From b0980a0e0fc69ff9f1faff0153e1bd0c5ccc3b98 Mon Sep 17 00:00:00 2001 From: tlenz Date: Wed, 1 Mar 2017 13:35:23 +0100 Subject: fix possible nullpointer exception if trustprofile needs TSL support but the TSL client is not initialized --- .../egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java index b776255..f79cf7a 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -31,6 +31,7 @@ import iaik.pki.store.truststore.TrustStoreTypes; import java.util.Arrays; +import at.gv.egovernment.moa.sig.tsl.api.ITslService; import at.gv.egovernment.moa.sig.tsl.exception.TslPKIException; import at.gv.egovernment.moa.sig.tsl.pki.TslTrustStoreProfile; import at.gv.egovernment.moa.sig.tsl.pki.chaining.ChainingTrustStoreProfile; @@ -95,9 +96,16 @@ public class PKIProfileImpl implements PKIProfile { if (tp.isTSLEnabled()) { - //build TSL truststore if enabled TslTrustStoreProfile tslTrustStore; try { + if (!TSLServiceFactory.isInitialized()) { + Logger.error("Can not build TrustProfile:" + trustProfileId + + " Reason: TrustProfile needs TSL support but TSL client NOT initialized."); + throw new TslPKIException("Trust Status-List service client is NOT initialized"); + + } + + //build TSL truststore if enabled tslTrustStore = TSLServiceFactory.getTSLServiceClient(). buildTrustStoreProfile( tp.getCountries(), -- cgit v1.2.3 From 7eb7953e6930e8e7751a1c4db77335224e85bdeb Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 2 Mar 2017 12:34:08 +0100 Subject: add log message in CertStoreConfigurationImpl --- .../moa/spss/server/iaik/config/CertStoreConfigurationImpl.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java index 1aa5f6a..43483a0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java @@ -81,8 +81,11 @@ public class CertStoreConfigurationImpl extends AbstractObservableConfiguration parameters = new CertStoreParameters[] { dirParameters }; } - } else + } else { + logger.info("Trust-Status List support is not active. Use only Directory based CertStore."); parameters = new CertStoreParameters[] { dirParameters }; + + } } -- cgit v1.2.3 From 7b12b9c698c20b34faa72be882d5f3fb87114483 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 8 Sep 2017 14:27:07 +0200 Subject: add PAdES flag and update IAIK libs --- .../server/iaik/cmssign/CMSSignatureCreationProfileImpl.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java index 2dc047a..a465049 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java @@ -61,6 +61,7 @@ public class CMSSignatureCreationProfileImpl private boolean includeData; /** Digest Method algorithm */ private String digestMethod; + private boolean isPAdESConform; /** @@ -77,13 +78,15 @@ public class CMSSignatureCreationProfileImpl List signedProperties, boolean securityLayerConform, boolean includeData, - String mimeType) { + String mimeType, + boolean isPAdESConform) { this.keySet = keySet; this.signedProperties = signedProperties; this.securityLayerConform = securityLayerConform; this.includeData = includeData; this.mimeType = mimeType; this.digestMethod = digestMethod; + this.isPAdESConform = isPAdESConform; } @@ -246,4 +249,10 @@ public class CMSSignatureCreationProfileImpl return this.includeData; } + +@Override +public boolean isPAdESConform() { + return this.isPAdESConform; +} + } -- cgit v1.2.3 From 0bcaff326d60df0d5549ef13a9d4bb7d9195b833 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 27 Jul 2018 10:49:33 +0200 Subject: add configFlag to support autoAddEECertificates --- .../egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java index f79cf7a..97eb6ef 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -212,11 +212,14 @@ public class PKIProfileImpl implements PKIProfile { @Override public int autoAddCertificates() { if(config.getAutoAddCertificates()) { - return PKIProfile.AUTO_ADD_EE_DISABLE; - } else { + if (config.getAutoAddEECertificates()) + return PKIProfile.AUTO_ADD_ENABLE; + else + return PKIProfile.AUTO_ADD_EE_DISABLE; + + } else return PKIProfile.AUTO_ADD_DISABLE; - } - // TODO AFITZEK allow saving of end entity certificates + } @Override -- cgit v1.2.3 From d5d284863d70d7bfcd3ccb091b26b4f2454e3203 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 21 Aug 2020 10:43:38 +0200 Subject: Update internal- and third-party libs --- .../gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java | 3 +++ 1 file changed, 3 insertions(+) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java index 44600db..00ea64d 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -26,6 +26,7 @@ package at.gv.egovernment.moa.spss.server.iaik.config; import iaik.cms.IaikCCProvider; import iaik.esi.sva.Configuration; +import iaik.logging.LogFactory; import iaik.pki.store.revocation.RevocationFactory; import iaik.pki.store.revocation.RevocationSourceStore; import iaik.pki.store.truststore.TrustStoreFactory; @@ -88,6 +89,8 @@ public class IaikConfigurator { //SecProviderUtils.dumpSecProviders("Starting configuration"); + LogFactory.configure(configData.getLoggerConfig()); + try { iaik.pki.Configurator.initCommon(configData.getLoggerConfig(), transId); -- cgit v1.2.3 From eb37b2c969c85ca966f0a0ad1d8b9941647a7f6a Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 22 Mar 2021 14:29:16 +0100 Subject: update error-logging on start-up --- .../spss/server/iaik/config/IaikConfigurator.java | 28 ++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java index 00ea64d..1a41499 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -37,6 +37,9 @@ import iaik.server.modules.keys.KeyEntryID; import iaik.server.modules.keys.KeyModule; import iaik.server.modules.keys.KeyModuleFactory; +import java.io.PrintStream; +import java.io.PrintWriter; +import java.io.StringWriter; import java.security.Provider; import java.security.Security; import java.util.ArrayList; @@ -45,10 +48,13 @@ import java.util.List; import java.util.Map; import java.util.Set; +import org.slf4j.LoggerFactory; + import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.KeyGroup; import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.logging.TransactionId; import at.gv.egovernment.moa.spss.util.CertStoreConverter; import at.gv.egovernment.moa.spss.util.MessageProvider; @@ -64,6 +70,8 @@ import at.gv.egovernment.moaspss.logging.Logger; */ public class IaikConfigurator { + private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class); + /** The warnings encountered during configuration. */ private List warnings = new ArrayList(); @@ -116,13 +124,25 @@ public class IaikConfigurator { return configData; } catch (iaik.server.ConfigurationException e) { - throw new ConfigurationException("config.08", null, e); - } catch (Throwable t) { - throw new ConfigurationException("config.08", null, t); + logException(e); + throw new ConfigurationException("config.08", null, e); + + } catch (Throwable t) { + logException(t); + throw new ConfigurationException("config.08", null, t); + } } - /** + private void logException(Throwable e) { + StringWriter out = new StringWriter(); + PrintWriter writer = new PrintWriter(out); + e.printStackTrace(writer); + logger.error("IAIK_Module error: {}",out.toString()); + + } + +/** * Return the warnings encountered during configuration. * * @return The warnings. -- cgit v1.2.3 From 578ad0d6bc408edf9e6c875156054374f5fd8337 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 22 Mar 2021 18:40:26 +0100 Subject: change to EGIZ codestyle --- .../cmssign/CMSSignatureCreationProfileImpl.java | 288 ++++++++-------- .../CMSSignatureVerificationProfileImpl.java | 46 +-- .../PDFSignatureVerificationProfileImpl.java | 2 +- .../config/AbstractKeyModuleConfigurationImpl.java | 16 +- .../config/AbstractObservableConfiguration.java | 12 +- .../iaik/config/ArchiveConfigurationImpl.java | 87 +++-- .../moa/spss/server/iaik/config/CRLRetriever.java | 104 +++--- .../iaik/config/CertStoreConfigurationImpl.java | 92 +++--- .../server/iaik/config/ConfigurationDataImpl.java | 64 ++-- .../iaik/config/DataBaseArchiveParameterImpl.java | 8 +- .../config/DirectoryCertStoreParametersImpl.java | 49 +-- .../HardwareCryptoModuleConfigurationImpl.java | 25 +- .../config/HardwareKeyModuleConfigurationImpl.java | 21 +- .../spss/server/iaik/config/IaikConfigurator.java | 185 +++++------ .../spss/server/iaik/config/LoggerConfigImpl.java | 12 +- .../server/iaik/config/PKIConfigurationImpl.java | 131 ++++---- .../iaik/config/RevocationConfigurationImpl.java | 143 ++++---- .../config/SoftwareKeyModuleConfigurationImpl.java | 32 +- .../iaik/config/ValidationConfigurationImpl.java | 22 +- .../moa/spss/server/iaik/pki/PKIProfileImpl.java | 361 ++++++++++----------- .../pki/pathvalidation/ValidationProfileImpl.java | 47 +-- .../iaik/pki/revocation/RevocationProfileImpl.java | 33 +- .../store/truststore/TrustStoreProfileImpl.java | 93 +++--- .../server/iaik/xml/Base64TransformationImpl.java | 29 +- .../server/iaik/xml/ByteArrayDataObjectImpl.java | 27 +- .../server/iaik/xml/ByteStreamDataObjectImpl.java | 18 +- .../spss/server/iaik/xml/CanonicalizationImpl.java | 27 +- .../moa/spss/server/iaik/xml/DataObjectImpl.java | 25 +- .../xml/EnvelopedSignatureTransformationImpl.java | 22 +- .../iaik/xml/ExclusiveCanonicalizationImpl.java | 53 +-- .../moa/spss/server/iaik/xml/SigningTimeImpl.java | 12 +- .../spss/server/iaik/xml/TransformationImpl.java | 15 +- .../spss/server/iaik/xml/XMLDataObjectImpl.java | 21 +- .../server/iaik/xml/XMLNodeListDataObjectImpl.java | 14 +- .../moa/spss/server/iaik/xml/XMLSignatureImpl.java | 14 +- .../moa/spss/server/iaik/xml/XPath2FilterImpl.java | 45 +-- .../server/iaik/xml/XPath2TransformationImpl.java | 31 +- .../server/iaik/xml/XPathTransformationImpl.java | 43 +-- .../server/iaik/xml/XSLTTransformationImpl.java | 350 ++++++++++---------- .../iaik/xmlsign/DataObjectTreatmentImpl.java | 51 +-- .../xmlsign/XMLSignatureCreationProfileImpl.java | 320 +++++++++--------- .../xmlsign/XMLSignatureInsertionLocationImpl.java | 18 +- .../XMLSignatureVerificationProfileImpl.java | 57 ++-- 43 files changed, 1545 insertions(+), 1520 deletions(-) (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik') diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java index a465049..d660c7a 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java @@ -21,17 +21,8 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.cmssign; -import iaik.server.modules.algorithms.SignatureAlgorithms; -import iaik.server.modules.cmssign.CMSSignatureCreationProfile; -import iaik.server.modules.keys.AlgorithmUnavailableException; -import iaik.server.modules.keys.KeyEntryID; -import iaik.server.modules.keys.KeyModule; -import iaik.server.modules.keys.KeyModuleFactory; -import iaik.server.modules.keys.UnknownKeyException; - import java.util.List; import java.util.Set; @@ -39,61 +30,71 @@ import at.gv.egovernment.moa.spss.server.logging.TransactionId; import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; import at.gv.egovernment.moaspss.logging.Logger; +import iaik.server.modules.algorithms.SignatureAlgorithms; +import iaik.server.modules.cmssign.CMSSignatureCreationProfile; +import iaik.server.modules.keys.AlgorithmUnavailableException; +import iaik.server.modules.keys.KeyEntryID; +import iaik.server.modules.keys.KeyModule; +import iaik.server.modules.keys.KeyModuleFactory; +import iaik.server.modules.keys.UnknownKeyException; /** * An object providing auxiliary information for creating a CMS signature. - * + * * @author Patrick Peck * @version $Id$ */ public class CMSSignatureCreationProfileImpl - implements CMSSignatureCreationProfile { + implements CMSSignatureCreationProfile { /** The set of keys available to the signing process. */ private Set keySet; - /** The MIME type of the data to be signed*/ - private String mimeType; - /** Whether the created signature is to be Security Layer conform. */ + /** The MIME type of the data to be signed */ + private final String mimeType; + /** Whether the created signature is to be Security Layer conform. */ private boolean securityLayerConform; - /** Properties to be signed during signature creation. */ - private List signedProperties; - /** Specifies whether the content data shall be included in the CMS SignedData or shall be not included. */ - private boolean includeData; - /** Digest Method algorithm */ + /** Properties to be signed during signature creation. */ + private final List signedProperties; + /** + * Specifies whether the content data shall be included in the CMS SignedData or + * shall be not included. + */ + private final boolean includeData; + /** Digest Method algorithm */ private String digestMethod; - private boolean isPAdESConform; - - + private final boolean isPAdESConform; + /** * Create a new XMLSignatureCreationProfileImpl. - * - * @param createProfileCount Provides external information about the - * number of calls to the signature creation module, using the same request. - * @param reservedIDs The set of IDs that must not be used while generating - * new IDs. + * + * @param createProfileCount Provides external information about the number of + * calls to the signature creation module, using the + * same request. + * @param reservedIDs The set of IDs that must not be used while + * generating new IDs. */ public CMSSignatureCreationProfileImpl( - Set keySet, - String digestMethod, - List signedProperties, - boolean securityLayerConform, - boolean includeData, - String mimeType, - boolean isPAdESConform) { - this.keySet = keySet; - this.signedProperties = signedProperties; - this.securityLayerConform = securityLayerConform; - this.includeData = includeData; - this.mimeType = mimeType; - this.digestMethod = digestMethod; - this.isPAdESConform = isPAdESConform; + Set keySet, + String digestMethod, + List signedProperties, + boolean securityLayerConform, + boolean includeData, + String mimeType, + boolean isPAdESConform) { + this.keySet = keySet; + this.signedProperties = signedProperties; + this.securityLayerConform = securityLayerConform; + this.includeData = includeData; + this.mimeType = mimeType; + this.digestMethod = digestMethod; + this.isPAdESConform = isPAdESConform; } - /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet() */ + @Override public Set getKeySet() { return keySet; } @@ -101,119 +102,116 @@ public class CMSSignatureCreationProfileImpl /** * Set the set of KeyEntryIDs which may be used for signature * creation. - * + * * @param keySet The set of KeyEntryIDs to set. */ public void setKeySet(Set keySet) { this.keySet = keySet; } - /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID) */ + @Override public String getSignatureAlgorithmName(KeyEntryID selectedKeyID) - throws AlgorithmUnavailableException { + throws AlgorithmUnavailableException { - - TransactionContext context = - TransactionContextManager.getInstance().getTransactionContext(); - TransactionId tid = new TransactionId(context.getTransactionID()); - KeyModule module = KeyModuleFactory.getInstance(tid); + final TransactionContext context = + TransactionContextManager.getInstance().getTransactionContext(); + final TransactionId tid = new TransactionId(context.getTransactionID()); + final KeyModule module = KeyModuleFactory.getInstance(tid); Set algorithms; try { algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID); - } catch (UnknownKeyException e) { + } catch (final UnknownKeyException e) { throw new AlgorithmUnavailableException( - "Unknown key entry: " + selectedKeyID, - e, - null); + "Unknown key entry: " + selectedKeyID, + e, + null); } - - if (digestMethod.compareTo("SHA-1") == 0) { - Logger.warn("SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)"); - - if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) { - return SignatureAlgorithms.SHA1_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { - return SignatureAlgorithms.ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - - } else if (digestMethod.compareTo("SHA-256") == 0) { - if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { - return SignatureAlgorithms.SHA256_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) { - return SignatureAlgorithms.SHA256_WITH_ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - } else if (digestMethod.compareTo("SHA-384") == 0) { - if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) { - return SignatureAlgorithms.SHA384_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) { - return SignatureAlgorithms.SHA384_WITH_ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - } else if (digestMethod.compareTo("SHA-512") == 0) { - if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) { - return SignatureAlgorithms.SHA512_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) { - return SignatureAlgorithms.SHA512_WITH_ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - } - else { - throw new AlgorithmUnavailableException( - "No signature algorithm found for digest algorithm '" + digestMethod, - null, - null); - } - - } + if (digestMethod.compareTo("SHA-1") == 0) { + Logger.warn( + "SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)"); + + if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) { + return SignatureAlgorithms.SHA1_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { + return SignatureAlgorithms.ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + + } else if (digestMethod.compareTo("SHA-256") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { + return SignatureAlgorithms.SHA256_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) { + return SignatureAlgorithms.SHA256_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethod.compareTo("SHA-384") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) { + return SignatureAlgorithms.SHA384_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) { + return SignatureAlgorithms.SHA384_WITH_ECDSA; + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethod.compareTo("SHA-512") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) { + return SignatureAlgorithms.SHA512_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) { + return SignatureAlgorithms.SHA512_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else { + throw new AlgorithmUnavailableException( + "No signature algorithm found for digest algorithm '" + digestMethod, + null, + null); + } + + } - /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties() */ + @Override public List getSignedProperties() { return signedProperties; } @@ -221,38 +219,38 @@ public class CMSSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform() */ + @Override public boolean isSecurityLayerConform() { return securityLayerConform; } /** * Sets the security layer conformity. - * - * @param securityLayerConform true, if the created signature - * is to be conform to the Security Layer specification. + * + * @param securityLayerConform true, if the created signature is to + * be conform to the Security Layer specification. */ public void setSecurityLayerConform(boolean securityLayerConform) { this.securityLayerConform = securityLayerConform; } - public void setDigestMethod(String digestMethod) { - this.digestMethod = digestMethod; + this.digestMethod = digestMethod; } - + @Override public String getMimeType() { - return mimeType; + return mimeType; } + @Override public boolean includeData() { - return this.includeData; + return this.includeData; } - -@Override -public boolean isPAdESConform() { - return this.isPAdESConform; -} + @Override + public boolean isPAdESConform() { + return this.isPAdESConform; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java index ab807ae..2247090 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java @@ -24,40 +24,42 @@ package at.gv.egovernment.moa.spss.server.iaik.cmsverify; import iaik.pki.PKIProfile; +import iaik.server.modules.SignatureVerificationProfile; import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile; /** * An implementation of the CMSSignatureVerificationProfile * interface. - * + * * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile * @author Patrick Peck * @version $Id$ */ public class CMSSignatureVerificationProfileImpl implements CMSSignatureVerificationProfile { - /** The profile for validating the certificate. */ - private PKIProfile certificateValidationProfile; + /** The profile for validating the certificate. */ + private PKIProfile