/* * Copyright 2003 Federal Chancellery Austria * MOA-SPSS has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egovernment.moa.spss.server.config; import java.net.URI; import java.net.URISyntaxException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.regex.Pattern; import java.util.regex.PatternSyntaxException; import at.gv.egovernment.moa.sig.tsl.TslConstants; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.util.MiscUtil; import iaik.x509.X509Certificate; /** * Information about a trust profile. * * @author Patrick Peck * @version $Id$ */ public class TrustProfile { /** The ID of the trust profile. */ private String id; /** The URI giving the location of the trust profile. */ private String uri; /** The URI giving the location of the allowed signer certificates. */ private String signerCertsUri; /** Defines if Trustprofile makes use of EU TSL*/ private boolean tslEnabled; /** The countries given */ private List countries = new ArrayList(); private List allowedTspStatus = new ArrayList(); private List allowedTspServiceTypes = new ArrayList(); /** * Create a TrustProfile. * * @param id The ID of the TrustProfile to create. * @param uri The URI of the TrustProfile to create. * @param signerCertsUri The URI of the location of the allowed signer * certificates of the TrustProfile to create. * @param allowedTspServiceTypes * @param allowedTspStatus */ public TrustProfile(String id, String uri, String signerCertsUri, boolean tslEnabled, String countries, String allowedTspStatus, String allowedTspServiceTypes) { this.id = id; this.uri = uri; this.signerCertsUri = signerCertsUri; //TSL configuration parameters this.tslEnabled = tslEnabled; if (tslEnabled) { setCountries(countries); if (!this.countries.isEmpty()) Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.countries.toArray()) + " TSL countries"); else Logger.info("TrustProfile "+ id + " allows " + "ALL" + " TSL countries"); setAllowedTspStatus(allowedTspStatus); Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.allowedTspStatus.toArray()) + " TSP status identifier"); setAllowedTspServiceTypes(allowedTspServiceTypes); Logger.info("TrustProfile "+ id + " allows " + Arrays.toString(this.allowedTspServiceTypes.toArray()) + " TSL service-type identifier"); } } private void setCountries(String countries) { if (MiscUtil.isNotEmpty(countries)) { String[] ccArray = countries.split(","); for (String el : ccArray) this.countries.add(el.trim()); } } private void setAllowedTspStatus(String allowedTspStatus) { if (MiscUtil.isNotEmpty(allowedTspStatus)) { String[] ccArray = allowedTspStatus.split(","); for (String el : ccArray) { try { this.allowedTspStatus.add(new URI(el.trim())); } catch (URISyntaxException e) { Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Status identifier (" + el + ")"); } } } else { Logger.debug("Use default set of TSP Status identifier"); this.allowedTspStatus.addAll( Arrays.asList( TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.granted), TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.recognisedatnationallevel), TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.accredited), TslConstants.SERVICE_STATUS_SORT_TO_URI.get(TslConstants.SERVICE_STATUS_SHORT.undersupervision))); } } private void setAllowedTspServiceTypes(String allowedTspServiceTypes) { if (MiscUtil.isNotEmpty(allowedTspServiceTypes)) { String[] ccArray = allowedTspServiceTypes.split(","); for (String el : ccArray) { try { this.allowedTspServiceTypes.add(Pattern.compile(el.trim())); } catch (PatternSyntaxException e) { Logger.warn("TrustProfile: " + this.id + " contains a non-valid TSP Service-Type identifier Regex pattern(" + el + ")"); } } } else { Logger.debug("Use default set of TSP Service-Type identifier"); this.allowedTspServiceTypes.addAll( Arrays.asList( Pattern.compile(TslConstants.DEFAULT_REGEX_PATTERN_ALLOW_ALL))); } } /** * Return the ID of this TrustProfile. * * @return The TrustProfile ID. */ public String getId() { return id; } /** * Return the URI of this TrustProfile. * * @return The URI of TrustProfile. */ public String getUri() { return uri; } /** * Return the URI giving the location of the allowed signer certificates * of this TrustProfile. * * @return The URI of TrustProfile. */ public String getSignerCertsUri() { return signerCertsUri; } /** * Returns if Trustprofile is TSL enabled * @return */ public boolean isTSLEnabled() { return tslEnabled; } /** * Returns the given countries * @return Given countries */ public List getCountries() { if (!tslEnabled) return null; else return countries; } public List getAllowedTspStatus() { return allowedTspStatus; } public List getAllowedTspServiceTypes() { return allowedTspServiceTypes; } }