {
// do nothing
}
}
if (issuerDN == null) {
- RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
+ final RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
try {
- issuerDN = ((Name)parser.parse()).getRFC2253String();
- } catch (RFC2253NameParserException e) {
+ issuerDN = parser.parse().getRFC2253String();
+ } catch (final RFC2253NameParserException e) {
issuerDN = issuer.getName();
}
}
this.serial = serial;
this.issuerDN = issuerDN;
}
-
+
/**
* Create an IssuerAndSerial object.
- *
+ *
* @param issuerDN The issuer distinguished name. Should be an RFC2253 name.
- * @param serial The serial number of the certificate.
+ * @param serial The serial number of the certificate.
*/
public IssuerAndSerial(String issuerDN, BigInteger serial) {
this.issuerDN = issuerDN;
@@ -90,7 +89,7 @@ public class IssuerAndSerial {
/**
* Return the issuer DN in RFC2253 format.
- *
+ *
* @return The issuer part of this object.
*/
public String getIssuerDN() {
@@ -99,7 +98,7 @@ public class IssuerAndSerial {
/**
* Return the serial number.
- *
+ *
* @return The serial number of this object.
*/
public BigInteger getSerial() {
@@ -108,28 +107,31 @@ public class IssuerAndSerial {
/**
* Compare this IssuerAndSerial to another object.
- *
+ *
* @param other The object to compare this IssuerAndSerial to.
* @return true, if other is an
- * IssuerAndSerial object and the issuer and
- * serial fields are both equal. false otherwise.
+ * IssuerAndSerial object and the issuer and
+ * serial fields are both equal. false
+ * otherwise.
* @see java.lang.Object#equals(java.lang.Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof IssuerAndSerial) {
- IssuerAndSerial ias = (IssuerAndSerial) other;
+ final IssuerAndSerial ias = (IssuerAndSerial) other;
return getIssuerDN().equals(ias.getIssuerDN())
- && getSerial().equals(ias.getSerial());
+ && getSerial().equals(ias.getSerial());
}
return false;
}
/**
* Return the hash code of this IssuerAndSerial.
- *
+ *
* @return The hash code of this IssuerAndSerial.
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return issuerDN.hashCode() ^ serial.hashCode();
}
@@ -137,13 +139,14 @@ public class IssuerAndSerial {
/**
* Return a String representation of this
* IssuerAndSerial object.
- *
+ *
* @return The String representation.
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
- return ("(IssuerAndSerial - Issuer<" + getIssuerDN())
- + ("> Serial<" + serial.toString() + ">)");
+ return "(IssuerAndSerial - Issuer<" + getIssuerDN()
+ + "> Serial<" + serial.toString() + ">)";
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
index c2490f9..faeaf82 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroup.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.util.Iterator;
@@ -29,7 +28,7 @@ import java.util.Set;
/**
* A collection of KeyGroupEntrys with its own ID.
- *
+ *
* @author Sven Aigner
* @author Patrick Peck
* @version $Id$
@@ -37,59 +36,62 @@ import java.util.Set;
public class KeyGroup {
/** The keys belonging to this key group. */
- private Set keyGroupEntries;
+ private final Set keyGroupEntries;
/** The key group ID. */
- private String id;
+ private final String id;
/** The digest method algorithm for the key group */
- private String digestMethodAlgorithm;
+ private final String digestMethodAlgorithm;
/**
* Create a KeyGroup.
- *
- * @param id The ID of this KeyGroup.
- * @param keyGroupEntries The keys belonging to this KeyGroup.
+ *
+ * @param id The ID of this KeyGroup.
+ * @param keyGroupEntries The keys belonging to this
+ * KeyGroup.
* @param digestMethodAlgorithm The signature algorithm used for this key group
*/
public KeyGroup(String id, Set keyGroupEntries, String digestMethodAlgorithm) {
this.id = id;
this.keyGroupEntries = keyGroupEntries;
- this.digestMethodAlgorithm = digestMethodAlgorithm;
+ this.digestMethodAlgorithm = digestMethodAlgorithm;
}
/**
* Return the KeyEntrys contained in this KeyGroup.
- *
+ *
* @return The KeyEntrys contained in this KeyGroup.