certificateValidationProfile; - /** - * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile() - */ - public PKIProfile getCertificateValidationProfile() { - return certificateValidationProfile; - } + /** + * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile() + */ + @Override + public PKIProfile getCertificateValidationProfile() { + return certificateValidationProfile; + } - /** - * Sets the profile for validating the signer certificate. - * - * @param certificateValidationProfile - * The certificate validation profile to set. - */ - public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) { - this.certificateValidationProfile = certificateValidationProfile; - } + /** + * Sets the profile for validating the signer certificate. + * + * @param certificateValidationProfile The certificate validation profile to + * set. + */ + public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) { + this.certificateValidationProfile = certificateValidationProfile; + } - @Override - public String getTargetLevel() { - return CMSSignatureVerificationProfile.LEVEL_LTA; - } + @Override + public String getTargetLevel() { + return SignatureVerificationProfile.LEVEL_LTA; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java index 785c85b..18a9f9c 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java @@ -3,6 +3,6 @@ package at.gv.egovernment.moa.spss.server.iaik.cmsverify; import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile; public class PDFSignatureVerificationProfileImpl extends CMSSignatureVerificationProfileImpl - implements PDFSignatureVerificationProfile { + implements PDFSignatureVerificationProfile { } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java index 90e6793..1cd4b64 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import iaik.server.modules.keys.KeyModuleConfiguration; @@ -29,22 +28,22 @@ import iaik.server.modules.keys.KeyModuleConfiguration; /** * Base implementation class for the KeyModuleConfiguration * interface and the interfaces derived from it. - * + * * @see iaik.server.modules.keys.KeyModuleConfiguration * @author Patrick Peck * @version $Id$ */ public abstract class AbstractKeyModuleConfigurationImpl - implements KeyModuleConfiguration { + implements KeyModuleConfiguration { + + /** The module ID. */ + private final String moduleID; - /** The module ID. */ - private String moduleID; - /** * Creata new AbstractKeyModuleConfigurationImpl. - * + * * @param moduleID The key module ID of this - * KeyModuleConfiguration. + * KeyModuleConfiguration. */ public AbstractKeyModuleConfigurationImpl(String moduleID) { this.moduleID = moduleID; @@ -53,6 +52,7 @@ public abstract class AbstractKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.KeyModuleConfiguration#getModuleID() */ + @Override public String getModuleID() { return moduleID; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java index e2d828b..a9dfe2d 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import java.util.ArrayList; @@ -34,18 +33,19 @@ import iaik.pki.store.observer.Observer; /** * A base class for observable configuration data. - * + * * @author Patrick Peck * @version $Id$ */ public abstract class AbstractObservableConfiguration implements Observable { /** The observers registered with this Observable. */ - private List observers = new ArrayList(); + private final List observers = new ArrayList(); /** * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer) */ + @Override public void addObserver(Observer observer) { observers.add(observer); } @@ -53,6 +53,7 @@ public abstract class AbstractObservableConfiguration implements Observable { /** * @see iaik.pki.store.observer.Observable#removeObserver(iaik.pki.store.observer.Observer) */ + @Override public boolean removeObserver(Observer observer) { return observers.remove(observer); } @@ -60,13 +61,14 @@ public abstract class AbstractObservableConfiguration implements Observable { /** * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData) */ + @Override public void notify(NotificationData data) { Iterator iter = observers.iterator(); for (iter = observers.iterator(); iter.hasNext();) { - Observer observer = (Observer) iter.next(); + final Observer observer = (Observer) iter.next(); observer.notify(data); } } - + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java index 4a300a2..ff9927b 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java @@ -21,76 +21,68 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; -import iaik.pki.store.revocation.archive.ArchiveConfiguration; -import iaik.pki.store.revocation.archive.ArchiveParameters; -import iaik.pki.store.revocation.archive.ArchiveTypes; - import java.sql.Driver; import java.sql.DriverManager; import java.util.Enumeration; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import iaik.pki.store.revocation.archive.ArchiveConfiguration; +import iaik.pki.store.revocation.archive.ArchiveParameters; +import iaik.pki.store.revocation.archive.ArchiveTypes; /** - * An implementation of the ArchiveConfiguration interface - * using configuration data provided by the MOA configuration file. - * + * An implementation of the ArchiveConfiguration interface using + * configuration data provided by the MOA configuration file. + * * @see iaik.pki.store.revocation.archive.ArchiveConfiguration * @author Patrick Peck * @version $Id$ */ public class ArchiveConfigurationImpl - extends AbstractObservableConfiguration - implements ArchiveConfiguration { - + extends AbstractObservableConfiguration + implements ArchiveConfiguration { + /** The configuration parameters of the archive. */ - private ArchiveParameters archiveParameters; + private final ArchiveParameters archiveParameters; /** * Create a new ArchiveConfigurationImpl. - * - * @param config The MOA configuration from which the configuration data is being read. + * + * @param config The MOA configuration from which the configuration data is + * being read. */ - public ArchiveConfigurationImpl(ConfigurationProvider config) - { - String jdbcUrl = config.getRevocationArchiveJDBCURL(); + public ArchiveConfigurationImpl(ConfigurationProvider config) { + final String jdbcUrl = config.getRevocationArchiveJDBCURL(); this.archiveParameters = new DataBaseArchiveParameterImpl(jdbcUrl); - - // Register JDBC driver class - if (jdbcUrl != null) - { - String jdbcDriverClass = config.getRevocationArchiveJDBCDriverClass(); - try - { + + // Register JDBC driver class + if (jdbcUrl != null) { + final String jdbcDriverClass = config.getRevocationArchiveJDBCDriverClass(); + try { Class.forName(jdbcDriverClass); - } - catch (ClassNotFoundException e) - { + } catch (final ClassNotFoundException e) { // TODO 20030709 GK Improve exception handling - throw new RuntimeException("JDBC driver class \"" + jdbcDriverClass + " could not be found."); + throw new RuntimeException("JDBC driver class \"" + jdbcDriverClass + " could not be found."); } - - Enumeration regDrivers = DriverManager.getDrivers(); + + final Enumeration regDrivers = DriverManager.getDrivers(); boolean isRegistered = false; - while (regDrivers.hasMoreElements()) - { - Object currentDriver = regDrivers.nextElement(); - if (jdbcDriverClass.equals(currentDriver.getClass().getName())) isRegistered = true; - } - if (!isRegistered) - { - // Workaround for a driver which does not register itselve at invocation of Class.forName(drvname) - try - { - DriverManager.registerDriver((Driver)Class.forName(jdbcDriverClass).newInstance()); + while (regDrivers.hasMoreElements()) { + final Object currentDriver = regDrivers.nextElement(); + if (jdbcDriverClass.equals(currentDriver.getClass().getName())) { + isRegistered = true; } - catch (Exception e) - { + } + if (!isRegistered) { + // Workaround for a driver which does not register itselve at invocation of + // Class.forName(drvname) + try { + DriverManager.registerDriver((Driver) Class.forName(jdbcDriverClass).newInstance()); + } catch (final Exception e) { // TODO 20030709 GK Improve exception handling - throw new RuntimeException("Registering JDBC driver \"" + jdbcDriverClass + " failed."); + throw new RuntimeException("Registering JDBC driver \"" + jdbcDriverClass + " failed."); } } } @@ -98,11 +90,13 @@ public class ArchiveConfigurationImpl /** * Return the type of archive. - * + * * This will always return ArchiveTypes.DATABASE. + * * @return ArchiveTypes.DATABASE. * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getType() */ + @Override public String getType() { return ArchiveTypes.DATABASE; } @@ -110,10 +104,11 @@ public class ArchiveConfigurationImpl /** * Return the ArchiveParameters describing this * ArchiveConfiguration. - * + * * @return The archive parameters. * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getArchiveParameters() */ + @Override public ArchiveParameters getArchiveParameters() { return archiveParameters; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java index d752a63..d1b776b 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java @@ -23,13 +23,6 @@ package at.gv.egovernment.moa.spss.server.iaik.config; -import iaik.logging.TransactionId; -import iaik.pki.revocation.RevocationSourceTypes; -import iaik.pki.store.revocation.RevocationInfoRetriever; -import iaik.pki.store.revocation.RevocationSource; -import iaik.pki.store.revocation.RevocationStoreException; -import iaik.pki.ldap.Handler; - import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; @@ -39,6 +32,12 @@ import java.util.Collection; import java.util.Date; import at.gv.egovernment.moaspss.logging.Logger; +import iaik.logging.TransactionId; +import iaik.pki.ldap.Handler; +import iaik.pki.revocation.RevocationSourceTypes; +import iaik.pki.store.revocation.RevocationInfoRetriever; +import iaik.pki.store.revocation.RevocationSource; +import iaik.pki.store.revocation.RevocationStoreException; /** * A customized implementation of @@ -47,55 +46,56 @@ import at.gv.egovernment.moaspss.logging.Logger; * {@link iaik.pki.store.revocation.CRLRetriever} to overcome a classloader * problem in connection with the {@link java.net.URL} class in a Tomcat * deployment environment. - * + * * @author Gregor Karlinger * @version $$ */ public class CRLRetriever implements RevocationInfoRetriever { - - private int connectTimeout = 5; - private int readTimeout = 5; - - - public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid) - throws RevocationStoreException { - if (source == null) { - throw new NullPointerException("RevocationSource parameter mustn't be null."); - } - Logger.info("Downloading crl from " + source.getUri()); - if (!source.getType().equals(RevocationSourceTypes.CRL)) { - throw new RevocationStoreException(source.getType() + " not supported", null, getClass().getName() + ":1"); - } - try { - URL crlUrl; - try { - crlUrl = new URL(source.getUri()); - } catch (MalformedURLException e) { - // Workaround for classloader problem with deployment in Tomcat - // 4.1 - URLStreamHandler handler = new Handler(); - crlUrl = new URL(null, source.getUri(), handler); - } - URLConnection con = crlUrl.openConnection(); - con.setConnectTimeout(connectTimeout); - con.setReadTimeout(readTimeout); - InputStream crlInputStream = con.getInputStream(); - source.readFrom(crlInputStream, tid); - source.setDownloadTime(new Date()); - crlInputStream.close(); - } catch (Exception iox) { - Logger.warn("Cannot retrieve crl", iox); - throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1"); - } - } - @Override - public void setConnectTimeout(int arg0) { - this.connectTimeout = arg0; - } + private int connectTimeout = 5; + private int readTimeout = 5; + + @Override + public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid) + throws RevocationStoreException { + if (source == null) { + throw new NullPointerException("RevocationSource parameter mustn't be null."); + } + Logger.info("Downloading crl from " + source.getUri()); + if (!source.getType().equals(RevocationSourceTypes.CRL)) { + throw new RevocationStoreException(source.getType() + " not supported", null, getClass().getName() + + ":1"); + } + try { + URL crlUrl; + try { + crlUrl = new URL(source.getUri()); + } catch (final MalformedURLException e) { + // Workaround for classloader problem with deployment in Tomcat + // 4.1 + final URLStreamHandler handler = new Handler(); + crlUrl = new URL(null, source.getUri(), handler); + } + final URLConnection con = crlUrl.openConnection(); + con.setConnectTimeout(connectTimeout); + con.setReadTimeout(readTimeout); + final InputStream crlInputStream = con.getInputStream(); + source.readFrom(crlInputStream, tid); + source.setDownloadTime(new Date()); + crlInputStream.close(); + } catch (final Exception iox) { + Logger.warn("Cannot retrieve crl", iox); + throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1"); + } + } + + @Override + public void setConnectTimeout(int arg0) { + this.connectTimeout = arg0; + } - @Override - public void setReadTimeout(int arg0) { - this.readTimeout = arg0; - } + @Override + public void setReadTimeout(int arg0) { + this.readTimeout = arg0; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java index 43483a0..052a3c5 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java @@ -23,77 +23,71 @@ package at.gv.egovernment.moa.spss.server.iaik.config; -import java.io.File; -import java.io.IOException; - -import org.apache.commons.io.FileUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egovernment.moa.sig.tsl.exception.TslException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; -import at.gv.egovernment.moa.spss.server.logging.IaikLog; -import at.gv.egovernment.moa.spss.server.logging.TransactionId; import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; -import iaik.logging.Log; import iaik.pki.store.certstore.CertStoreConfiguration; import iaik.pki.store.certstore.CertStoreParameters; import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; -import iaik.pki.store.certstore.directory.DirectoryStoreException; -import iaik.pki.store.certstore.utils.DirectoryCertStoreConverter; /** * An implementation of the CertStoreConfiguration interface based * on MOA configuration data. - * + * * @see iaik.pki.store.certstore.CertStoreConfiguration * @author Patrick Peck * @version $Id$ */ -public class CertStoreConfigurationImpl extends AbstractObservableConfiguration implements CertStoreConfiguration { +public class CertStoreConfigurationImpl extends AbstractObservableConfiguration implements + CertStoreConfiguration { + + private static final Logger logger = LoggerFactory.getLogger(CertStoreConfigurationImpl.class); + + /** The configuration parameters of the CertStore. */ + private CertStoreParameters[] parameters; + + /** + * Create a new CertStoreConfigurationImpl. + * + * @param config The MOA configuration from which the configuration data is + * being read. + */ + public CertStoreConfigurationImpl(ConfigurationProvider config) { + final String certStoreRoot = config.getCertStoreLocation(); + + final DirectoryCertStoreParameters dirParameters = new DirectoryCertStoreParametersImpl( + "MOA Directory CertStore", + certStoreRoot, true, false); - private static final Logger logger = LoggerFactory.getLogger(CertStoreConfigurationImpl.class); + if (TSLServiceFactory.isInitialized()) { + try { + final CertStoreParameters tslCertStore = TSLServiceFactory.getTSLServiceClient() + .getCertStoreWithTSLCertificates(); + parameters = new CertStoreParameters[] { dirParameters, tslCertStore }; - /** The configuration parameters of the CertStore. */ - private CertStoreParameters[] parameters; + } catch (final TslException e) { + logger.warn("TSL based CertStore initialisation FAILED.", e); + logger.warn("Only Directory based CertStore is used ... "); + parameters = new CertStoreParameters[] { dirParameters }; + } - /** - * Create a new CertStoreConfigurationImpl. - * - * @param config - * The MOA configuration from which the configuration data is - * being read. - */ - public CertStoreConfigurationImpl(ConfigurationProvider config) { - String certStoreRoot = config.getCertStoreLocation(); + } else { + logger.info("Trust-Status List support is not active. Use only Directory based CertStore."); + parameters = new CertStoreParameters[] { dirParameters }; - DirectoryCertStoreParameters dirParameters = new DirectoryCertStoreParametersImpl("MOA Directory CertStore", - certStoreRoot, true, false); + } - if (TSLServiceFactory.isInitialized()) { - try { - CertStoreParameters tslCertStore = TSLServiceFactory.getTSLServiceClient().getCertStoreWithTSLCertificates(); - parameters = new CertStoreParameters[] { dirParameters, tslCertStore}; - - } catch (TslException e) { - logger.warn("TSL based CertStore initialisation FAILED.", e); - logger.warn("Only Directory based CertStore is used ... "); - parameters = new CertStoreParameters[] { dirParameters }; - } - - } else { - logger.info("Trust-Status List support is not active. Use only Directory based CertStore."); - parameters = new CertStoreParameters[] { dirParameters }; - - } - - } + } - /** - * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters() - */ - public CertStoreParameters[] getParameters() { - return parameters; - } + /** + * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters() + */ + @Override + public CertStoreParameters[] getParameters() { + return parameters; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java index dff78d6..891f078 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java @@ -21,43 +21,41 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import java.util.ArrayList; import java.util.Iterator; import java.util.List; -import iaik.logging.LoggerConfig; -import iaik.pki.PKIConfiguration; -import iaik.server.ConfigurationData; - +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; +import iaik.logging.LoggerConfig; +import iaik.pki.PKIConfiguration; +import iaik.server.ConfigurationData; /** - * An implementation of the ConfigurationData interface using - * MOA configuration data. - * + * An implementation of the ConfigurationData interface using MOA + * configuration data. + * * @see iaik.server.ConfigurationData * @author Patrick Peck * @version $Id$ */ public class ConfigurationDataImpl implements ConfigurationData { /** PKI configuration data. */ - private PKIConfiguration pkiConfiguration; + private final PKIConfiguration pkiConfiguration; /** Crypto modules configuration data. */ - private List cryptoModuleConfigurations; + private final List cryptoModuleConfigurations; /** Key modules configuration data. */ - private List keyModuleConfigurations; + private final List keyModuleConfigurations; /** Logging configuration data. */ - private LoggerConfig loggerConfig; + private final LoggerConfig loggerConfig; /** * Create a new ConfigurationDataImpl. - * + * * @param config The underlying MOA configuration data. */ public ConfigurationDataImpl(ConfigurationProvider config) { @@ -69,54 +67,55 @@ public class ConfigurationDataImpl implements ConfigurationData { /** * Build the list of CryptoModuleConfigurations. - * + * * @param config The underlying MOA configuration data. - * @return The list of CryptoModuleConfigurations configured in - * the MOA configuration. + * @return The list of CryptoModuleConfigurations configured in the + * MOA configuration. */ private List buildCryptoModuleConfigurations(ConfigurationProvider config) { - List modules = new ArrayList(); - Iterator iter = config.getHardwareCryptoModules().iterator(); - + final List modules = new ArrayList(); + final Iterator iter = config.getHardwareCryptoModules().iterator(); + while (iter.hasNext()) { - HardwareCryptoModule module = (HardwareCryptoModule) iter.next(); + final HardwareCryptoModule module = (HardwareCryptoModule) iter.next(); modules.add(new HardwareCryptoModuleConfigurationImpl(module)); } - + return modules; } - + /** * Build the list of KeyModuleConfigurations. - * + * * @param config The underlying MOA configuration data. * @return The list of KeyModuleConfigurations configured in the - * MOA configuration. + * MOA configuration. */ private List buildKeyModuleConfigurations(ConfigurationProvider config) { - List keys = new ArrayList(); + final List keys = new ArrayList(); Iterator iter; - + // add the hardware keys iter = config.getHardwareKeyModules().iterator(); while (iter.hasNext()) { - HardwareKeyModule key = (HardwareKeyModule) iter.next(); + final HardwareKeyModule key = (HardwareKeyModule) iter.next(); keys.add(new HardwareKeyModuleConfigurationImpl(key)); } - + // add the software keys iter = config.getSoftwareKeyModules().iterator(); while (iter.hasNext()) { - SoftwareKeyModule key = (SoftwareKeyModule) iter.next(); + final SoftwareKeyModule key = (SoftwareKeyModule) iter.next(); keys.add(new SoftwareKeyModuleConfigurationImpl(key)); } - + return keys; } /** * @see iaik.server.ConfigurationData#getPKIConfiguration() */ + @Override public PKIConfiguration getPKIConfiguration() { return pkiConfiguration; } @@ -124,6 +123,7 @@ public class ConfigurationDataImpl implements ConfigurationData { /** * @see iaik.server.ConfigurationData#getCryptoModuleConfigurations() */ + @Override public List getCryptoModuleConfigurations() { return cryptoModuleConfigurations; } @@ -131,6 +131,7 @@ public class ConfigurationDataImpl implements ConfigurationData { /** * @see iaik.server.ConfigurationData#getKeyModuleConfigurations() */ + @Override public List getKeyModuleConfigurations() { return keyModuleConfigurations; } @@ -138,6 +139,7 @@ public class ConfigurationDataImpl implements ConfigurationData { /** * @see iaik.server.ConfigurationData#getLoggerConfig() */ + @Override public LoggerConfig getLoggerConfig() { return loggerConfig; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java index f4658a2..22cceeb 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java @@ -21,14 +21,13 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import iaik.pki.store.revocation.archive.DataBaseArchiveParameters; /** * An implementation of the DataBaseArchiveParameter interface. - * + * * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter * @author Patrick Peck * @version $Id$ @@ -36,11 +35,11 @@ import iaik.pki.store.revocation.archive.DataBaseArchiveParameters; public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameters { /** The JDBC URL for accessing the archive. */ - private String jDBCUrl; + private final String jDBCUrl; /** * Create a new DataBaseArchiveParameterImpl. - * + * * @param jDBCUrl The JDBC URL of the archive. */ public DataBaseArchiveParameterImpl(String jDBCUrl) { @@ -50,6 +49,7 @@ public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameters { /** * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter#getJDBCUrl() */ + @Override public String getJDBCUrl() { return jDBCUrl; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java index 39da9cf..e48c7e7 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java @@ -21,50 +21,48 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import java.util.Collections; import java.util.Set; -import iaik.pki.store.certstore.CertStoreParameters; import iaik.pki.store.certstore.CertStoreTypes; import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters; /** * An implementation of the DirectoryCertStoreParameters interface. - * + * * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters * @author Patrick Peck * @version $Id$ */ public class DirectoryCertStoreParametersImpl - implements DirectoryCertStoreParameters { + implements DirectoryCertStoreParameters { /** The root directory of the CertStore. */ - private String rootDirectory; + private final String rootDirectory; /** Whether a new directory may be created. */ - private boolean createNew; + private final boolean createNew; /** The CertStore ID. */ - private String id; + private final String id; /** Whether the CertStore is read-only. */ - private boolean readOnly; + private final boolean readOnly; /** * Create a new DirectoryCertStoreParameterImpl. - * - * @param id The CertStore ID. + * + * @param id The CertStore ID. * @param rootDirectory The root directory of the CertStore. - * @param createNew Whether a new directory may be created. - * @param readOnly Whether the CertStore is read-only. + * @param createNew Whether a new directory may be created. + * @param readOnly Whether the CertStore is read-only. */ public DirectoryCertStoreParametersImpl( - String id, - String rootDirectory, - boolean createNew, - boolean readOnly) { - - this.id = id; + String id, + String rootDirectory, + boolean createNew, + boolean readOnly) { + + this.id = id; this.rootDirectory = rootDirectory; this.createNew = createNew; this.readOnly = readOnly; @@ -73,6 +71,7 @@ public class DirectoryCertStoreParametersImpl /** * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory() */ + @Override public String getRootDirectory() { return rootDirectory; } @@ -80,6 +79,7 @@ public class DirectoryCertStoreParametersImpl /** * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew() */ + @Override public boolean createNew() { return createNew; } @@ -87,6 +87,7 @@ public class DirectoryCertStoreParametersImpl /** * @see iaik.pki.store.certstore.CertStoreParameters#getId() */ + @Override public String getId() { return id; } @@ -94,6 +95,7 @@ public class DirectoryCertStoreParametersImpl /** * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly() */ + @Override public boolean isReadOnly() { return readOnly; } @@ -102,14 +104,15 @@ public class DirectoryCertStoreParametersImpl * @return CertStoreTypes.DIRECTORY * @see iaik.pki.store.certstore.CertStoreParameters#getType() */ + @Override public String getType() { return CertStoreTypes.DIRECTORY; } -@Override -public Set getVirtualStores() { - // TODO AFITZEK IMPLEMENT THIS METHOD - return Collections.EMPTY_SET; -} + @Override + public Set getVirtualStores() { + // TODO AFITZEK IMPLEMENT THIS METHOD + return Collections.EMPTY_SET; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java index c9904c5..6275e08 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java @@ -21,32 +21,30 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; -import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration; - import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; +import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration; /** * An implementation of the HardwareCryptoModuleConfiguration * wrapping a HardwareCryptoModule from the MOA configuration. - * + * * @author Patrick Peck * @version $Id$ */ public class HardwareCryptoModuleConfigurationImpl - implements HardwareCryptoModuleConfiguration { - - /** The wrapped HardwareCryptoModule. */ - private HardwareCryptoModule module; - + implements HardwareCryptoModuleConfiguration { + + /** The wrapped HardwareCryptoModule. */ + private final HardwareCryptoModule module; + /** * Create a new HardwareCryptoModuleConfigurationImpl. - * + * * @param module The HardwareCryptoModule from the underlying MOA - * configuration. - */ + * configuration. + */ public HardwareCryptoModuleConfigurationImpl(HardwareCryptoModule module) { this.module = module; } @@ -54,6 +52,7 @@ public class HardwareCryptoModuleConfigurationImpl /** * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getModuleName() */ + @Override public String getModuleName() { return module.getName(); } @@ -61,6 +60,7 @@ public class HardwareCryptoModuleConfigurationImpl /** * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getSlotID() */ + @Override public String getSlotID() { return module.getSlotID(); } @@ -68,6 +68,7 @@ public class HardwareCryptoModuleConfigurationImpl /** * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getUserPIN() */ + @Override public char[] getUserPIN() { return module.getUserPIN().toCharArray(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java index 05f5633..9b37c60 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java @@ -21,34 +21,32 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; -import iaik.server.modules.keys.HardwareKeyModuleConfiguration; - import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; +import iaik.server.modules.keys.HardwareKeyModuleConfiguration; /** * An implementation of the HardwareKeyModuleConfiguration * interface wrapping a HardwareKeyModule from the MOA * configuration. - * + * * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration * @author Patrick Peck * @version $Id$ */ public class HardwareKeyModuleConfigurationImpl - extends AbstractKeyModuleConfigurationImpl - implements HardwareKeyModuleConfiguration { + extends AbstractKeyModuleConfigurationImpl + implements HardwareKeyModuleConfiguration { /** The wrapped HardwareKeyModule. */ - private HardwareKeyModule keyModule; + private final HardwareKeyModule keyModule; /** * Create a new HardwareKeyModuleConfigurationImpl. - * - * @param keyModule The HardwareKeyModule from the underlying - * MOA configuration. + * + * @param keyModule The HardwareKeyModule from the underlying MOA + * configuration. */ public HardwareKeyModuleConfigurationImpl(HardwareKeyModule keyModule) { super(keyModule.getId()); @@ -58,6 +56,7 @@ public class HardwareKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getModuleName() */ + @Override public String getModuleName() { return keyModule.getName(); } @@ -65,6 +64,7 @@ public class HardwareKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getSlotID() */ + @Override public String getSlotID() { return keyModule.getSlotID(); } @@ -72,6 +72,7 @@ public class HardwareKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getUserPIN() */ + @Override public char[] getUserPIN() { return keyModule.getUserPIN().toCharArray(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java index 1a41499..8ca19e4 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java @@ -21,27 +21,10 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; -import iaik.cms.IaikCCProvider; -import iaik.esi.sva.Configuration; -import iaik.logging.LogFactory; -import iaik.pki.store.revocation.RevocationFactory; -import iaik.pki.store.revocation.RevocationSourceStore; -import iaik.pki.store.truststore.TrustStoreFactory; -import iaik.security.ec.provider.ECCelerate; -import iaik.server.ConfigurationData; -import iaik.server.Configurator; -import iaik.server.modules.keys.KeyEntryID; -import iaik.server.modules.keys.KeyModule; -import iaik.server.modules.keys.KeyModuleFactory; - -import java.io.PrintStream; import java.io.PrintWriter; import java.io.StringWriter; -import java.security.Provider; -import java.security.Security; import java.util.ArrayList; import java.util.Iterator; import java.util.List; @@ -54,99 +37,109 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.KeyGroup; import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry; -import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.logging.TransactionId; import at.gv.egovernment.moa.spss.util.CertStoreConverter; import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moa.spss.util.SecProviderUtils; import at.gv.egovernment.moaspss.logging.LogMsg; import at.gv.egovernment.moaspss.logging.Logger; +import iaik.logging.LogFactory; +import iaik.pki.store.revocation.RevocationFactory; +import iaik.pki.store.revocation.RevocationSourceStore; +import iaik.pki.store.truststore.TrustStoreFactory; +import iaik.server.ConfigurationData; +import iaik.server.Configurator; +import iaik.server.modules.keys.KeyEntryID; +import iaik.server.modules.keys.KeyModule; +import iaik.server.modules.keys.KeyModuleFactory; /** * A class responsible for configuring the IAIK MOA modules. - * + * * @author Patrick Peck * @version $Id$ */ public class IaikConfigurator { - private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class); - + private static final org.slf4j.Logger logger = LoggerFactory.getLogger(IaikConfigurator.class); + /** The warnings encountered during configuration. */ private List warnings = new ArrayList(); /** * Configure the IAIK MOA subsystem. - * - * + * + * * @param moaConfig The underlying MOA configuration. * @return Returns the config data of the underlying MOA subsystem - * @throws ConfigurationException An error occurred configuring the IAIK - * MOA subsystem. + * @throws ConfigurationException An error occurred configuring the IAIK MOA + * subsystem. */ public ConfigurationData configure(ConfigurationProvider moaConfig) - throws ConfigurationException { - ConfigurationData configData = new ConfigurationDataImpl(moaConfig); - + throws ConfigurationException { + final ConfigurationData configData = new ConfigurationDataImpl(moaConfig); + warnings = new ArrayList(); try { - TransactionId transId = new TransactionId("IaikConfigurator"); - - //iaik.esi.sva.Configuration config = new Configuration(IaikConfigurator.class.getResourceAsStream("/sva.config")); - - //SecProviderUtils.dumpSecProviders("Starting configuration"); - + final TransactionId transId = new TransactionId("IaikConfigurator"); + + // iaik.esi.sva.Configuration config = new + // Configuration(IaikConfigurator.class.getResourceAsStream("/sva.config")); + + // SecProviderUtils.dumpSecProviders("Starting configuration"); + LogFactory.configure(configData.getLoggerConfig()); - + try { - iaik.pki.Configurator.initCommon(configData.getLoggerConfig(), - transId); - //SecProviderUtils.dumpSecProviders("initCommon"); - String certStoreRoot = moaConfig.getCertStoreLocation(); - CertStoreConverter.convert(certStoreRoot, transId); + iaik.pki.Configurator.initCommon(configData.getLoggerConfig(), + transId); + // SecProviderUtils.dumpSecProviders("initCommon"); + final String certStoreRoot = moaConfig.getCertStoreLocation(); + CertStoreConverter.convert(certStoreRoot, transId); } finally { - //Security.removeProvider(ECCelerate.getInstance().getName()); + // Security.removeProvider(ECCelerate.getInstance().getName()); } - + Configurator.init(configData, transId); - + SecProviderUtils.dumpSecProviders("Fully configured!"); - - // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat - RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore(); - //rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL); - if ((moaConfig.getSoftwareKeyModules().size() > 0) || (moaConfig.getHardwareKeyModules().size() > 0)) { + + // Set customized CRL retriever to overcome a classloader problem when MOA is + // deployed in Tomcat + final RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore(); + // rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL); + if (moaConfig.getSoftwareKeyModules().size() > 0 || moaConfig.getHardwareKeyModules().size() > 0) { dumpKeyEntryIDs(); } checkKeyGroupConfig(moaConfig); TrustStoreFactory.reset(); - + return configData; - } catch (iaik.server.ConfigurationException e) { - logException(e); - throw new ConfigurationException("config.08", null, e); - - } catch (Throwable t) { - logException(t); - throw new ConfigurationException("config.08", null, t); - + } catch (final iaik.server.ConfigurationException e) { + logException(e); + throw new ConfigurationException("config.08", null, e); + + } catch (final Throwable t) { + logException(t); + throw new ConfigurationException("config.08", null, t); + } } - private void logException(Throwable e) { - StringWriter out = new StringWriter(); - PrintWriter writer = new PrintWriter(out); + private void logException(Throwable e) { + final StringWriter out = new StringWriter(); + final PrintWriter writer = new PrintWriter(out); e.printStackTrace(writer); - logger.error("IAIK_Module error: {}",out.toString()); - + logger.error("IAIK_Module error: {}", out.toString()); + } -/** + /** * Return the warnings encountered during configuration. - * + * * @return The warnings. - */ + */ public List getWarnings() { return warnings; } @@ -156,71 +149,71 @@ public class IaikConfigurator { * KeyModules to the log file. */ private void dumpKeyEntryIDs() { - MessageProvider msg = MessageProvider.getInstance(); - KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump")); - Set keyEntryIds = module.getPrivateKeyEntryIDs(); + final MessageProvider msg = MessageProvider.getInstance(); + final KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump")); + final Set keyEntryIds = module.getPrivateKeyEntryIDs(); Iterator iter; for (iter = keyEntryIds.iterator(); iter.hasNext();) { - KeyEntryID keyEntryId = (KeyEntryID) iter.next(); + final KeyEntryID keyEntryId = (KeyEntryID) iter.next(); Logger.info( - new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId }))); + new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId }))); } } /** - * Check that each key group entry in each key group can be resolved to a + * Check that each key group entry in each key group can be resolved to a * KeyEntryID. - * + * * Logs a warning for each key group entry that cannot be resolved. - * + * * @param moaConfig The MOA configuration to check. */ private void checkKeyGroupConfig(ConfigurationProvider moaConfig) { - Map keyGroups = moaConfig.getKeyGroups(); + final Map keyGroups = moaConfig.getKeyGroups(); Iterator iter; for (iter = keyGroups.values().iterator(); iter.hasNext();) { - KeyGroup keyGroup = (KeyGroup) iter.next(); - Set keyGroupEntries = keyGroup.getKeyGroupEntries(); + final KeyGroup keyGroup = (KeyGroup) iter.next(); + final Set keyGroupEntries = keyGroup.getKeyGroupEntries(); Iterator kgIter; for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) { - KeyGroupEntry entry = (KeyGroupEntry) kgIter.next(); + final KeyGroupEntry entry = (KeyGroupEntry) kgIter.next(); if (!findKeyEntryID(entry)) { warn( - "config.31", - new Object[] { - keyGroup.getId(), - entry.getModuleID(), - entry.getIssuerDN(), - entry.getSerialNumber()}); + "config.31", + new Object[] { + keyGroup.getId(), + entry.getModuleID(), + entry.getIssuerDN(), + entry.getSerialNumber() }); } } } } /** - * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID - * by the Configurator. + * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID by + * the Configurator. * * @param keyGroupEntry The key group entry to find. * @return true, if the keyGroupEntry could be - * resolved to a KeyEntryID; otherwise false. + * resolved to a KeyEntryID; otherwise false. */ private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) { - KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check")); - Set keyEntryIDs = module.getPrivateKeyEntryIDs(); + final KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check")); + final Set keyEntryIDs = module.getPrivateKeyEntryIDs(); Iterator iter; for (iter = keyEntryIDs.iterator(); iter.hasNext();) { - KeyEntryID entry = (KeyEntryID) iter.next(); + final KeyEntryID entry = (KeyEntryID) iter.next(); if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN()) - && entry.getCertificateSerialNumber().equals( - keyGroupEntry.getSerialNumber()) - && entry.getModuleID().equals(keyGroupEntry.getModuleID())) { + && entry.getCertificateSerialNumber().equals( + keyGroupEntry.getSerialNumber()) + && entry.getModuleID().equals(keyGroupEntry.getModuleID())) { return true; } } @@ -230,14 +223,14 @@ public class IaikConfigurator { /** * Log a warning. - * + * * @param messageId The message ID. - * @param args Additional parameters for the message. + * @param args Additional parameters for the message. * @see at.gv.egovernment.moa.spss.server.util.MessageProvider */ private void warn(String messageId, Object[] args) { - MessageProvider msg = MessageProvider.getInstance(); - String txt = msg.getMessage(messageId, args); + final MessageProvider msg = MessageProvider.getInstance(); + final String txt = msg.getMessage(messageId, args); Logger.warn(new LogMsg(txt)); warnings.add(txt); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java index 317fcca..7ba2122 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import java.util.Properties; @@ -32,24 +31,27 @@ import iaik.logging.LoggerConfig; /** * Default implementation of the LoggerConfig interface. - * + * * @author Patrick Peck * @version $Id$ */ public class LoggerConfigImpl implements LoggerConfig { - + /** The implementation of iaik.logging.LogFactory. */ - private static final String DEFAULT_IMPLEMENTATION = - "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory"; + private static final String DEFAULT_IMPLEMENTATION = + "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory"; + @Override public String getFactory() { return DEFAULT_IMPLEMENTATION; } + @Override public Properties getProperties() throws LogConfigurationException { return new Properties(); } + @Override public String getNodeId() { return