diff options
Diffstat (limited to 'src/main/java/at/gv/egiz/moazs/util')
-rw-r--r-- | src/main/java/at/gv/egiz/moazs/util/FileUtils.java | 22 | ||||
-rw-r--r-- | src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java | 82 | ||||
-rw-r--r-- | src/main/java/at/gv/egiz/moazs/util/StringUtils.java | 17 |
3 files changed, 121 insertions, 0 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/util/FileUtils.java b/src/main/java/at/gv/egiz/moazs/util/FileUtils.java new file mode 100644 index 0000000..7e7723d --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/util/FileUtils.java @@ -0,0 +1,22 @@ +package at.gv.egiz.moazs.util; + +import org.springframework.stereotype.Component; + +import java.io.File; + +@Component +public class FileUtils { + + /** + * If path is relative, resolve path as classpath resource. If path is absolute, + * leave as-is. + */ + public String determinePath(String abstractPath) { + if (new File(abstractPath).isAbsolute()) { + return abstractPath; + } else { + //java.lang.Class needs relative resources to start with "/" + return this.getClass().getResource("/" + abstractPath).getFile(); + } + } +} diff --git a/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java b/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java new file mode 100644 index 0000000..b4d66d1 --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java @@ -0,0 +1,82 @@ +package at.gv.egiz.moazs.util; + +import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; +import at.gv.zustellung.app2mzs.xsd.KeyStoreType; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.lang.Nullable; +import org.springframework.stereotype.Component; + +import javax.net.ssl.*; +import java.io.IOException; +import java.security.*; + +import static at.gv.egiz.moazs.MoaZSException.moaZSException; +import static java.lang.String.format; + +@Component +public class SSLContextCreator { + + private static final Logger log = LoggerFactory.getLogger(SSLContextCreator.class); + + /** + * Creates an SSL Context. + * Adapted from at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient + * + * @param keystore (if null, use no key store) + * @param truststore (if null, use default trust store) + * @throws at.gv.egiz.moazs.MoaZSException + */ + public SSLContext createSSLContext(@Nullable KeyStoreType keystore, @Nullable KeyStoreType truststore) { + try { + SSLContext context = SSLContext.getInstance("TLS"); + KeyManager[] keyManager = initKeyManager(keystore); + TrustManager[] trustManager = initTrustManager(truststore); + context.init(keyManager, trustManager, new SecureRandom()); + return context; + } catch (NoSuchAlgorithmException | KeyManagementException e) { + throw moaZSException("SSLContext initialization FAILED.", e); + } + } + + private KeyManager[] initKeyManager(KeyStoreType keystore) { + if (keystore == null) { + log.trace("No keystore path provided. NOT using SSL client authentication. "); + return null; + } else { + log.trace("Find keystore path: {}. Injecting SSL client certificate... ", keystore.getFileName()); + try { + KeyStore keyStore = KeyStoreUtils.loadKeyStore( + keystore.getFileType(), keystore.getFileName(), keystore.getPassword()); + KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); + kmf.init(keyStore, keystore.getPassword().toCharArray()); + log.trace("SSL client certificate injected."); + return kmf.getKeyManagers(); + } catch (IOException | GeneralSecurityException e) { + throw moaZSException(format("Can NOT load SSL client certificate from path: %s.", + keystore.getFileName()), e); + } + } + } + + private TrustManager[] initTrustManager(KeyStoreType truststore) { + if (truststore == null) { + log.trace("Using default truststore. "); + return null; + } else { + log.trace("Find truststore path: {}. Injecting SSL truststore... ", truststore.getFileName()); + try { + KeyStore trustStore = KeyStoreUtils.loadKeyStore( + truststore.getFileType(), truststore.getFileName(), truststore.getPassword()); + TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); + tmf.init(trustStore); + log.trace("SSL TrustStore injected to client. "); + return tmf.getTrustManagers(); + } catch (GeneralSecurityException | IOException e) { + throw moaZSException(format("Can NOT open SSL TrustStore from path: %s.", + truststore.getFileName()), e); + } + } + } + +} diff --git a/src/main/java/at/gv/egiz/moazs/util/StringUtils.java b/src/main/java/at/gv/egiz/moazs/util/StringUtils.java new file mode 100644 index 0000000..fd40f6e --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/util/StringUtils.java @@ -0,0 +1,17 @@ +package at.gv.egiz.moazs.util; + +public class StringUtils { + + public static boolean hasPrefix(String name) { + return name.indexOf('.') != -1; + } + + public static String keepPrefix(String name) { + return name.substring(0, name.indexOf('.')); + } + + public static String removePrefix(String name) { + return name.substring(name.indexOf('.') + 1); + } + +} |