*/
public Set getKeyGroupEntries() {
return keyGroupEntries;
}
-
+
/**
* Returnd the digest method algorithm used for this key group
+ *
* @return The digest method signature algorithm used for this key group
*/
public String getDigestMethodAlgorithm() {
- return digestMethodAlgorithm;
+ return digestMethodAlgorithm;
}
/**
* Return the ID of this KeyGroup.
- *
+ *
* @return The KeyGroup ID.
*/
public String getId() {
return id;
}
- /**
+ /**
* Return a String representation of this KeyGroup.
- *
+ *
* @return The String representation.
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
- StringBuffer sb = new StringBuffer();
+ final StringBuffer sb = new StringBuffer();
Iterator i;
if (getKeyGroupEntries() != null) {
@@ -99,7 +101,8 @@ public class KeyGroup {
sb.append(" " + i.next());
}
}
- return "(KeyGroup - ID:" + id + " " + sb.toString() + ")" + "DigestMethodAlgorithm: " + digestMethodAlgorithm;
+ return "(KeyGroup - ID:" + id + " " + sb.toString() + ")" + "DigestMethodAlgorithm: "
+ + digestMethodAlgorithm;
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
index fcedfb0..d73b755 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyGroupEntry.java
@@ -21,31 +21,30 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.math.BigInteger;
/**
* A class containing information about an entry in a key group.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class KeyGroupEntry {
/** The module ID of the key. */
- private String moduleID;
+ private final String moduleID;
/** The issuer DN of the certificate identifying the key. */
- private String issuerDN;
+ private final String issuerDN;
/** The serial number of the certificate identifying the key. */
- private BigInteger serialNumber;
+ private final BigInteger serialNumber;
/**
* Create a new KeyGroupEntry.
- *
- * @param moduleID The key module ID to which this entry belongs to.
- * @param issuerAndSerial The issuer and serial number which uniquely
- * identifies a certificate within the key module.
+ *
+ * @param moduleID The key module ID to which this entry belongs to.
+ * @param issuerAndSerial The issuer and serial number which uniquely identifies
+ * a certificate within the key module.
*/
public KeyGroupEntry(String moduleID, IssuerAndSerial issuerAndSerial) {
this.moduleID = moduleID;
@@ -55,25 +54,24 @@ public class KeyGroupEntry {
/**
* Create a new KeyGroupEntry.
- *
- * @param moduleID The key module ID to which this entry belongs to.
- * @param issuerDN The isser DN of the certificate within the key module.
+ *
+ * @param moduleID The key module ID to which this entry belongs to.
+ * @param issuerDN The isser DN of the certificate within the key module.
* @param serialNumber The serial number of the certificate within the key
- * module.
+ * module.
*/
public KeyGroupEntry(
- String moduleID,
- String issuerDN,
- BigInteger serialNumber) {
+ String moduleID,
+ String issuerDN,
+ BigInteger serialNumber) {
this.moduleID = moduleID;
this.issuerDN = issuerDN;
this.serialNumber = serialNumber;
}
/**
- * Return the key module ID to which this KeyGroupEntry belongs
- * to.
- *
+ * Return the key module ID to which this KeyGroupEntry belongs to.
+ *
* @return The key module ID.
*/
public String getModuleID() {
@@ -83,7 +81,7 @@ public class KeyGroupEntry {
/**
* Return the issuer DN of this KeyGroupEntry for identifying the
* certificate within the key module.
- *
+ *
* @return The issuer DN of the certificate.
*/
public String getIssuerDN() {
@@ -93,7 +91,7 @@ public class KeyGroupEntry {
/**
* Return the serial number of this KeyGroupEntry for identifying
* the certificate within the key module.
- *
+ *
* @return The serial number of the certificate.
*/
public BigInteger getSerialNumber() {
@@ -105,26 +103,28 @@ public class KeyGroupEntry {
*
* @param other The KeyGroupEntry to compare to.
* @return true, if module ID, isser DN and serial number of
- * other match the ones contained in this object, otherwise
- * false.
+ * other match the ones contained in this object, otherwise
+ * false.