LoggingContextManager.getInstance().getLoggingContext().getNodeID(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java index 6341609..d54bcfd 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java @@ -23,93 +23,96 @@ package at.gv.egovernment.moa.spss.server.iaik.config; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import iaik.pki.PKIConfiguration; import iaik.pki.pathvalidation.ValidationConfiguration; import iaik.pki.revocation.RevocationConfiguration; import iaik.pki.store.certstore.CertStoreConfiguration; import iaik.pki.store.revocation.archive.ArchiveConfiguration; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; /** * An implementation of the PKIConfiguration interface using data * from the MOA configuration. - * + * * @see iaik.pki.PKIConfiguration * @author Patrick Peck * @version $Id$ */ public class PKIConfigurationImpl implements PKIConfiguration { - /** The CertStore configuration. */ - private CertStoreConfiguration certStoreConfiguration; - /** The revocation checking configuration. */ - private RevocationConfiguration revocationConfiguration; - /** The revocation archive configuration. */ - private ArchiveConfiguration archiveConfiguration; - /** The certificate validation configuration. */ - private ValidationConfiguration validationConfiguration; - private int connectionTimeout; - private int readTimeout; + /** The CertStore configuration. */ + private final CertStoreConfiguration certStoreConfiguration; + /** The revocation checking configuration. */ + private final RevocationConfiguration revocationConfiguration; + /** The revocation archive configuration. */ + private ArchiveConfiguration archiveConfiguration; + /** The certificate validation configuration. */ + private final ValidationConfiguration validationConfiguration; + private final int connectionTimeout; + private final int readTimeout; - /** - * Create a new PKIConfigurationImpl. - * - * @param config - * The underlying MOA configuration which will be used to build - * the configuration data contained in this object. - */ - public PKIConfigurationImpl(ConfigurationProvider config) { + /** + * Create a new PKIConfigurationImpl. + * + * @param config The underlying MOA configuration which will be used to build + * the configuration data contained in this object. + */ + public PKIConfigurationImpl(ConfigurationProvider config) { - this.certStoreConfiguration = new CertStoreConfigurationImpl(config); - this.revocationConfiguration = new RevocationConfigurationImpl(config); + this.certStoreConfiguration = new CertStoreConfigurationImpl(config); + this.revocationConfiguration = new RevocationConfigurationImpl(config); - boolean archiveInfo = config.getEnableRevocationArchiving(); - if (archiveInfo) { - this.archiveConfiguration = new ArchiveConfigurationImpl(config); - } else { - this.archiveConfiguration = null; - } + final boolean archiveInfo = config.getEnableRevocationArchiving(); + if (archiveInfo) { + this.archiveConfiguration = new ArchiveConfigurationImpl(config); + } else { + this.archiveConfiguration = null; + } - this.validationConfiguration = new ValidationConfigurationImpl(config); - this.connectionTimeout = config.getConnectionTimeout(); - this.readTimeout = config.getReadTimeout(); - } + this.validationConfiguration = new ValidationConfigurationImpl(config); + this.connectionTimeout = config.getConnectionTimeout(); + this.readTimeout = config.getReadTimeout(); + } - /** - * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration() - */ - public CertStoreConfiguration getCertStoreConfiguration() { - return certStoreConfiguration; - } + /** + * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration() + */ + @Override + public CertStoreConfiguration getCertStoreConfiguration() { + return certStoreConfiguration; + } - /** - * @see iaik.pki.PKIConfiguration#getRevocationConfiguration() - */ - public RevocationConfiguration getRevocationConfiguration() { - return revocationConfiguration; - } + /** + * @see iaik.pki.PKIConfiguration#getRevocationConfiguration() + */ + @Override + public RevocationConfiguration getRevocationConfiguration() { + return revocationConfiguration; + } - /** - * @see iaik.pki.PKIConfiguration#getArchiveConfiguration() - */ - public ArchiveConfiguration getArchiveConfiguration() { - return archiveConfiguration; - } + /** + * @see iaik.pki.PKIConfiguration#getArchiveConfiguration() + */ + @Override + public ArchiveConfiguration getArchiveConfiguration() { + return archiveConfiguration; + } - /** - * @see iaik.pki.PKIConfiguration#getValidationConfiguration() - */ - public ValidationConfiguration getValidationConfiguration() { - return validationConfiguration; - } + /** + * @see iaik.pki.PKIConfiguration#getValidationConfiguration() + */ + @Override + public ValidationConfiguration getValidationConfiguration() { + return validationConfiguration; + } - @Override - public int getConnectTimeout() { - return this.connectionTimeout; - } + @Override + public int getConnectTimeout() { + return this.connectionTimeout; + } - @Override - public int getReadTimeout() { - return this.readTimeout; - } + @Override + public int getReadTimeout() { + return this.readTimeout; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java index 5df84c9..6aa20cf 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java @@ -23,9 +23,6 @@ package at.gv.egovernment.moa.spss.server.iaik.config; -import iaik.pki.revocation.RevocationConfiguration; -import iaik.pki.revocation.dbcrl.config.DBCrlConfig; - import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Date; @@ -33,81 +30,85 @@ import java.util.Map; import java.util.Set; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import iaik.pki.revocation.RevocationConfiguration; +import iaik.pki.revocation.dbcrl.config.DBCrlConfig; /** * An implementation of the RevocationConfiguration interface using * MOA configuration data. - * + * * @see iaik.pki.revocation.RevocationConfiguration * @author Patrick Peck * @version $Id$ */ -public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements RevocationConfiguration { - - /** - * The ConfigurationProvider to read the configuration data - * from. - */ - private ConfigurationProvider config; - - /** - * Create a new RevocationConfigurationImpl. - * - * @param config - * The underlying MOA configuration containing the configuration - * data. - */ - public RevocationConfigurationImpl(ConfigurationProvider config) { - this.config = config; - } - - /** - * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints - */ - public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) { - return config.getDistributionPoints(cert); - } - - /** - * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, - * java.lang.String) - */ - public boolean archiveRevocationInfo(String type, String uri) { - return config.getEnableRevocationArchiving(); - } - - /** - * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String) - */ - public Integer getCrlRetentionInterval(String issuername) { - Map map = config.getCrlRetentionIntervals(); - Integer interval = (Integer) map.get(issuername); - - return interval; - } - - @Override - public DBCrlConfig getDataBaseCRLConfig() { - // TODO AFITZEK IMPLEMENT THIS METHOD - return null; - } - - @Override - public boolean getKeepRevocationInfo() { - // TODO AFITZEK IMPLEMENT THIS METHOD - return false; - } - - @Override - public Set getPositiveOCSPResponders() { - // TODO AFITZEK IMPLEMENT THIS METHOD - return Collections.EMPTY_SET; - } - - @Override - public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() { - // TODO AFITZEK IMPLEMENT THIS METHOD - return false; - } +public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements + RevocationConfiguration { + + /** + * The ConfigurationProvider to read the configuration data from. + */ + private final ConfigurationProvider config; + + /** + * Create a new RevocationConfigurationImpl. + * + * @param config The underlying MOA configuration containing the configuration + * data. + */ + public RevocationConfigurationImpl(ConfigurationProvider config) { + this.config = config; + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints + */ + @Override + public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) { + return config.getDistributionPoints(cert); + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, + * java.lang.String) + */ + @Override + public boolean archiveRevocationInfo(String type, String uri) { + return config.getEnableRevocationArchiving(); + } + + /** + * @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String) + */ + @Override + public Integer getCrlRetentionInterval(String issuername) { + final Map map = config.getCrlRetentionIntervals(); + final Integer interval = (Integer) map.get(issuername); + + return interval; + } + + @Override + public DBCrlConfig getDataBaseCRLConfig() { + // TODO AFITZEK IMPLEMENT THIS METHOD + return null; + } + + @Override + public boolean getKeepRevocationInfo() { + // TODO AFITZEK IMPLEMENT THIS METHOD + return false; + } + + @Override + public Set getPositiveOCSPResponders() { + // TODO AFITZEK IMPLEMENT THIS METHOD + return Collections.EMPTY_SET; + } + + @Override + public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() { + // TODO AFITZEK IMPLEMENT THIS METHOD + return false; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java index 1aed76e..767b3f2 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java @@ -21,40 +21,39 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.InputStream; -import iaik.server.modules.keys.ConfigurationException; -import iaik.server.modules.keys.SoftwareKeyModuleConfiguration; import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moaspss.logging.LogMsg; import at.gv.egovernment.moaspss.logging.Logger; +import iaik.server.modules.keys.ConfigurationException; +import iaik.server.modules.keys.SoftwareKeyModuleConfiguration; /** * An implementation of the SoftwareKeyModuleConfiguration wrapping * a SoftwareKeyModule from the MOA configuration. - * + * * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration * @author Patrick Peck * @version $Id$ */ public class SoftwareKeyModuleConfigurationImpl - extends AbstractKeyModuleConfigurationImpl - implements SoftwareKeyModuleConfiguration { + extends AbstractKeyModuleConfigurationImpl + implements SoftwareKeyModuleConfiguration { /** The wrapped SoftwareKeyModule. */ - private SoftwareKeyModule keyModule; + private final SoftwareKeyModule keyModule; /** * Create a new SoftwareKeyModuleConfigurationImpl. - * + * * @param keyModule The SoftwareKeyModule from the underlying MOA - * configuration. + * configuration. */ public SoftwareKeyModuleConfigurationImpl(SoftwareKeyModule keyModule) { super(keyModule.getId()); @@ -64,6 +63,7 @@ public class SoftwareKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreTypeName() */ + @Override public String getKeyStoreTypeName() { return KEY_STORE_TYPE_NAME_PKCS12; } @@ -71,17 +71,18 @@ public class SoftwareKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAsStream() */ + @Override public InputStream getKeyStoreAsStream() { - MessageProvider msg = MessageProvider.getInstance(); + final MessageProvider msg = MessageProvider.getInstance(); try { - String message = - msg.getMessage("config.18", new Object[] { keyModule.getFileName()}); + final String message = + msg.getMessage("config.18", new Object[] { keyModule.getFileName() }); Logger.info(new LogMsg(message)); return new FileInputStream(keyModule.getFileName()); - } catch (FileNotFoundException e) { - String message = - msg.getMessage("config.09", new Object[] { keyModule.getFileName()}); + } catch (final FileNotFoundException e) { + final String message = + msg.getMessage("config.09", new Object[] { keyModule.getFileName() }); throw new ConfigurationException(message, e, null); } @@ -90,6 +91,7 @@ public class SoftwareKeyModuleConfigurationImpl /** * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAuthenticationData() */ + @Override public char[] getKeyStoreAuthenticationData() { return keyModule.getPassWord().toCharArray(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java index 9e26fb8..50c3926 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java @@ -21,35 +21,34 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.config; import java.security.cert.X509Certificate; import java.security.spec.AlgorithmParameterSpec; -import iaik.pki.pathvalidation.ValidationConfiguration; - import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import iaik.pki.pathvalidation.ValidationConfiguration; /** * An implementation of the ValidationConfiguration interface using * MOA configuration data. - * + * * @see iaik.pki.pathvalidation.ValidationConfiguration * @author Patrick Peck * @version $Id$ */ public class ValidationConfigurationImpl - extends AbstractObservableConfiguration - implements ValidationConfiguration { + extends AbstractObservableConfiguration + implements ValidationConfiguration { - /** The ConfigurationProvider to read the configuration data - * from. */ - private ConfigurationProvider config; + /** + * The ConfigurationProvider to read the configuration data from. + */ + private final ConfigurationProvider config; /** * Create a new ValidationConfigurationImpl. - * + * * @param config The underlying MOA configuration data. */ public ValidationConfigurationImpl(ConfigurationProvider config) { @@ -59,6 +58,7 @@ public class ValidationConfigurationImpl /** * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate) */ + @Override public String getChainingMode(X509Certificate cert) { return config.getChainingMode(cert); } @@ -66,6 +66,7 @@ public class ValidationConfigurationImpl /** * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate) */ + @Override public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate cert) { return null; } @@ -73,6 +74,7 @@ public class ValidationConfigurationImpl /** * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate) */ + @Override public X509Certificate getPublicKeyParamsAsCert(X509Certificate cert) { return null; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java index 97eb6ef..0032dc6 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -23,15 +23,8 @@ package at.gv.egovernment.moa.spss.server.iaik.pki; -import iaik.pki.PKIProfile; -import iaik.pki.pathvalidation.ValidationProfile; -import iaik.pki.revocation.RevocationProfile; -import iaik.pki.store.truststore.TrustStoreProfile; -import iaik.pki.store.truststore.TrustStoreTypes; - import java.util.Arrays; -import at.gv.egovernment.moa.sig.tsl.api.ITslService; import at.gv.egovernment.moa.sig.tsl.exception.TslPKIException; import at.gv.egovernment.moa.sig.tsl.pki.TslTrustStoreProfile; import at.gv.egovernment.moa.sig.tsl.pki.chaining.ChainingTrustStoreProfile; @@ -43,189 +36,195 @@ import at.gv.egovernment.moa.spss.server.iaik.pki.revocation.RevocationProfileIm import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl; import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; import at.gv.egovernment.moaspss.logging.Logger; +import iaik.pki.PKIProfile; +import iaik.pki.pathvalidation.ValidationProfile; +import iaik.pki.revocation.RevocationProfile; +import iaik.pki.store.truststore.TrustStoreProfile; /** * Implementation of the PKIProfile interface containing * information needed for certificate path validation. It uses configuration * data from the MOA configuration. - * + * * @author Patrick Peck * @version $Id$ */ public class PKIProfileImpl implements PKIProfile { - /** Profile information for revocation checking. */ - private RevocationProfile revocationProfile; - /** Profile information about the trust profile to use. */ - private TrustStoreProfile trustStoreProfile; - /** Profile information about the certificate validation. */ - private ValidationProfile validationProfile; - /** - * The ConfigurationProvider to read the MOA configuration data - * from. - */ - private ConfigurationProvider config; - - /** - * Create a new PKIProfileImpl. - * - * @param config - * The MOA configuration providing configuration data about - * certificate path validation. - * @param trustProfileID - * The trust profile ID denoting the location of the trust store. - * @throws MOAApplicationException - * An error occurred building the profile. - */ - public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException { - - this.config = config; - setRevocationProfile(new RevocationProfileImpl(config)); - setValidationProfile(new ValidationProfileImpl(config)); - - //generate TrustStoreProfile from TrustStore configuration - internalTrustProfileBuilder(trustProfileID); - - } - - - private void internalTrustProfileBuilder(String trustProfileId) throws MOAApplicationException { - TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId); - if (tp != null) { - //build directory based trust store as default - - - if (tp.isTSLEnabled()) { - TslTrustStoreProfile tslTrustStore; - try { - if (!TSLServiceFactory.isInitialized()) { - Logger.error("Can not build TrustProfile:" + trustProfileId - + " Reason: TrustProfile needs TSL support but TSL client NOT initialized."); - throw new TslPKIException("Trust Status-List service client is NOT initialized"); - - } - - //build TSL truststore if enabled - tslTrustStore = TSLServiceFactory.getTSLServiceClient(). - buildTrustStoreProfile( - tp.getCountries(), - tp.getAllowedTspStatus(), - tp.getAllowedTspServiceTypes(), - trustProfileId + "_TSL"); - - //build Directory based TrustStore - TrustStoreProfileImpl directoryTrustStore = new TrustStoreProfileImpl(trustProfileId + "_Directory", tp.getUri()); - - //generate a virtual truststore that concatenates the TSL TrustStore and the directory TrustStore - ChainingTrustStoreProfile chainedProfile = new ChainingTrustStoreProfile( - Arrays.asList(tslTrustStore, directoryTrustStore), - trustProfileId); - - //set this virtual truststore - setTrustStoreProfile(chainedProfile); - - } catch (TslPKIException e) { - Logger.error("Virtual TSL based TrustProfile generation FAILED.", e); - throw new MOAApplicationException("2900", new Object[] { trustProfileId }); - - } - - } else - setTrustStoreProfile(new TrustStoreProfileImpl(trustProfileId, tp.getUri())); - - } else { - throw new MOAApplicationException("2203", new Object[] { trustProfileId }); - - } - - } - - /** - * @see iaik.pki.PKIProfile#autoAddCertificates() - */ - /*public boolean autoAddCertificates() { - return useAuthorityInfoAccess() ? true : config.getAutoAddCertificates(); - }*/ - - /** - * @see iaik.pki.PKIProfile#getRevocationProfile() - */ - public RevocationProfile getRevocationProfile() { - return revocationProfile; - } - - /** - * Sets the RevocationProfile. - * - * @param revocationProfile - * The RevocationProfile used for revocation - * checking. - */ - protected void setRevocationProfile(RevocationProfile revocationProfile) { - this.revocationProfile = revocationProfile; - } - - /** - * @see iaik.pki.PKIProfile#getTrustStoreProfile() - */ - public TrustStoreProfile getTrustStoreProfile() { - return trustStoreProfile; - } - - /** - * Sets the TrustStoreProfile. - * - * @param trustStoreProfile - * The TrustStoreProfile. - */ - protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) { - this.trustStoreProfile = trustStoreProfile; - } - - /** - * @see iaik.pki.PKIProfile#getValidationProfile() - */ - public ValidationProfile getValidationProfile() { - return validationProfile; - } - - /** - * Sets the ValidationProfile. - * - * @param validationProfile - * The ValidationProfile to set. - */ - protected void setValidationProfile(ValidationProfile validationProfile) { - this.validationProfile = validationProfile; - } - - /** - * @see iaik.pki.PKIProfile#useAuthorityInfoAccess() - */ - public boolean useAuthorityInfoAccess() { - return config.getUseAuthorityInfoAccess(); - } - - /** - * @see iaik.pki.PKIProfile#autoAddCertificates() - */ - @Override - public int autoAddCertificates() { - if(config.getAutoAddCertificates()) { - if (config.getAutoAddEECertificates()) - return PKIProfile.AUTO_ADD_ENABLE; - else - return PKIProfile.AUTO_ADD_EE_DISABLE; - - } else - return PKIProfile.AUTO_ADD_DISABLE; - - } - - @Override - public TrustStoreProfile getIndirectRevocationTrustStoreProfile() { - // TODO