/*
* Copyright 2003 Federal Chancellery Austria
* MOA-SPSS has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
package at.gv.egovernment.moa.spss.server.iaik.config;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Map;
import java.util.Set;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moaspss.logging.Logger;
import iaik.asn1.structures.Name;
import iaik.pki.revocation.RevocationConfiguration;
import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
import iaik.utils.RFC2253NameParserException;
/**
* An implementation of the RevocationConfiguration
interface using
* MOA configuration data.
*
* @see iaik.pki.revocation.RevocationConfiguration
* @author Patrick Peck
* @version $Id$
*/
public class RevocationConfigurationImpl extends AbstractObservableConfiguration implements
RevocationConfiguration {
/**
* The ConfigurationProvider
to read the configuration data from.
*/
private final ConfigurationProvider config;
/**
* Create a new RevocationConfigurationImpl
.
*
* @param config The underlying MOA configuration containing the configuration
* data.
*/
public RevocationConfigurationImpl(ConfigurationProvider config) {
this.config = config;
}
/**
* @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints
*/
@Override
public Set getAlternativeDistributionPoints(X509Certificate cert, X509Certificate issuer, Date date) {
return config.getDistributionPoints(cert);
}
/**
* @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String,
* java.lang.String)
*/
@Override
public boolean archiveRevocationInfo(String type, String uri) {
return config.getEnableRevocationArchiving();
}
/**
* @see iaik.pki.revocation.RevocationConfiguration#getCrlRetentionInterval(java.lang.String)
*/
@Override
public Integer getCrlRetentionInterval(String issuername) {
final Map map = config.getCrlRetentionIntervals();
final Integer interval = (Integer) map.get(issuername);
return interval;
}
@Override
public DBCrlConfig getDataBaseCRLConfig() {
// TODO AFITZEK IMPLEMENT THIS METHOD
return null;
}
@Override
public boolean getKeepRevocationInfo() {
// TODO AFITZEK IMPLEMENT THIS METHOD
return false;
}
@Override
public Set getPositiveOCSPResponders() {
// TODO AFITZEK IMPLEMENT THIS METHOD
return Collections.EMPTY_SET;
}
@Override
public boolean skipIndirectCRLCheckForAlternativeDistributionPoints() {
// TODO AFITZEK IMPLEMENT THIS METHOD
return false;
}
@Override
public boolean checkETSIValidityAssuredShortTermExt() {
return config.isUseShortTimeCertificateEtisExt();
}
@Override
public Long getShortTermedValidityPeriod(X509Certificate eeCert) {
try {
String issuer = ConfigurationProvider.normalizeX500Names(((Name)eeCert.getIssuerDN()).getRFC2253String());
if (config.getShortTimeCertificatePeriods().containsKey(issuer)) {
Integer interval = config.getShortTimeCertificatePeriods().get(issuer);
Logger.info("Use shortTermedValidityPeriod: " + interval + "[min] for Issuer: " + issuer);
return Long.valueOf(interval) * 60 * 1000;
}
} catch (RFC2253NameParserException e) {
Logger.warn("Can not normalize X509 IssuerName: " + eeCert.getIssuerDN(), e);
}
Logger.debug("Use default shortTermedValidityPeriod: " + config.getDefaultShortTimeCertificatePeriod() + "[min]");
return Long.valueOf(config.getDefaultShortTimeCertificatePeriod()) * 60 * 1000;
}
}