* @see java.lang.Object#equals(Object)
*/
+ @Override
public boolean equals(Object other) {
if (other instanceof KeyGroupEntry) {
- KeyGroupEntry entry = (KeyGroupEntry) other;
+ final KeyGroupEntry entry = (KeyGroupEntry) other;
return getModuleID().equals(entry.getModuleID())
- && getIssuerDN().equals(entry.getIssuerDN())
- && getSerialNumber().equals(entry.getSerialNumber());
+ && getIssuerDN().equals(entry.getIssuerDN())
+ && getSerialNumber().equals(entry.getSerialNumber());
}
return false;
}
-
+
/**
* @see java.lang.Object#hashCode()
*/
+ @Override
public int hashCode() {
return getModuleID().hashCode()
- ^ getIssuerDN().hashCode()
- ^ getSerialNumber().hashCode();
+ ^ getIssuerDN().hashCode()
+ ^ getSerialNumber().hashCode();
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
index 45d8d7e..6a665d6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/KeyModule.java
@@ -21,23 +21,22 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* A class that contains information about a key module.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class KeyModule {
/** The key module ID. */
- private String id;
+ private final String id;
/**
* Create a Key object.
- *
+ *
* @param id The key module ID.
*/
public KeyModule(String id) {
@@ -46,7 +45,7 @@ public class KeyModule {
/**
* Return the key ID.
- *
+ *
* @return The key ID.
*/
public String getId() {
@@ -55,10 +54,11 @@ public class KeyModule {
/**
* Return a String representation of this Key.
- *
+ *
* @return The String representation.
* @see java.lang.Object#toString()
*/
+ @Override
public String toString() {
return "(Key - Id<" + id + ">)";
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
index 2e91c6b..97ced05 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/OCSPDistributionPoint.java
@@ -21,36 +21,33 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import iaik.pki.revocation.RevocationSourceTypes;
/**
* A class representing a CRL distribution point.
- *
+ *
* @author Gregor Karlinger
* @version $Id$
*/
-public class OCSPDistributionPoint
- extends DistributionPoint
- implements iaik.pki.revocation.DistributionPoint
-{
+public class OCSPDistributionPoint
+ extends DistributionPoint
+ implements iaik.pki.revocation.DistributionPoint {
/**
* Create a OCSPDistributionPoint with a URI.
- *
+ *
* @param uri The URI of the ocsp distribution point.
*/
- public OCSPDistributionPoint(String uri)
- {
+ public OCSPDistributionPoint(String uri) {
super(uri);
}
/**
* @see iaik.pki.revocation.DistributionPoint#getType()
*/
- public String getType()
- {
+ @Override
+ public String getType() {
return RevocationSourceTypes.OCSP;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
index 0ed83bb..3c038cf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/SoftwareKeyModule.java
@@ -21,25 +21,24 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
/**
* A class containing information about a software key, stored in PKCS12 format.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class SoftwareKeyModule extends KeyModule {
/** The name of the file containing the keys. */
- private String fileName;
+ private final String fileName;
/** The password for accessing the file. */
- private String passWord;
-
+ private final String passWord;
+
/**
* Create a new SoftwareKey.
- *
- * @param id The key ID.
+ *
+ * @param id The key ID.
* @param fileName The name of the PKCS12 keystore file containing the key.
* @param passWord The password to access the keystore file.
*/
@@ -48,25 +47,24 @@ public class SoftwareKeyModule extends KeyModule {
this.fileName = fileName;
this.passWord = passWord;
}
-
+
/**
* Return the name of the PKCS12 keystore file containing this
* SoftwareKey.
- *
+ *
* @return The name of the PKCS12 keystore file.
*/
public String getFileName() {
return fileName;
}
-
+
/**
* Return the password to access the keystore file.
- *
+ *
* @return The password to access the keystore file.
*/
public String getPassWord() {
return passWord;
}
-
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
index 0063c7f..94155d6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/TrustProfile.java
@@ -21,7 +21,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.spss.server.config;
import java.net.URI;
@@ -35,129 +34,139 @@ import java.util.regex.PatternSyntaxException;
import at.gv.egovernment.moa.sig.tsl.TslConstants;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.MiscUtil;
-import iaik.x509.X509Certificate;
/**
* Information about a trust profile.