AFITZEK IMPLEMENT THIS METHOD - return null; - } + /** Profile information for revocation checking. */ + private RevocationProfile revocationProfile; + /** Profile information about the trust profile to use. */ + private TrustStoreProfile trustStoreProfile; + /** Profile information about the certificate validation. */ + private ValidationProfile validationProfile; + /** + * The ConfigurationProvider to read the MOA configuration data + * from. + */ + private final ConfigurationProvider config; + + /** + * Create a new PKIProfileImpl. + * + * @param config The MOA configuration providing configuration data + * about certificate path validation. + * @param trustProfileID The trust profile ID denoting the location of the trust + * store. + * @throws MOAApplicationException An error occurred building the profile. + */ + public PKIProfileImpl(ConfigurationProvider config, String trustProfileID) throws MOAApplicationException { + + this.config = config; + setRevocationProfile(new RevocationProfileImpl(config)); + setValidationProfile(new ValidationProfileImpl(config)); + + // generate TrustStoreProfile from TrustStore configuration + internalTrustProfileBuilder(trustProfileID); + + } + + private void internalTrustProfileBuilder(String trustProfileId) throws MOAApplicationException { + final TrustProfile tp = config.getTrustProfile(trustProfileId); + if (tp != null) { + // build directory based trust store as default + + if (tp.isTSLEnabled()) { + TslTrustStoreProfile tslTrustStore; + try { + if (!TSLServiceFactory.isInitialized()) { + Logger.error("Can not build TrustProfile:" + trustProfileId + + " Reason: TrustProfile needs TSL support but TSL client NOT initialized."); + throw new TslPKIException("Trust Status-List service client is NOT initialized"); + + } + + // build TSL truststore if enabled + tslTrustStore = TSLServiceFactory.getTSLServiceClient().buildTrustStoreProfile( + tp.getCountries(), + tp.getAllowedTspStatus(), + tp.getAllowedTspServiceTypes(), + trustProfileId + "_TSL"); + + // build Directory based TrustStore + final TrustStoreProfileImpl directoryTrustStore = new TrustStoreProfileImpl(trustProfileId + + "_Directory", tp.getUri()); + + // generate a virtual truststore that concatenates the TSL TrustStore and the + // directory TrustStore + final ChainingTrustStoreProfile chainedProfile = new ChainingTrustStoreProfile( + Arrays.asList(tslTrustStore, directoryTrustStore), + trustProfileId); + + // set this virtual truststore + setTrustStoreProfile(chainedProfile); + + } catch (final TslPKIException e) { + Logger.error("Virtual TSL based TrustProfile generation FAILED.", e); + throw new MOAApplicationException("2900", new Object[] { trustProfileId }); + + } + + } else { + setTrustStoreProfile(new TrustStoreProfileImpl(trustProfileId, tp.getUri())); + } + + } else { + throw new MOAApplicationException("2203", new Object[] { trustProfileId }); + + } + + } + + /** + * @see iaik.pki.PKIProfile#autoAddCertificates() + */ + /* + * public boolean autoAddCertificates() { return useAuthorityInfoAccess() ? true + * : config.getAutoAddCertificates(); } + */ + + /** + * @see iaik.pki.PKIProfile#getRevocationProfile() + */ + @Override + public RevocationProfile getRevocationProfile() { + return revocationProfile; + } + + /** + * Sets the RevocationProfile. + * + * @param revocationProfile The RevocationProfile used for + * revocation checking. + */ + protected void setRevocationProfile(RevocationProfile revocationProfile) { + this.revocationProfile = revocationProfile; + } + + /** + * @see iaik.pki.PKIProfile#getTrustStoreProfile() + */ + @Override + public TrustStoreProfile getTrustStoreProfile() { + return trustStoreProfile; + } + + /** + * Sets the TrustStoreProfile. + * + * @param trustStoreProfile The TrustStoreProfile. + */ + protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) { + this.trustStoreProfile = trustStoreProfile; + } + + /** + * @see iaik.pki.PKIProfile#getValidationProfile() + */ + @Override + public ValidationProfile getValidationProfile() { + return validationProfile; + } + + /** + * Sets the ValidationProfile. + * + * @param validationProfile The ValidationProfile to set. + */ + protected void setValidationProfile(ValidationProfile validationProfile) { + this.validationProfile = validationProfile; + } + + /** + * @see iaik.pki.PKIProfile#useAuthorityInfoAccess() + */ + @Override + public boolean useAuthorityInfoAccess() { + return config.getUseAuthorityInfoAccess(); + } + + /** + * @see iaik.pki.PKIProfile#autoAddCertificates() + */ + @Override + public int autoAddCertificates() { + if (config.getAutoAddCertificates()) { + if (config.getAutoAddEECertificates()) { + return PKIProfile.AUTO_ADD_ENABLE; + } else { + return PKIProfile.AUTO_ADD_EE_DISABLE; + } + + } else { + return PKIProfile.AUTO_ADD_DISABLE; + } + + } + + @Override + public TrustStoreProfile getIndirectRevocationTrustStoreProfile() { + // TODO AFITZEK IMPLEMENT THIS METHOD + return null; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java index 7e62d60..76e1ed0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java @@ -21,40 +21,39 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation; -import iaik.pki.pathvalidation.ValidationProfile; - import java.util.Collections; import java.util.Set; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import iaik.pki.pathvalidation.ValidationProfile; /** * An implementation of the ValidationProfile interface providing - * information about certificat path validation. - * + * information about certificat path validation. + * * @author Patrick Peck * @version $Id$ */ public class ValidationProfileImpl implements ValidationProfile { - /** The ConfigurationProvider to read the configuration data - * from. */ - private ConfigurationProvider config; - private boolean initialAnyPolicyInhibit; - private boolean initialExplicitPolicy; - private boolean initialPolicyMappingInhibit; - private Set initialPolicySet; - private boolean nameConstraintsProcessing; - private boolean policyProcessing; + /** + * The ConfigurationProvider to read the configuration data from. + */ + private final ConfigurationProvider config; + private final boolean initialAnyPolicyInhibit; + private final boolean initialExplicitPolicy; + private final boolean initialPolicyMappingInhibit; + private final Set initialPolicySet; + private final boolean nameConstraintsProcessing; + private final boolean policyProcessing; /** * Create a new ValidationProfileImpl object. - * + * * This objects's fields are preset to the following values: - * + * *
    *
  • initialAnyPolicyInhibit = true
    • *
  • initialExplicitPoliy = true
    • @@ -64,9 +63,9 @@ public class ValidationProfileImpl implements ValidationProfile { *
  • nameConstraintsProcessing = false
    • *
  • revocationChecking = false
    • *
- * - * @param config MOA configuration data for additional configuration - * information (currently unused). + * + * @param config MOA configuration data for additional configuration information + * (currently unused). */ public ValidationProfileImpl(ConfigurationProvider config) { this.config = config; @@ -81,6 +80,7 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit() */ + @Override public boolean getInitialAnyPolicyInhibit() { return initialAnyPolicyInhibit; } @@ -88,6 +88,7 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy() */ + @Override public boolean getInitialExplicitPolicy() { return initialExplicitPolicy; } @@ -95,6 +96,7 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit() */ + @Override public boolean getInitialPolicyMappingInhibit() { return initialPolicyMappingInhibit; } @@ -102,6 +104,7 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet() */ + @Override public Set getInitialPolicySet() { return initialPolicySet; } @@ -109,6 +112,7 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing() */ + @Override public boolean getPolicyProcessing() { return policyProcessing; } @@ -116,6 +120,7 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing() */ + @Override public boolean getNameConstraintsProcessing() { return nameConstraintsProcessing; } @@ -123,8 +128,8 @@ public class ValidationProfileImpl implements ValidationProfile { /** * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking() */ - public boolean getRevocationChecking() - { + @Override + public boolean getRevocationChecking() { return config.getEnableRevocationChecking(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java index 14627b2..5215131 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java @@ -21,37 +21,37 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.pki.revocation; import java.security.cert.X509Certificate; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import iaik.pki.revocation.RevocationProfile; import iaik.pki.revocation.RevocationSourceTypes; -import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; - /** * An implementation of the RevocationProfile interface providing * information about revocation status checking, based on MOA configuration * data. - * + * * @author Patrick Peck * @version $Id$ */ public class RevocationProfileImpl implements RevocationProfile { /** The default service order. */ private static final String[] DEFAULT_SERVICE_ORDER = - { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP }; - /** The ConfigurationProvider to read the MOA configuration data - * from. */ - private ConfigurationProvider config; + { RevocationSourceTypes.CRL, RevocationSourceTypes.OCSP }; + /** + * The ConfigurationProvider to read the MOA configuration data + * from. + */ + private final ConfigurationProvider config; /** The OCSP request hash algorithm. Currently only "SHA" is supported. */ private static final String oCSPRequestHashAlgorithm = "SHA"; /** * Create a new RevocationProfileImpl. - * + * * @param config The MOA configuration data. */ public RevocationProfileImpl(ConfigurationProvider config) { @@ -63,14 +63,15 @@ public class RevocationProfileImpl implements RevocationProfile { /** * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(String) */ - public long getMaxRevocationAge(String distributionPointUri) - { + @Override + public long getMaxRevocationAge(String distributionPointUri) { return config.getMaxRevocationAge(); } /** * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm() */ + @Override public String getOCSPRequestHashAlgorithm() { return oCSPRequestHashAlgorithm; } @@ -78,10 +79,12 @@ public class RevocationProfileImpl implements RevocationProfile { /** * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate) */ - public String[] getPreferredServiceOrder(X509Certificate cert) - { - String[] serviceOrder = config.getServiceOrder(); - if (serviceOrder == null || serviceOrder.length == 0) return DEFAULT_SERVICE_ORDER; + @Override + public String[] getPreferredServiceOrder(X509Certificate cert) { + final String[] serviceOrder = config.getServiceOrder(); + if (serviceOrder == null || serviceOrder.length == 0) { + return DEFAULT_SERVICE_ORDER; + } return serviceOrder; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java index c9f4f28..9ef3764 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java @@ -21,89 +21,82 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore; import java.util.ArrayList; -import java.util.Iterator; import java.util.List; -import iaik.pki.store.truststore.TrustStoreProfile; -import iaik.pki.store.truststore.TrustStoreTypes; -import iaik.pki.store.observer.NotificationData; -import iaik.pki.store.observer.Observer; - import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.TrustProfile; +import iaik.pki.store.observer.NotificationData; +import iaik.pki.store.observer.Observer; +import iaik.pki.store.truststore.TrustStoreProfile; +import iaik.pki.store.truststore.TrustStoreTypes; /** * An implementation of the TrustStoreProfile interface, using data * from the MOA configuration. - * - * @see iaik.pki.store.truststore.TrustStoreProfile + * + * @see iaik.pki.store.truststore.TrustStoreProfile * @author Patrick Peck * @version $Id$ */ public class TrustStoreProfileImpl implements TrustStoreProfile { /** The observers of this profile. */ - private List observers = new ArrayList(); - + private final List observers = new ArrayList(); + /** - * The trust profile identifier. + * The trust profile identifier. */ private String id_; - + /** The type of the trust profile. */ private String type; - /** The URI of the trust profile.*/ + /** The URI of the trust profile. */ private String URI; - /** * Create a new TrustStoreProfileImpl. - * - * @param config The MOA configuration data, from which trust store - * configuration data is read. + * + * @param config The MOA configuration data, from which trust store + * configuration data is read. * @param trustProfileId The trust profile id on which this - * TrustStoreProfile is based. - * @throws MOAApplicationException The trustProfileId could not - * be found in the MOA configuration. + * TrustStoreProfile is based. + * @throws MOAApplicationException The trustProfileId could not be + * found in the MOA configuration. */ public TrustStoreProfileImpl(String trustProfileId, String trustProfileUri) - throws MOAApplicationException { - id_ = trustProfileId; - setURI(trustProfileUri); - setType(TrustStoreTypes.DIRECTORY); - + throws MOAApplicationException { + id_ = trustProfileId; + setURI(trustProfileUri); + setType(TrustStoreTypes.DIRECTORY); + } - + /** * Create a new TrustStoreProfileImpl. - * - * @param config The MOA configuration data, from which trust store - * configuration data is read. + * + * @param config The MOA configuration data, from which trust store + * configuration data is read. * @param trustProfileId The trust profile id on which this - * TrustStoreProfile is based. - * @throws MOAApplicationException The trustProfileId could not - * be found in the MOA configuration. + * TrustStoreProfile is based. + * @throws MOAApplicationException The trustProfileId could not be + * found in the MOA configuration. */ @Deprecated public TrustStoreProfileImpl( - ConfigurationProvider config, - String trustProfileId) - throws MOAApplicationException { + ConfigurationProvider config, + String trustProfileId) + throws MOAApplicationException { - TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId); - if (tp != null) - { + final TrustProfile tp = config.getTrustProfile(trustProfileId); + if (tp != null) { id_ = trustProfileId; setURI(tp.getUri()); setType(TrustStoreTypes.DIRECTORY); - } - else - { + } else { throw new MOAApplicationException("2203", new Object[] { trustProfileId }); } } @@ -111,14 +104,15 @@ public class TrustStoreProfileImpl implements TrustStoreProfile { /** * @see iaik.pki.store.truststore.TrustStoreProfile#getType() */ + @Override public String getType() { return type; } /** * Sets the the trust store type. - * - * @param type The trust store type to set. + * + * @param type The trust store type to set. */ protected void setType(String type) { this.type = type; @@ -127,13 +121,14 @@ public class TrustStoreProfileImpl implements TrustStoreProfile { /** * @see iaik.pki.store.truststore.TrustStoreProfile#getURI() */ + @Override public String getURI() { return URI; } /** * Sets the trust store URI. - * + * * @param URI The trust store URI to set. */ protected void setURI(String URI) { @@ -162,8 +157,8 @@ public class TrustStoreProfileImpl implements TrustStoreProfile { * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData) */ public void notify(NotificationData notificationData) { - for (Iterator iter = observers.iterator(); iter.hasNext();) { - Observer observer = (Observer) iter.next(); + for (final Object observer2 : observers) { + final Observer observer = (Observer) observer2; observer.notify(notificationData); } } @@ -171,8 +166,8 @@ public class TrustStoreProfileImpl implements TrustStoreProfile { /** * @see iaik.pki.store.truststore.TrustStoreProfile#getId() */ - public String getId() - { + @Override + public String getId() { return id_; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java index cc12861..1bba712 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import iaik.server.modules.xml.Base64Transformation; @@ -29,39 +28,39 @@ import iaik.server.modules.xml.Base64Transformation; /** * An implementation of the Base64Transformation * Transformation type. - * + * * @author Patrick Peck * @version $Id$ */ public class Base64TransformationImpl - extends TransformationImpl - implements Base64Transformation { - + extends TransformationImpl + implements Base64Transformation { + /** * Create a new Base64TransformationImpl. - * + * * @see java.lang.Object#Object() - */ + */ public Base64TransformationImpl() { setAlgorithmURI(Base64Transformation.BASE64_DECODING); } /** * Compare this Base64Transformation to another. - * - * @param other The object to compare thisBase64Transformation - * to. + * + * @param other The object to compare thisBase64Transformation to. * @return true, if other is a - * Base64Transformation and the algorithm URIs match, otherwise - * false. + * Base64Transformation and the algorithm URIs match, + * otherwise false. * @see java.lang.Object#equals(Object) - */ + */ + @Override public boolean equals(Object other) { if (other instanceof Base64Transformation) { - Base64Transformation transform = (Base64Transformation) other; + final Base64Transformation transform = (Base64Transformation) other; return getAlgorithmURI().equals(transform.getAlgorithmURI()); } return false; } - + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java index 4d627d7..e498842 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.io.ByteArrayInputStream; @@ -31,22 +30,21 @@ import iaik.server.modules.xml.BinaryDataObject; /** * A BinaryDataObject encapsulating Base64 data. - * + * * @author Patrick Peck * @version $Id$ */ public class ByteArrayDataObjectImpl - extends DataObjectImpl - implements BinaryDataObject { + extends DataObjectImpl + implements BinaryDataObject { /** The binary data contained in this BinaryDataObject. */ private byte[] bytes; /** * Create a new ByteArrayDataObjectImpl. - * - * @param bytes The binary data contained in this - * BinaryDataObject. + * + * @param bytes The binary data contained in this BinaryDataObject. */ public ByteArrayDataObjectImpl(byte[] bytes) { setBytes(bytes); @@ -54,23 +52,22 @@ public class ByteArrayDataObjectImpl /** * Set the Base64 data. - * - * @param bytes The binary data contained in this - * BinaryDataObject. + * + * @param bytes The binary data contained in this BinaryDataObject. */ public void setBytes(byte[] bytes) { this.bytes = bytes; } /** - * Return the binary data encoded in the Base64 String as a - * stream. - * + * Return the binary data encoded in the Base64 String as a stream. + * * @return The binary data contained in this object, as a - * InputStream. Repeated calls to this function will return a - * new stream to the Base64 data. + * InputStream. Repeated calls to this function will return + * a new stream to the Base64 data. * @see iaik.server.modules.xml.BinaryDataObject#getInputStream() */ + @Override public InputStream getInputStream() { return new ByteArrayInputStream(bytes); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java index b982c8e..af8ee66 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.io.InputStream; @@ -29,21 +28,21 @@ import java.io.InputStream; import iaik.server.modules.xml.BinaryDataObject; /** - * A BinaryDataObject encapsulating binary data from a stream. - * + * A BinaryDataObject encapsulating binary data from a stream. + * * @author Patrick Peck * @version $Id$ */ public class ByteStreamDataObjectImpl - extends DataObjectImpl - implements BinaryDataObject { + extends DataObjectImpl + implements BinaryDataObject { /** The InputStream containing the binary data. */ private InputStream inputStream; /** * Create a new ByteStreamDataObjectImpl. - * + * * @param inputStream The stream from which to read the binary data. */ public ByteStreamDataObjectImpl(InputStream inputStream) { @@ -52,7 +51,7 @@ public class ByteStreamDataObjectImpl /** * Set the input stream from which to read the binary data. - * + * * @param inputStream The input stream from which to read the binary data. */ public void