- *
+ *
* @author Patrick Peck
* @version $Id$
*/
public class TrustProfile {
/** The ID of the trust profile. */
- private String id;
+ private final String id;
/** The URI giving the location of the trust profile. */
- private String uri;
+ private final String uri;
/** The URI giving the location of the allowed signer certificates. */
- private String signerCertsUri;
-
- /** Defines if Trustprofile makes use of EU TSL*/
- private boolean tslEnabled;
- /** The countries given */
- private List countries = new ArrayList();
-
- private List allowedTspStatus = new ArrayList();
- private List allowedTspServiceTypes = new ArrayList();
-
-
+ private final String signerCertsUri;
+
+ /** Defines if Trustprofile makes use of EU TSL */
+ private final boolean tslEnabled;
+ /** The countries given */
+ private final List countries = new ArrayList<>();
+
+ private final List allowedTspStatus = new ArrayList<>();
+ private final List allowedTspServiceTypes = new ArrayList<>();
+
/**
* Create a TrustProfile.
- *
- * @param id The ID of the TrustProfile to create.
- * @param uri The URI of the TrustProfile to create.
- * @param signerCertsUri The URI of the location of the allowed signer
- * certificates of the TrustProfile to create.
- * @param allowedTspServiceTypes
- * @param allowedTspStatus
+ *
+ * @param id The ID of the TrustProfile to
+ * create.
+ * @param uri The URI of the TrustProfile to
+ * create.
+ * @param signerCertsUri The URI of the location of the allowed signer
+ * certificates of the TrustProfile
+ * to create.
+ * @param allowedTspServiceTypes
+ * @param allowedTspStatus
*/
- public TrustProfile(String id, String uri, String signerCertsUri,
- boolean tslEnabled, String countries, String allowedTspStatus, String allowedTspServiceTypes) {
+ public TrustProfile(String id, String uri, String signerCertsUri,
+ boolean tslEnabled, String countries, String allowedTspStatus, String allowedTspServiceTypes) {
this.id = id;
this.uri = uri;
this.signerCertsUri = signerCertsUri;
-
- //TSL configuration parameters
+
+ // TSL configuration parameters
this.tslEnabled = tslEnabled;
- if (tslEnabled) {
- setCountries(countries);
- if (!this.countries.isEmpty())
- Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.countries.toArray()) + " TSL countries");
- else
- Logger.info("TrustProfile "+ id + " allows " + "ALL" + " TSL countries");
-
- setAllowedTspStatus(allowedTspStatus);
- Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.allowedTspStatus.toArray()) + " TSP status identifier");
-
- setAllowedTspServiceTypes(allowedTspServiceTypes);
- Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.allowedTspServiceTypes.toArray()) + " TSL service-type identifier");
-
- }
+ if (tslEnabled) {
+ setCountries(countries);
+ if (!this.countries.isEmpty()) {
+ Logger.info("TrustProfile " + id + " allows " + Arrays.toString(this.countries.toArray())
+ + " TSL countries");
+ } else {
+ Logger.info("TrustProfile " + id + " allows " + "ALL" + " TSL countries");
+ }
+
+ setAllowedTspStatus(allowedTspStatus);
+ Logger.info("TrustProfile " + id + " allows " + Arrays.toString(this.allowedTspStatus.toArray())
+ + " TSP status identifier");
+
+ setAllowedTspServiceTypes(allowedTspServiceTypes);
+ Logger.info("TrustProfile " + id + " allows " + Arrays.toString(this.allowedTspServiceTypes.toArray())
+ + " TSL service-type identifier");
+
+ }
}
private void setCountries(String countries) {
- if (MiscUtil.isNotEmpty(countries)) {
- String[] ccArray = countries.split(",");
- for (String el : ccArray)
- this.countries.add(el.trim());
-
- }
+ if (MiscUtil.isNotEmpty(countries)) {
+ final String[] ccArray = countries.split(",");
+ for (final String el : ccArray) {
+ this.countries.add(el.trim());
+ }
+
+ }
}
-
+
private void setAllowedTspStatus(String allowedTspStatus) {
- if (MiscUtil.isNotEmpty(allowedTspStatus)) {
- String[] ccArray = allowedTspStatus.split(",");
- for (String el : ccArray) {
- try {
- this.allowedTspStatus.add(new URI(el.trim()));
-
- } catch (URISyntaxException e) {
- Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Status identifier (" + el + ")");
-
- }
-
- }
-
- } else {
- Logger.debug("Use default set of TSP Status identifier");
- this.allowedTspStatus.addAll(
- Arrays.asList(
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.granted),
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.recognisedatnationallevel),
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.accredited),
- TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.undersupervision)));
-
- }
-
+ if (MiscUtil.isNotEmpty(allowedTspStatus)) {
+ final String[] ccArray = allowedTspStatus.split(",");
+ for (final String el : ccArray) {
+ try {
+ this.allowedTspStatus.add(new URI(el.trim()));
+
+ } catch (final URISyntaxException e) {
+ Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Status identifier (" + el
+ + ")");
+
+ }
+
+ }
+
+ } else {
+ Logger.debug("Use default set of TSP Status identifier");
+ this.allowedTspStatus.addAll(
+ Arrays.asList(
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.granted),
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(
+ TslConstants.SERVICE_STATUS_SHORT.recognisedatnationallevel),
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.accredited),
+ TslConstants.SERVICE_STATUS_SORT_TO_URI.get(
+ TslConstants.SERVICE_STATUS_SHORT.undersupervision)));
+
+ }
+
}
-
+
private void setAllowedTspServiceTypes(String allowedTspServiceTypes) {
- if (MiscUtil.isNotEmpty(allowedTspServiceTypes)) {
- String[] ccArray = allowedTspServiceTypes.split(",");
- for (String el : ccArray) {
- try {
- this.allowedTspServiceTypes.add(Pattern.compile(el.trim()));
-
- } catch (PatternSyntaxException e) {
- Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Service-Type identifier Regex pattern(" + el + ")");
-
- }
-
- }
-
- } else {
- Logger.debug("Use default set of TSP Service-Type identifier");
- this.allowedTspServiceTypes.addAll(
- Arrays.asList(
- Pattern.compile(TslConstants.DEFAULT_REGEX_PATTERN_ALLOW_ALL)));
-
- }
-
+ if (MiscUtil.isNotEmpty(allowedTspServiceTypes)) {
+ final String[] ccArray = allowedTspServiceTypes.split(",");
+ for (final String el : ccArray) {
+ try {
+ this.allowedTspServiceTypes.add(Pattern.compile(el.trim()));
+
+ } catch (final PatternSyntaxException e) {
+ Logger.warn("TrustProfile: " + this.id
+ + " contains a non-valid TSP Service-Type identifier Regex pattern(" + el + ")");
+
+ }
+
+ }
+
+ } else {
+ Logger.debug("Use default set of TSP Service-Type identifier");
+ this.allowedTspServiceTypes.addAll(
+ Arrays.asList(
+ Pattern.compile(TslConstants.DEFAULT_REGEX_PATTERN_ALLOW_ALL)));
+
+ }
+
}
-
+
/**
* Return the ID of this TrustProfile.
- *
+ *
* @return The TrustProfile ID.
*/
public String getId() {
@@ -166,49 +175,51 @@ public class TrustProfile {
/**
* Return the URI of this TrustProfile.
- *
+ *
* @return The URI of TrustProfile.
*/
public String getUri() {
return uri;
}
-
/**
- * Return the URI giving the location of the allowed signer certificates
- * of this TrustProfile.
- *
+ * Return the URI giving the location of the allowed signer certificates of this
+ * TrustProfile.
+ *
* @return The URI of TrustProfile.
*/
public String getSignerCertsUri() {
return signerCertsUri;
}
+
/**
* Returns if Trustprofile is TSL enabled
+ *
* @return
*/
public boolean isTSLEnabled() {
- return tslEnabled;
+ return tslEnabled;
}
+
/**
* Returns the given countries
+ *
* @return Given countries
*/
public List getCountries() {
- if (!tslEnabled)
- return null;
- else
- return countries;
+ if (!tslEnabled) {
+ return null;
+ } else {
+ return countries;
+ }
}
public List getAllowedTspStatus() {
- return allowedTspStatus;
+ return allowedTspStatus;
}
public List getAllowedTspServiceTypes() {
- return allowedTspServiceTypes;
+ return allowedTspServiceTypes;
}
-
-
-
+
}
--
cgit v1.2.3