setInputStream(InputStream inputStream) { @@ -61,11 +60,12 @@ public class ByteStreamDataObjectImpl /** * Return the binary data from this object as a stream. - * + * * @return The stream containing the binary data. Calling this function - * repeatedly will always return the same InputStream. + * repeatedly will always return the same InputStream. * @see iaik.server.modules.xml.BinaryDataObject#getInputStream() */ + @Override public InputStream getInputStream() { return inputStream; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java index 0c3a8da..1e2a651 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import iaik.server.modules.xml.Canonicalization; @@ -29,36 +28,36 @@ import iaik.server.modules.xml.Canonicalization; /** * An implementation of the CanonicalizationTransform * Transformation type. - * + * * @author Patrick Peck * @version $Id$ */ public class CanonicalizationImpl - extends TransformationImpl - implements Canonicalization { - + extends TransformationImpl + implements Canonicalization { + /** * Create a new CanonicalizationTransformImpl object. - * + * * @param algorithmURI The canonicalization algorithm URI. - */ + */ public CanonicalizationImpl(String algorithmURI) { setAlgorithmURI(algorithmURI); } - + /** * Compare this object to another Canonicalization. - * - * @param other The object to compare this - * Canonicalization to. + * + * @param other The object to compare this Canonicalization to. * @return true, if other is a - * Canonicalization and the algorithm URIs match, otherwise - * false. + * Canonicalization and the algorithm URIs match, otherwise + * false. * @see java.lang.Object#equals(Object) */ + @Override public boolean equals(Object other) { if (other instanceof Canonicalization) { - Canonicalization c14n = (Canonicalization) other; + final Canonicalization c14n = (Canonicalization) other; return getAlgorithmURI().equals(c14n.getAlgorithmURI()); } return false; diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java index 702caaf..ac36875 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import iaik.server.modules.xml.DataObject; @@ -29,12 +28,12 @@ import iaik.server.modules.xml.DataObject; /** * Abstract base implementation for the classes derived from * DataObject. - * + * * @author Patrick Peck * @version $Id$ */ public abstract class DataObjectImpl implements DataObject { - + /** The MIME type of the data object. */ private String mimeType; /** The refernce ID. */ @@ -43,33 +42,35 @@ public abstract class DataObjectImpl implements DataObject { private String typeURI; /** The URI identifying the data. */ private String URI; - + /** * @see iaik.server.modules.xml.DataObject#getMimeType() */ + @Override public String getMimeType() { return mimeType; } /** * Set the mime type. - * + * * @param mimeType The mime type to set. */ public void setMimeType(String mimeType) { this.mimeType = mimeType; } - + /** * @see iaik.server.modules.xml.DataObject#getReferenceID() */ + @Override public String getReferenceID() { return referenceID; } - + /** * Set the reference ID. - * + * * @param referenceID The reference ID. */ public void setReferenceID(String referenceID) { @@ -79,13 +80,14 @@ public abstract class DataObjectImpl implements DataObject { /** * @see iaik.server.modules.xml.DataObject#getTypeURI() */ + @Override public String getTypeURI() { return typeURI; } /** * Set the type URI. - * + * * @param typeURI The type URI. */ public void setTypeURI(String typeURI) { @@ -95,13 +97,14 @@ public abstract class DataObjectImpl implements DataObject { /** * @see iaik.server.modules.xml.DataObject#getURI() */ + @Override public String getURI() { return URI; } - + /** * Set the URI. - * + * * @param URI The URI. */ public void setURI(String URI) { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java index d582594..2c9f0e3 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import iaik.server.modules.xml.EnvelopedSignatureTransformation; @@ -29,13 +28,13 @@ import iaik.server.modules.xml.EnvelopedSignatureTransformation; /** * An implementation of the EnvelopedSignatureTransformation * Transformation type. - * + * * @author Patrick Peck * @version $Id$ */ public class EnvelopedSignatureTransformationImpl - extends TransformationImpl - implements EnvelopedSignatureTransformation { + extends TransformationImpl + implements EnvelopedSignatureTransformation { /** * Create a new EnvelopedSignatureTransformationImpl. @@ -46,18 +45,19 @@ public class EnvelopedSignatureTransformationImpl /** * Compare this object to another EnvelopedSignatureTransformation. - * - * @param other The object to compare this - * EnvelopedSignatureTransformation to. + * + * @param other The object to compare this + * EnvelopedSignatureTransformation to. * @return true, if other is a - * EnvelopedSignatureTransformation, otherwise - * false. + * EnvelopedSignatureTransformation, otherwise + * false. * @see java.lang.Object#equals(Object) */ + @Override public boolean equals(Object other) { if (other instanceof EnvelopedSignatureTransformation) { - EnvelopedSignatureTransformation transform = - (EnvelopedSignatureTransformation) other; + final EnvelopedSignatureTransformation transform = + (EnvelopedSignatureTransformation) other; return getAlgorithmURI().equals(transform.getAlgorithmURI()); } return false; diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java index dfadf0c..ce98e7f 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.util.List; @@ -29,38 +28,39 @@ import java.util.List; import iaik.server.modules.xml.ExclusiveCanonicalization; /** - * An implementation of the ExclusiveCanonicalization type - * of Transformation. - * + * An implementation of the ExclusiveCanonicalization type of + * Transformation. + * * @author Patrick Peck * @version $Id$ */ public class ExclusiveCanonicalizationImpl - extends TransformationImpl - implements ExclusiveCanonicalization { + extends TransformationImpl + implements ExclusiveCanonicalization { /** The prefixes of the namespaces to treat according to canonical XML. */ private List inclusiveNamespacePrefixes; /** * Create a new ExclusiveCanonicalizationImpl object. - * - * @param algorithmURI The exclusive canonicalization algorithm URI. + * + * @param algorithmURI The exclusive canonicalization algorithm + * URI. * @param inclusiveNamespacePrefixes The namespace prefixes to be processed - * according to canonical XML. + * according to canonical XML. */ public ExclusiveCanonicalizationImpl( - String algorithmURI, - List inclusiveNamespacePrefixes) { + String algorithmURI, + List inclusiveNamespacePrefixes) { setAlgorithmURI(algorithmURI); setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes); } /** * Sets the namespace prefixes to be processed according to canonical XML. - * + * * @param inclusiveNamespacePrefixes The prefixes of the namespaces to treat - * according to canonical XML. + * according to canonical XML. */ protected void setInclusiveNamespacePrefixes(List inclusiveNamespacePrefixes) { this.inclusiveNamespacePrefixes = inclusiveNamespacePrefixes; @@ -69,29 +69,32 @@ public class ExclusiveCanonicalizationImpl /** * @see iaik.server.modules.xml.ExclusiveCanonicalization#getInclusiveNamespacePrefixes() */ + @Override public List getInclusiveNamespacePrefixes() { return inclusiveNamespacePrefixes; } /** * Compare this object to another CanonicalizationTransform. - * - * @param other The object to compare this - * ExclusiveCanonicalization to. + * + * @param other The object to compare this + * ExclusiveCanonicalization to. * @return true, if other is a - * ExclusiveCanonicalization and the algorithm URIs match, - * otherwise false. + * ExclusiveCanonicalization and the algorithm URIs match, + * otherwise false. * @see java.lang.Object#equals(Object) */ + @Override public boolean equals(Object other) { if (other instanceof ExclusiveCanonicalization) { - ExclusiveCanonicalization eC14n = - (ExclusiveCanonicalization) other; - boolean algURIEquals = getAlgorithmURI().equals(eC14n.getAlgorithmURI()); - boolean inclNSPrefs = - (getInclusiveNamespacePrefixes() == null || getInclusiveNamespacePrefixes().isEmpty()) - ? eC14n.getInclusiveNamespacePrefixes() == null || eC14n.getInclusiveNamespacePrefixes().isEmpty() - : getInclusiveNamespacePrefixes().equals(eC14n.getInclusiveNamespacePrefixes()); + final ExclusiveCanonicalization eC14n = + (ExclusiveCanonicalization) other; + final boolean algURIEquals = getAlgorithmURI().equals(eC14n.getAlgorithmURI()); + final boolean inclNSPrefs = + getInclusiveNamespacePrefixes() == null || getInclusiveNamespacePrefixes().isEmpty() + ? eC14n.getInclusiveNamespacePrefixes() == null || eC14n.getInclusiveNamespacePrefixes() + .isEmpty() + : getInclusiveNamespacePrefixes().equals(eC14n.getInclusiveNamespacePrefixes()); return algURIEquals && inclNSPrefs; } return false; diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java index 9026d33..9f4e22d 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.util.Date; @@ -30,18 +29,18 @@ import iaik.server.modules.xml.SigningTime; /** * An implementation of the SigningTime Property. - * + * * @author Patrick Peck * @version $Id$ */ public class SigningTimeImpl implements SigningTime { - + /** The signing time. */ - private Date signingTime; - + private final Date signingTime; + /** * Create a new SigningTimeImpl. - * + * * @param signingTime The signing time. */ public SigningTimeImpl(Date signingTime) { @@ -51,6 +50,7 @@ public class SigningTimeImpl implements SigningTime { /** * @see iaik.server.modules.xml.SigningTime#getSigningTime() */ + @Override public Date getSigningTime() { return signingTime; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java index 1595446..fa3401e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java @@ -21,14 +21,13 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import iaik.server.modules.xml.Transformation; /** * Base implementation class for Transformation derived classes. - * + * * @author Patrick Peck * @version $Id$ */ @@ -36,32 +35,34 @@ public abstract class TransformationImpl implements Transformation { /** The algorithm URI identifying the transformation algorithm. */ private String algorithmURI; - + /** * @see iaik.server.modules.xml.Transformation#getAlgorithmURI() */ + @Override public String getAlgorithmURI() { return algorithmURI; } /** * Sets the algorithm URI. - * + * * @param algorithmURI The algorithm URI to set. */ protected void setAlgorithmURI(String algorithmURI) { this.algorithmURI = algorithmURI; } - + /** * Returns the hash code of the algorithm URI. Should be overridden if a * transformation distinguishes itself from others by more than just the * algorithm URI. - * + * * @see java.lang.Object#hashCode() */ + @Override public int hashCode() { return getAlgorithmURI().hashCode(); } - + } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java index e8444b9..0688d0e 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import org.w3c.dom.Element; @@ -30,22 +29,21 @@ import iaik.server.modules.xml.XMLDataObject; /** * A DataObject containing a single DOM element. - * + * * @author Patrick Peck * @version $Id$ */ public class XMLDataObjectImpl - extends DataObjectImpl - implements XMLDataObject { - - /** The XML data contained in this XMLDataObject. */ + extends DataObjectImpl + implements XMLDataObject { + + /** The XML data contained in this XMLDataObject. */ private Element element; - + /** * Create a new XMLDataObjectImpl. - * - * @param element The DOM element contained in this - * XMLDataObject. + * + * @param element The DOM element contained in this XMLDataObject. */ public XMLDataObjectImpl(Element element) { setElement(element); @@ -54,13 +52,14 @@ public class XMLDataObjectImpl /** * @see iaik.server.modules.xml.XMLDataObject#getElement() */ + @Override public Element getElement() { return element; } /** * Set the DOM element contained in this XMLDataObject. - * + * * @param element The DOM element to set. */ public void setElement(Element element) { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java index 2fb9df9..51f96f0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import org.w3c.dom.NodeList; @@ -30,22 +29,22 @@ import iaik.server.modules.xml.XMLNodeListDataObject; /** * A DataObject containing a list of DOM nodes. - * + * * @author Patrick Peck * @version $Id$ */ public class XMLNodeListDataObjectImpl - extends DataObjectImpl - implements XMLNodeListDataObject { + extends DataObjectImpl + implements XMLNodeListDataObject { /** The nodes contained in this XMLNodeListDataObject. */ private NodeList nodeList; /** * Create a new XMLNodeListDataObjectImpl. - * + * * @param nodeList The list of DOM nodes contained in this - * XMLNodeListDataObject. + * XMLNodeListDataObject. */ public XMLNodeListDataObjectImpl(NodeList nodeList) { setNodeList(nodeList); @@ -54,7 +53,7 @@ public class XMLNodeListDataObjectImpl /** * Set the list of DOM nodes contained in this * XMLNodeListDataObject. - * + * * @param nodeList The list of DOM nodes to set. */ public void setNodeList(NodeList nodeList) { @@ -64,6 +63,7 @@ public class XMLNodeListDataObjectImpl /** * @see iaik.server.modules.xml.XMLNodeListDataObject#getNodeList() */ + @Override public NodeList getNodeList() { return nodeList; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java index 0774726..1844780 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import org.w3c.dom.Element; @@ -29,28 +28,28 @@ import org.w3c.dom.Element; import iaik.server.modules.xml.XMLSignature; /** - * An object containing an XMLDsig signature in the form of a + * An object containing an XMLDsig signature in the form of a * dsig:Signature DOM element. - * + * * @author Patrick Peck * @version $Id$ */ public class XMLSignatureImpl implements XMLSignature { /** The signature DOM element. */ private Element element; - + /** * Create a new XMLSignatureImpl. - * + * * @param element The dsig:Signature DOM element. */ public XMLSignatureImpl(Element element) { setElement(element); } - + /** * Set the dsig:Signature DOM element. - * + * * @param element The dsig:Signature element to set. */ public void setElement(Element element) { @@ -60,6 +59,7 @@ public class XMLSignatureImpl implements XMLSignature { /** * @see iaik.server.modules.xml.XMLSignature#getElement() */ + @Override public Element getElement() { return element; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java index d309302..a44196a 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.util.Map; @@ -31,7 +30,7 @@ import iaik.server.modules.xml.XPath2Transformation.XPath2Filter; /** * An object encapsulating an XPath-Filter2 expression. - * + * * @author Patrick Peck * @version $Id$ */ @@ -46,17 +45,18 @@ public class XPath2FilterImpl implements XPath2Filter { /** * Create a new XPath2FilterImpl object. - * - * @param filterType The type of filter. Must be one of the filter type - * constants declared in iaik.server.modules.xml.XPath2Transformation.XPath2Filter - * @param xPathExpression The XPath expression belonging to this filter. + * + * @param filterType The type of filter. Must be one of the filter + * type constants declared in + * iaik.server.modules.xml.XPath2Transformation.XPath2Filter + * @param xPathExpression The XPath expression belonging to this filter. * @param namespaceDeclarations The namespace declarations visible for this - * XPath2Filter. + * XPath2Filter. */ public XPath2FilterImpl( - String filterType, - String xPathExpression, - Map namespaceDeclarations) { + String filterType, + String xPathExpression, + Map namespaceDeclarations) { setFilterType(filterType); setXPathExpression(xPathExpression); @@ -66,13 +66,14 @@ public class XPath2FilterImpl implements XPath2Filter { /** * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getFilterType() */ + @Override public String getFilterType() { return filterType; } /** * Set the filter type. - * + * * @param filterType The filter type to set. */ protected void setFilterType(String filterType) { @@ -82,13 +83,14 @@ public class XPath2FilterImpl implements XPath2Filter { /** * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getXPathExpression() */ + @Override public String getXPathExpression() { return xPathExpression; } /** * Set the XPath expression. - * + * * @param xPathExpression The XPath expression to set. */ protected void setXPathExpression(String xPathExpression) { @@ -98,15 +100,16 @@ public class XPath2FilterImpl implements XPath2Filter { /** * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getNamespaceDeclarations() */ + @Override public Map getNamespaceDeclarations() { return namespaceDeclarations; } /** * Set the namespace declarations. - * - * @param namespaceDeclarations The mapping between namespace prefixes and - * their associated URI. + * + * @param namespaceDeclarations The mapping between namespace prefixes and their + * associated URI. */ protected void setNamespaceDeclarations(Map namespaceDeclarations) { this.namespaceDeclarations = namespaceDeclarations; @@ -114,18 +117,19 @@ public class XPath2FilterImpl implements XPath2Filter { /** * Compare this object to another. - * + * * @param other The object to compare this XPath2Filter to. * @return true, if other is a - * XPath2Filter and the filter types match and the XPath - * expressions match. Otherwise false is returned. + * XPath2Filter and the filter types match and the XPath + * expressions match. Otherwise false is returned. * @see java.lang.Object#equals(java.lang.Object) */ + @Override public boolean equals(Object other) { if (other instanceof XPath2Transformation.XPath2Filter) { - XPath2Filter filter = (XPath2Transformation.XPath2Filter) other; + final XPath2Filter filter = (XPath2Transformation.XPath2Filter) other; return getFilterType().equals(filter.getFilterType()) - && getXPathExpression().equals(filter.getXPathExpression()); + && getXPathExpression().equals(filter.getXPathExpression()); } return false; } @@ -133,6 +137,7 @@ public class XPath2FilterImpl implements XPath2Filter { /** * @see java.lang.Object#hashCode() */ + @Override public int hashCode() { return getXPathExpression().hashCode() * 31 + getFilterType().hashCode(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java index f483b18..b49bd64 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.util.ArrayList; @@ -33,20 +32,20 @@ import iaik.server.modules.xml.XPath2Transformation; /** * An object encapsulating a Transformation containing several * XPath-Filter2 expressions. - * + * * @author Patrick Peck * @version $Id$ */ public class XPath2TransformationImpl - extends TransformationImpl - implements XPath2Transformation { + extends TransformationImpl + implements XPath2Transformation { /** The filters contained in this XPath2Transformation */ - private List xPathFilters = new ArrayList(); + private final List xPathFilters = new ArrayList(); /** * Create a new XPath2TransformationImpl. - * + * * The list of XPath-Filter2 expression is initially empty. */ public XPath2TransformationImpl() { @@ -56,13 +55,14 @@ public class XPath2TransformationImpl /** * @see iaik.server.modules.xml.XPath2Transformation#getXPathFilters() */ + @Override public List getXPathFilters() { return xPathFilters; } /** * Add an XPath-Filter2 expression to the list of filters. - * + * * @param filter The filter to add. */ public void addXPathFilter(XPath2Filter filter) { @@ -71,18 +71,18 @@ public class XPath2TransformationImpl /** * Compare this XPath2Transformation to another. - * - * @param other The object to compare this - * XPath2Transformation to. + * + * @param other The object to compare this XPath2Transformation to. * @return true, if other is an - * XPath2Transformation and getXPathFilters() equals - * other.getXPathFilters(). Otherwise false is - * returned. + * XPath2Transformation and getXPathFilters() + * equals other.getXPathFilters(). Otherwise + * false is returned. * @see java.lang.Object#equals(Object) */ + @Override public boolean equals(Object other) { if (other instanceof XPath2Transformation) { - XPath2Transformation transform = (XPath2Transformation) other; + final XPath2Transformation transform = (XPath2Transformation) other; return getXPathFilters().equals(transform.getXPathFilters()); } @@ -92,8 +92,9 @@ public class XPath2TransformationImpl /** * @see java.lang.Object#hashCode() */ + @Override public int hashCode() { - Iterator iter = getXPathFilters().iterator(); + final Iterator iter = getXPathFilters().iterator(); int hashCode = 0; while (iter.hasNext()) { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java index 06cc319..65b33f4 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java @@ -21,7 +21,6 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xml; import java.util.Map; @@ -30,13 +29,13 @@ import iaik.server.modules.xml.XPathTransformation; /** * A Transformation containing an XPath expression. - * + * * @author Patrick Peck * @version $Id$ */ public class XPathTransformationImpl - extends TransformationImpl - implements XPathTransformation { + extends TransformationImpl + implements XPathTransformation { /** The XPath expression. */ private String xPathExpression; @@ -45,16 +44,16 @@ public class XPathTransformationImpl /** * Create a new XPathTransformationImpl. - * + * * The namespace declarations are initialized empty. - * - * @param xPathExpression The XPath expression this object will contain. + * + * @param xPathExpression The XPath expression this object will contain. * @param namespaceDeclarations The namespace declarations visible for this - * XPath. + * XPath. */ public XPathTransformationImpl( - String xPathExpression, - Map namespaceDeclarations) { + String xPathExpression, + Map namespaceDeclarations) { setAlgorithmURI(XPathTransformation.XPATH); setXPathExpression(xPathExpression); @@ -63,7 +62,7 @@ public class XPathTransformationImpl /** * Set the XPath expression. - * + * * @param xPathExpression The XPath expression. */ protected void setXPathExpression(String xPathExpression) { @@ -73,6 +72,7 @@ public class XPathTransformationImpl /** * @see iaik.server.modules.xml.XPathTransformation#getXPathExpression() */ + @Override public String getXPathExpression() { return xPathExpression; } @@ -80,15 +80,16 @@ public class XPathTransformationImpl /** * @see iaik.server.modules.xml.XPathTransformation#getNamespaceDeclarations() */ + @Override public Map getNamespaceDeclarations() { return namespaceDeclarations; } /** * Set the namespace declarations. - * - * @param namespaceDeclarations The mapping between namespace prefixes and - * their associated URI. + * + * @param namespaceDeclarations The mapping between namespace prefixes and their + * associated URI. */ protected void setNamespaceDeclarations(Map namespaceDeclarations) { this.namespaceDeclarations = namespaceDeclarations; @@ -96,17 +97,18 @@ public class XPathTransformationImpl /** * Compare this XPathTransformation to another. - * - * @param other The object to compare this - * XPathTransformation to. + * + * @param other The object to compare this XPathTransformation to. * @return true, if other is an - * XPathTransformation and if this object contains the same XPath - * expression as other. Otherwise false is returned. + * XPathTransformation and if this object contains the same + * XPath expression as other. Otherwise false + * is returned. * @see java.lang.Object#equals(Object) */ + @Override public boolean equals(Object other) { if (other instanceof XPathTransformation) { - XPathTransformation transform = (XPathTransformation) other; + final XPathTransformation transform = (XPathTransformation) other; return getXPathExpression().equals(transform.getXPathExpression()); } return false; @@ -115,6 +117,7 @@ public class XPathTransformationImpl /** * @see java.lang.Object#hashCode() */ + @Override public int hashCode() { return getXPathExpression().hashCode(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java index 9dc45fc..6c71f42 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java @@ -45,204 +45,194 @@ import at.gv.egovernment.moaspss.util.XPathException; import at.gv.egovernment.moaspss.util.XPathUtils; import iaik.server.modules.xml.MOAXSecProvider; import iaik.server.modules.xml.XSLTTransformation; -import iaik.xml.crypto.dsig.XMLSignatureFactory; -import iaik.xml.filter.impl.dsig.CanonInputStream; -import iaik.xml.filter.impl.dsig.Canonicalizer; -import iaik.xml.filter.impl.dsig.Traverser; /** * A Transformation containing an XSLT transformation. - * + * * @author Patrick Peck * @version $Id$ */ public class XSLTTransformationImpl extends TransformationImpl implements XSLTTransformation { - /** The XSLT stylesheet. */ - private Element styleSheetElement; - /** - * The hash code of the canonicalized stylesheet. If calculated, this value - * should be != 0. - */ - private int hashCode; - - /** - * Create a new XSLTTransformationImpl object. - * - * @param styleSheetElement - * The XSLT stylesheet element. - */ - public XSLTTransformationImpl(Element styleSheetElement) { - setAlgorithmURI(XSLTTransformation.XSLT); - setStyleSheetElement(styleSheetElement); - } - - /** - * Set the XSLT stylesheet element. - * - * @param styleSheetElement - * The XSLT stylesheet element to set. - */ - protected void setStyleSheetElement(Element styleSheetElement) { - this.styleSheetElement = styleSheetElement; - this.hashCode = 0; - } - - /** - * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement() - */ - public Element getStylesheetElement() { - return styleSheetElement; - } - - /** - * Compare this XSLTTransformation to another. - * - * @param other - * The object to compare this XSLTTransformation to. - * @return true, if other is an - * XSLTTransformation and if the canonicalized - * representations of the stylesheets contained in this - * and other match. Otherwise, false is - * returned. - * @see java.lang.Object#equals(Object) - */ - public boolean equals(Object other) { - if (other instanceof XSLTTransformation) { - XSLTTransformation xslt = (XSLTTransformation) other; - - return compareElements(getStylesheetElement(), xslt.getStylesheetElement()); - } - return false; - } - - /** - * @see java.lang.Object#hashCode() - */ - public int hashCode() { - if (hashCode == 0) { - hashCode = calculateHashCode(getStylesheetElement()); - } - return hashCode; - } - - /** - * Calculate the hash code for a DOM element by canonicalizing it. - * - * @param element - * The DOM element for which the hash code is to be calculated. - * @return int The hash code, or 0, if it could not be - * calculated. - */ - private static int calculateHashCode(Element element) { - try { - InputStream is = canonicalize(element); - byte[] buf = new byte[256]; - int hashCode = 1; - int length; - int i; - - while ((length = is.read(buf)) > 0) { - for (i = 0; i < length; i++) { - hashCode += buf[i] * 31 + i; - } - } - is.close(); - return hashCode; - } catch (IOException e) { - return 0; - } catch (NoSuchAlgorithmException e) { - return 0; - } catch (InvalidAlgorithmParameterException e) { - return 0; - } catch (TransformException e) { - return 0; - } - } - - /** - * Compare two DOM elements by canonicalizing their contents and comparing - * the resulting byte stream. - * - * @param elem1 - * The 1st element to compare. - * @param elem2 - * The 2nd element to compare. - * @return boolean true, if the elements are considered equal - * after canonicalization. Otherwise false is returned. - */ - private static boolean compareElements(Element elem1, Element elem2) { - try { - InputStream is1 = canonicalize(elem1); - InputStream is2 = canonicalize(elem2); - return StreamUtils.compareStreams(is1, is2); - } catch (IOException e) { - return false; - } catch (NoSuchAlgorithmException e) { - return false; - } catch (InvalidAlgorithmParameterException e) { - return false; - } catch (TransformException e) { - return false; - } - } - - /** - * Canonicalize a DOM element. + /** The XSLT stylesheet. */ + private Element styleSheetElement; + /** + * The hash code of the canonicalized stylesheet. If calculated, this value + * should be != 0. + */ + private int hashCode; + + /** + * Create a new XSLTTransformationImpl object. + * + * @param styleSheetElement The XSLT stylesheet element. + */ + public XSLTTransformationImpl(Element styleSheetElement) { + setAlgorithmURI(XSLTTransformation.XSLT); + setStyleSheetElement(styleSheetElement); + } + + /** + * Set the XSLT stylesheet element. + * + * @param styleSheetElement The XSLT stylesheet element to set. + */ + protected void setStyleSheetElement(Element styleSheetElement) { + this.styleSheetElement = styleSheetElement; + this.hashCode = 0; + } + + /** + * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement() + */ + @Override + public Element getStylesheetElement() { + return styleSheetElement; + } + + /** + * Compare this XSLTTransformation to another. + * + * @param other The object to compare this XSLTTransformation to. + * @return true, if other is an + * XSLTTransformation and if the canonicalized + * representations of the stylesheets contained in this and + * other match. Otherwise, false is returned. + * @see java.lang.Object#equals(Object) + */ + @Override + public boolean equals(Object other) { + if (other instanceof XSLTTransformation) { + final XSLTTransformation xslt = (XSLTTransformation) other; + + return compareElements(getStylesheetElement(), xslt.getStylesheetElement()); + } + return false; + } + + /** + * @see java.lang.Object#hashCode() + */ + @Override + public int hashCode() { + if (hashCode == 0) { + hashCode = calculateHashCode(getStylesheetElement()); + } + return hashCode; + } + + /** + * Calculate the hash code for a DOM element by canonicalizing it. * + * @param element The DOM element for which the hash code is to be calculated. + * @return int The hash code, or 0, if it could not be calculated. + */ + private static int calculateHashCode(Element element) { + try { + final InputStream is = canonicalize(element); + final byte[] buf = new byte[256]; + int hashCode = 1; + int length; + int i; + + while ((length = is.read(buf)) > 0) { + for (i = 0; i < length; i++) { + hashCode += buf[i] * 31 + i; + } + } + is.close(); + return hashCode; + } catch (final IOException e) { + return 0; + } catch (final NoSuchAlgorithmException e) { + return 0; + } catch (final InvalidAlgorithmParameterException e) { + return 0; + } catch (final TransformException e) { + return 0; + } + } + + /** + * Compare two DOM elements by canonicalizing their contents and comparing the + * resulting byte stream. + * + * @param elem1 The 1st element to compare. + * @param elem2 The 2nd element to compare. + * @return boolean true, if the elements are considered equal after + * canonicalization. Otherwise false is returned. + */ + private static boolean compareElements(Element elem1, Element elem2) { + try { + final InputStream is1 = canonicalize(elem1); + final InputStream is2 = canonicalize(elem2); + return StreamUtils.compareStreams(is1, is2); + } catch (final IOException e) { + return false; + } catch (final NoSuchAlgorithmException e) { + return false; + } catch (final InvalidAlgorithmParameterException e) { + return false; + } catch (final TransformException e) { + return false; + } + } + + /** + * Canonicalize a DOM element. + * * @param element The element to canonicalize. * @return InputStream A stream with the canonicalized data. - * @throws InvalidAlgorithmParameterException - * @throws IOException - * @throws TransformException - * @throws AlgorithmException An error occurred canonicalizing the element. + * @throws InvalidAlgorithmParameterException + * @throws IOException + * @throws TransformException + * @throws AlgorithmException An error occurred canonicalizing + * the element. */ private static InputStream canonicalize(Element element) - throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException { - // CanonicalizationMethod canonicalizationMethod = - // MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod( - // CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec()); - - //CanonicalizationAlgorithm c14n = - // new CanonicalizationAlgorithmImplExclusiveCanonicalXML(); - //Traverser traverser = new Traverser(element, true, true); - //Canonicalizer canonicalizer = new Canonicalizer(traverser, false, true, null); - - //return new CanonInputStream(canonicalizer); - - CanonicalizationMethod canonicalizationMethod = - MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod( - CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec()); - - //CanonicalizationAlgorithm c14n = - // new CanonicalizationAlgorithmImplExclusiveCanonicalXML(); - NodeList nodeList; - - try { - nodeList = XPathUtils.selectNodeList(element, - XPathUtils.ALL_NODES_XPATH); - } catch (XPathException e) { - nodeList = new NodeListAdapter(Collections.EMPTY_LIST); - } - //c14n.setInput(nodeList); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - canonicalizationMethod.transform(new - NodeListToNodeSetDataAdapter(nodeList), null, baos); - baos.close(); - return new ByteArrayInputStream(baos.toByteArray()); - /* - NodeList nodeList; - + throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException { + // CanonicalizationMethod canonicalizationMethod = + // MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod( + // CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec()); + + // CanonicalizationAlgorithm c14n = + // new CanonicalizationAlgorithmImplExclusiveCanonicalXML(); + // Traverser traverser = new Traverser(element, true, true); + // Canonicalizer canonicalizer = new Canonicalizer(traverser, false, true, + // null); + + // return new CanonInputStream(canonicalizer); + + final CanonicalizationMethod canonicalizationMethod = + MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod( + CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec()); + + // CanonicalizationAlgorithm c14n = + // new CanonicalizationAlgorithmImplExclusiveCanonicalXML(); + NodeList nodeList; + try { - nodeList = XPathUtils.selectNodeList(element, XPathUtils.ALL_NODES_XPATH); - } catch (XPathException e) { + nodeList = XPathUtils.selectNodeList(element, + XPathUtils.ALL_NODES_XPATH); + } catch (final XPathException e) { nodeList = new NodeListAdapter(Collections.EMPTY_LIST); } - //c14n.setInput(nodeList); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); + // c14n.setInput(nodeList); + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList), null, baos); baos.close(); - return new ByteArrayInputStream(baos.toByteArray());*/ + return new ByteArrayInputStream(baos.toByteArray()); + /* + * NodeList nodeList; + * + * try { nodeList = XPathUtils.selectNodeList(element, + * XPathUtils.ALL_NODES_XPATH); } catch (XPathException e) { nodeList = new + * NodeListAdapter(Collections.EMPTY_LIST); } //c14n.setInput(nodeList); + * ByteArrayOutputStream baos = new ByteArrayOutputStream(); + * canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList), + * null, baos); baos.close(); return new + * ByteArrayInputStream(baos.toByteArray()); + */ } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java index 310f2dd..6eb565a 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java @@ -21,19 +21,17 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xmlsign; import java.util.List; -import iaik.server.modules.xmlsign.DataObjectTreatment; - import at.gv.egovernment.moa.spss.server.util.IdGenerator; +import iaik.server.modules.xmlsign.DataObjectTreatment; /** * An object encapsulating how to treat an associated DataObject * when creating a signature. - * + * * @author Patrick Peck * @version $Id$ */ @@ -51,29 +49,30 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** Whether to include the associated data object in the manifest. */ private boolean referenceInManifest; /** The object ID generator. */ - private IdGenerator objIdGen; - + private final IdGenerator objIdGen; + /** * Create a new DataObjectTreatmentImpl. - * + * * @param objIdGen The IdGenerator for unique object IDs. */ public DataObjectTreatmentImpl(IdGenerator objIdGen) { this.objIdGen = objIdGen; } - + /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#getFinalContentType() */ + @Override public String getFinalContentType() { return finalContentType; } /** * Sets the final content type. - * + * * @param finalContentType The final content type to set (a MIME-type type of - * String). + * String). */ public void setFinalContentType(String finalContentType) { this.finalContentType = finalContentType; @@ -82,13 +81,14 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#getHashAlgorithmName() */ + @Override public String getHashAlgorithmName() { return hashAlgorithmName; } /** * Sets the hash algorithm name. - * + * * @param hashAlgorithmName The hash algorithm name to set. */ public void setHashAlgorithmName(String hashAlgorithmName) { @@ -98,16 +98,18 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#isIncludedInSignature() */ + @Override public boolean isIncludedInSignature() { return includedInSignature; } /** - * Sets whether the associated DataObject is to be included in - * the signature. - * + * Sets whether the associated DataObject is to be included in the + * signature. + * * @param includedInSignature If true, the associated - * DataObject will be included in the signature, otherwise not. + * DataObject will be included in the + * signature, otherwise not. */ public void setIncludedInSignature(boolean includedInSignature) { this.includedInSignature = includedInSignature; @@ -116,16 +118,18 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#isReferenceInManifest() */ + @Override public boolean isReferenceInManifest() { return referenceInManifest; } /** - * Sets whether the associated DataObject is - * to be included in the dsig:Manifest. - * + * Sets whether the associated DataObject is to be included in the + * dsig:Manifest. + * * @param referenceInManifest If true, the associated - * DataObject will be included in the manifest, otherwise not. + * DataObject will be included in the + * manifest, otherwise not. */ public void setReferenceInManifest(boolean referenceInManifest) { this.referenceInManifest = referenceInManifest; @@ -134,13 +138,14 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationList() */ + @Override public List getTransformationList() { return transformationList; } /** * Set the list of transformations for the associated DataObject. - * + * * @param transformationList The transformations to set. */ public void setTransformationList(List transformationList) { @@ -150,6 +155,7 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationSupplements() */ + @Override public List getTransformationSupplements() { return transformationSupplements; } @@ -157,16 +163,17 @@ public class DataObjectTreatmentImpl implements DataObjectTreatment { /** * Sets the transformation supplements for the associated * DataObject. - * + * * @param transformationSupplements The transformation supplements to set. */ public void setTransformationSupplements(List transformationSupplements) { this.transformationSupplements = transformationSupplements; } - + /** * @see iaik.server.modules.xmlsign.DataObjectTreatment#getDsigDataObjectID() */ + @Override public String getDsigDataObjectID() { return objIdGen.uniqueId(); } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java index 9d6e3d2..516e3d8 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java @@ -21,9 +21,16 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xmlsign; +import java.util.List; +import java.util.Set; + +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.spss.server.util.IdGenerator; +import at.gv.egovernment.moaspss.logging.Logger; import iaik.server.modules.algorithms.SignatureAlgorithms; import iaik.server.modules.keys.AlgorithmUnavailableException; import iaik.server.modules.keys.KeyEntryID; @@ -34,23 +41,14 @@ import iaik.server.modules.xml.Canonicalization; import iaik.server.modules.xmlsign.XMLSignatureCreationProfile; import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation; -import java.util.List; -import java.util.Set; - -import at.gv.egovernment.moa.spss.server.logging.TransactionId; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; -import at.gv.egovernment.moa.spss.server.util.IdGenerator; -import at.gv.egovernment.moaspss.logging.Logger; - /** * An object providing auxiliary information for creating an XML signature. - * + * * @author Patrick Peck * @version $Id$ */ public class XMLSignatureCreationProfileImpl - implements XMLSignatureCreationProfile { + implements XMLSignatureCreationProfile { /** The transformations to apply to a data object. */ private List dataObjectTreatmentList; @@ -58,7 +56,7 @@ public class XMLSignatureCreationProfileImpl private Set keySet; /** The type URI of the signature manifest. */ private String securityLayerManifestTypeURI; - /** Whether the created signature is to be Security Layer conform. */ + /** Whether the created signature is to be Security Layer conform. */ private boolean securityLayerConform; /** Where to insert the signature into the signature environment. */ private XMLSignatureInsertionLocation signatureInsertionLocation; @@ -66,55 +64,55 @@ public class XMLSignatureCreationProfileImpl private String signatureStructureType; /** The type of Canonicalization to use for the signed info. */ private Canonicalization signedInfoCanonicalization; - /** Properties to be signed during signature creation. */ + /** Properties to be signed during signature creation. */ private List signedProperties; /** The ID generator for signature IDs. */ - private IdGenerator signatureIDGenerator; + private final IdGenerator signatureIDGenerator; /** The ID generator for manifst IDs. */ - private IdGenerator manifestIDGenerator; + private final IdGenerator manifestIDGenerator; /** The ID generator for XMLDsig manifest IDs. */ - private IdGenerator dsigManifestIDGenerator; + private final IdGenerator dsigManifestIDGenerator; /** The ID generator for signed property IDs. */ - private IdGenerator propertyIDGenerator; - /** The selected digest method algorithm if XAdES 1.4.2 is used */ - private String digestMethodXAdES142; - - + private final IdGenerator propertyIDGenerator; + /** The selected digest method algorithm if XAdES 1.4.2 is used */ + private final String digestMethodXAdES142; + /** * Create a new XMLSignatureCreationProfileImpl. - * - * @param createProfileCount Provides external information about the - * number of calls to the signature creation module, using the same request. - * @param reservedIDs The set of IDs that must not be used while generating - * new IDs. + * + * @param createProfileCount Provides external information about the number of + * calls to the signature creation module, using the + * same request. + * @param reservedIDs The set of IDs that must not be used while + * generating new IDs. */ public XMLSignatureCreationProfileImpl( - int createProfileCount, - Set reservedIDs, - String digestMethodXAdES142) { + int createProfileCount, + Set reservedIDs, + String digestMethodXAdES142) { signatureIDGenerator = - new IdGenerator("signature-" + createProfileCount, reservedIDs); + new IdGenerator("signature-" + createProfileCount, reservedIDs); manifestIDGenerator = - new IdGenerator("manifest-" + createProfileCount, reservedIDs); + new IdGenerator("manifest-" + createProfileCount, reservedIDs); dsigManifestIDGenerator = - new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs); + new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs); propertyIDGenerator = - new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs); + new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs); this.digestMethodXAdES142 = digestMethodXAdES142; } /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDataObjectTreatmentList() */ + @Override public List getDataObjectTreatmentList() { return dataObjectTreatmentList; } /** * Sets the list of DataObjectTreatments. - * - * @param dataObjectTreatmentList The DataObjectTreatments to - * set. + * + * @param dataObjectTreatmentList The DataObjectTreatments to set. */ public void setDataObjectTreatmentList(List dataObjectTreatmentList) { this.dataObjectTreatmentList = dataObjectTreatmentList; @@ -123,6 +121,7 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet() */ + @Override public Set getKeySet() { return keySet; } @@ -130,7 +129,7 @@ public class XMLSignatureCreationProfileImpl /** * Set the set of KeyEntryIDs which may be used for signature * creation. - * + * * @param keySet The set of KeyEntryIDs to set. */ public void setKeySet(Set keySet) { @@ -140,15 +139,15 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestTypeURI() */ + @Override public String getSecurityLayerManifestTypeURI() { return securityLayerManifestTypeURI; } /** * Set the SecurityLayerManifestTypeURI. - * - * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to - * set. + * + * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to set. */ public void setSecurityLayerManifestTypeURI(String securityLayerManifestTypeURI) { this.securityLayerManifestTypeURI = securityLayerManifestTypeURI; @@ -157,132 +156,131 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID) */ + @Override public String getSignatureAlgorithmName(KeyEntryID selectedKeyID) - throws AlgorithmUnavailableException { + throws AlgorithmUnavailableException { - TransactionContext context = - TransactionContextManager.getInstance().getTransactionContext(); - TransactionId tid = new TransactionId(context.getTransactionID()); - KeyModule module = KeyModuleFactory.getInstance(tid); + final TransactionContext context = + TransactionContextManager.getInstance().getTransactionContext(); + final TransactionId tid = new TransactionId(context.getTransactionID()); + final KeyModule module = KeyModuleFactory.getInstance(tid); Set algorithms; try { algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID); - } catch (UnknownKeyException e) { + } catch (final UnknownKeyException e) { throw new AlgorithmUnavailableException( - "Unknown key entry: " + selectedKeyID, - e, - null); + "Unknown key entry: " + selectedKeyID, + e, + null); } - + if (digestMethodXAdES142 == null) { - // XAdES 1.4.2 not enabled - legacy MOA - if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA) - || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA) - || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA) - || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA) - || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA) - || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { - - return SignatureAlgorithms.SHA1_WITH_RSA; - } else if ( - algorithms.contains(SignatureAlgorithms.ECDSA)) { - return SignatureAlgorithms.ECDSA; - } else if ( - algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; + // XAdES 1.4.2 not enabled - legacy MOA + if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA) + || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { + + return SignatureAlgorithms.SHA1_WITH_RSA; + } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { + return SignatureAlgorithms.ECDSA; + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else { + // XAdES 1.4.2 is enabled: select signature algorithm according to selected + // digest method + if (digestMethodXAdES142.compareTo("SHA-1") == 0) { + Logger.warn( + "XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)"); + + if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) { + return SignatureAlgorithms.SHA1_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { + return SignatureAlgorithms.ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); } + + } else if (digestMethodXAdES142.compareTo("SHA-256") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { + return SignatureAlgorithms.SHA256_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) { + return SignatureAlgorithms.SHA256_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethodXAdES142.compareTo("SHA-384") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) { + return SignatureAlgorithms.SHA384_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) { + return SignatureAlgorithms.SHA384_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else if (digestMethodXAdES142.compareTo("SHA-512") == 0) { + if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) { + return SignatureAlgorithms.SHA512_WITH_RSA; + + } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) { + return SignatureAlgorithms.SHA512_WITH_ECDSA; + + } else if (algorithms.contains(SignatureAlgorithms.DSA)) { + return SignatureAlgorithms.DSA; + + } else { + throw new AlgorithmUnavailableException( + "No algorithm for key entry: " + selectedKeyID, + null, + null); + } + } else { + throw new AlgorithmUnavailableException( + "No signature algorithm found for digest algorithm '" + digestMethodXAdES142, + null, + null); + } + } - else { - // XAdES 1.4.2 is enabled: select signature algorithm according to selected digest method - if (digestMethodXAdES142.compareTo("SHA-1") == 0) { - Logger.warn("XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)"); - - if (algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)) { - return SignatureAlgorithms.SHA1_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.ECDSA)) { - return SignatureAlgorithms.ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - - } else if (digestMethodXAdES142.compareTo("SHA-256") == 0) { - if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) { - return SignatureAlgorithms.SHA256_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.SHA256_WITH_ECDSA)) { - return SignatureAlgorithms.SHA256_WITH_ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - } else if (digestMethodXAdES142.compareTo("SHA-384") == 0) { - if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_RSA)) { - return SignatureAlgorithms.SHA384_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.SHA384_WITH_ECDSA)) { - return SignatureAlgorithms.SHA384_WITH_ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - } else if (digestMethodXAdES142.compareTo("SHA-512") == 0) { - if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_RSA)) { - return SignatureAlgorithms.SHA512_WITH_RSA; - - } else if (algorithms.contains(SignatureAlgorithms.SHA512_WITH_ECDSA)) { - return SignatureAlgorithms.SHA512_WITH_ECDSA; - - } else if (algorithms.contains(SignatureAlgorithms.DSA)) { - return SignatureAlgorithms.DSA; - - } else { - throw new AlgorithmUnavailableException( - "No algorithm for key entry: " + selectedKeyID, - null, - null); - } - } - else { - throw new AlgorithmUnavailableException( - "No signature algorithm found for digest algorithm '" + digestMethodXAdES142, - null, - null); - } - - } - } /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureInsertionLocation() */ + @Override public XMLSignatureInsertionLocation getSignatureInsertionLocation() { return signatureInsertionLocation; } @@ -290,7 +288,7 @@ public class XMLSignatureCreationProfileImpl /** * Set the location where the signature is to be inserted into the signature * parent. - * + * * @param signatureInsertionLocation The location to set. */ public void setSignatureInsertionLocation(XMLSignatureInsertionLocation signatureInsertionLocation) { @@ -300,12 +298,14 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureStructureType() */ + @Override public String getSignatureStructureType() { return signatureStructureType; } /** * Set the signature structure type. + * * @param signatureStructureType The signature structure type to set. */ public void setSignatureStructureType(String signatureStructureType) { @@ -315,13 +315,14 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedInfoCanonicalization() */ + @Override public Canonicalization getSignedInfoCanonicalization() { return signedInfoCanonicalization; } /** * Sets the canonicalization method to use for the SignedInfo object. - * + * * @param signedInfoCanonicalization The canonicalization method to set. */ public void setSignedInfoCanonicalization(Canonicalization signedInfoCanonicalization) { @@ -331,13 +332,14 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties() */ + @Override public List getSignedProperties() { return signedProperties; } /** * Set the signed properties. - * + * * @param signedProperties The signed properties to set. */ public void setSignedProperties(List signedProperties) { @@ -347,15 +349,16 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform() */ + @Override public boolean isSecurityLayerConform() { return securityLayerConform; } /** * Sets the security layer conformity. - * - * @param securityLayerConform true, if the created signature - * is to be conform to the Security Layer specification. + * + * @param securityLayerConform true, if the created signature is to + * be conform to the Security Layer specification. */ public void setSecurityLayerConform(boolean securityLayerConform) { this.securityLayerConform = securityLayerConform; @@ -364,6 +367,7 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureID() */ + @Override public String getSignatureID() { return signatureIDGenerator.uniqueId(); } @@ -371,6 +375,7 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestID() */ + @Override public String getSecurityLayerManifestID() { return manifestIDGenerator.uniqueId(); } @@ -378,6 +383,7 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDsigManifestID() */ + @Override public String getDsigManifestID() { return dsigManifestIDGenerator.uniqueId(); } @@ -385,13 +391,15 @@ public class XMLSignatureCreationProfileImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedPropertiesID() */ + @Override public String getSignedPropertiesID() { return propertyIDGenerator.uniqueId(); } - + /** * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getPermitFileURIs() */ + @Override public boolean getPermitFileURIs() { return false; } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java index 90c1f49..a5290a7 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java @@ -21,29 +21,28 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xmlsign; import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation; /** - * An object giving the location of where the signature will be - * inserted into the parent element. - * + * An object giving the location of where the signature will be inserted into + * the parent element. + * * @author Patrick Peck * @version $Id$ */ public class XMLSignatureInsertionLocationImpl - implements XMLSignatureInsertionLocation { + implements XMLSignatureInsertionLocation { /** Where to put the signature into the signature parent element. */ private int signatureChildIndex; - + /** * Create a new XMLSignatureInsertLocationImpl. - * + * * @param signatureChildIndex The position index at which to append the - * signature to the parent element. + * signature to the parent element. */ public XMLSignatureInsertionLocationImpl(int signatureChildIndex) { setSignatureChildIndex(signatureChildIndex); @@ -52,6 +51,7 @@ public class XMLSignatureInsertionLocationImpl /** * @see iaik.server.modules.xmlsign.XMLSignatureInsertionLocation#getSignatureChildIndex() */ + @Override public int getSignatureChildIndex() { return signatureChildIndex; } @@ -59,7 +59,7 @@ public class XMLSignatureInsertionLocationImpl /** * Sets the position index at which to append the signature to the parent * element. - * + * * @param signatureChildIndex The position index to set. */ public void setSignatureChildIndex(int signatureChildIndex) { diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java index 0ad3d79..6e4883f 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java @@ -21,22 +21,22 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ - package at.gv.egovernment.moa.spss.server.iaik.xmlverify; import java.util.List; import iaik.pki.PKIProfile; +import iaik.server.modules.SignatureVerificationProfile; import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile; /** * An object providing auxiliary information for verifying an XML signature. - * + * * @author Patrick Peck * @version $Id$ */ public class XMLSignatureVerificationProfileImpl - implements XMLSignatureVerificationProfile { + implements XMLSignatureVerificationProfile { /** Whether to check the Security Layer manifest. */ private boolean checkSecurityLayerManifest; @@ -52,18 +52,20 @@ public class XMLSignatureVerificationProfileImpl private boolean includeReferenceInputData; /** Whether the file URIs are permitted */ private boolean permitFileURIs; + /** * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkSecurityLayerManifest() */ + @Override public boolean checkSecurityLayerManifest() { return checkSecurityLayerManifest; } /** * Set whether to check the references in the Security Layer manifest. - * - * @param checkSecurityLayerManifest true, if the references - * in the Security Layer manifest must be checked. + * + * @param checkSecurityLayerManifest true, if the references in the + * Security Layer manifest must be checked. */ public void setCheckSecurityLayerManifest(boolean checkSecurityLayerManifest) { this.checkSecurityLayerManifest = checkSecurityLayerManifest; @@ -72,15 +74,16 @@ public class XMLSignatureVerificationProfileImpl /** * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkXMLDsigManifests() */ + @Override public boolean checkXMLDsigManifests() { return checkXMLDsigManifests; } /** * Sets whether to check the references of all XML Dsig manifests. - * - * @param checkXMLDSigManifests true, if the references in the - * XML Dsig manifest must be checked. + * + * @param checkXMLDSigManifests true, if the references in the XML + * Dsig manifest must be checked. */ public void setCheckXMLDsigManifests(boolean checkXMLDSigManifests) { this.checkXMLDsigManifests = checkXMLDSigManifests; @@ -89,15 +92,16 @@ public class XMLSignatureVerificationProfileImpl /** * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getCertificateValidationProfile() */ + @Override public PKIProfile getCertificateValidationProfile() { return certificateValidationProfile; } /** * Sets the profile for validating the signer certificate. - * + * * @param certificateValidationProfile The certificate validation profile to - * set. + * set. */ public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) { this.certificateValidationProfile = certificateValidationProfile; @@ -106,13 +110,14 @@ public class XMLSignatureVerificationProfileImpl /** * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getTransformationSupplements() */ + @Override public List getTransformationSupplements() { return transformationSupplements; } /** * Sets the transformation supplements. - * + * * @param transformationSupplements The transformation supplements to set. */ public void setTransformationSupplements(List transformationSupplements) { @@ -122,15 +127,16 @@ public class XMLSignatureVerificationProfileImpl /** * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeHashInputData() */ + @Override public boolean includeHashInputData() { return includeHashInputData; } /** * Set whether to include the hash input data in the result. - * - * @param includeHashInputData If true, the hash input data - * will be returned in the result. + * + * @param includeHashInputData If true, the hash input data will be + * returned in the result. */ public void setIncludeHashInputData(boolean includeHashInputData) { this.includeHashInputData = includeHashInputData; @@ -139,39 +145,40 @@ public class XMLSignatureVerificationProfileImpl /** * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeReferenceInputData() */ + @Override public boolean includeReferenceInputData() { return includeReferenceInputData; } /** * Set whether to include the reference input data in the result. - * - * @param includeReferenceInputData If true, the reference - * input data will be included in the result. + * + * @param includeReferenceInputData If true, the reference input + * data will be included in the result. */ public void setIncludeReferenceInputData(boolean includeReferenceInputData) { this.includeReferenceInputData = includeReferenceInputData; } - + /** - * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs() + * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs() */ + @Override public boolean getPermitFileURIs() { return permitFileURIs; } - + /** * Set whether the file URIs are permitted or not - * + * * @param permitFileURIs whether the file URIs are permitted or not */ - public void setPermitFileURIs(boolean permitFileURIs) - { + public void setPermitFileURIs(boolean permitFileURIs) { this.permitFileURIs = permitFileURIs; } @Override public String getTargetLevel() { - return XMLSignatureVerificationProfile.LEVEL_LTA; + return SignatureVerificationProfile.LEVEL_LTA; } } -- cgit v1.2.3