aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/knowcenter/wag/egov/egiz/sig
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/sig')
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/DummyLDAPAPI.java1
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java88
2 files changed, 36 insertions, 53 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/DummyLDAPAPI.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/DummyLDAPAPI.java
index c771b06..a8bc461 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/DummyLDAPAPI.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/DummyLDAPAPI.java
@@ -28,6 +28,7 @@ import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
*
* @author wprinz
* @author modified by <a href="mailto:thomas.knall@iaik.tugraz.at">Thomas Knall</a>
+ * @deprecated Use {@link at.knowcenter.wag.egov.egiz.ldap.api.LDAPAPIFactory#createLDAPAPI()} instead.
*/
public class DummyLDAPAPI implements LDAPAPI
{
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
index f2e409f..b00a3cb 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
@@ -37,11 +37,12 @@ import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException;
import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException;
-import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureTypesException;
import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
+import at.knowcenter.wag.egov.egiz.ldap.api.LDAPAPIException;
+import at.knowcenter.wag.egov.egiz.ldap.api.LDAPAPIFactory;
import at.knowcenter.wag.egov.egiz.table.Entry;
import at.knowcenter.wag.egov.egiz.table.Style;
import at.knowcenter.wag.egov.egiz.table.Table;
@@ -860,6 +861,7 @@ public class SignatureObject implements Serializable
* @param issuer
* the issuer string to normalize
* @return the normalized issuer string
+ * @author modified by tknall
*/
private String getIssuerFileHash(String issuer)
{
@@ -867,8 +869,8 @@ public class SignatureObject implements Serializable
{
if (issuer != null)
{
- issuer = normalizer_.normalize(issuer);
- issuer = removeAllWhiteSpaces(issuer);
+ // use explicit method for normalization
+ issuer = normalizeIssuer(issuer);
// added the ("UTF-8")
issuer = CodingHelper.encodeBase64(CodingHelper.buildDigest(issuer.getBytes("UTF-8")));
issuer = issuer.replaceAll("/", "_");
@@ -883,6 +885,21 @@ public class SignatureObject implements Serializable
}
/**
+ * Prepares issuer for further processing (e.g. calculation of certificate store location or
+ * comparison with registered ldap mappings.)
+ * @param issuer The issuer.
+ * @return normalized issuer
+ * @author tknall
+ */
+ private String normalizeIssuer(String issuer) {
+ issuer = normalizer_.normalize(issuer);
+ issuer = removeAllWhiteSpaces(issuer);
+ // important note: if method is changed don't forget to adjust LDAPAPIImpl otherwise
+ // ldap mappings will not match
+ return issuer;
+ }
+
+ /**
* This method imports new certificates into the certstore path.
*/
private void addNewCertificates()
@@ -985,9 +1002,8 @@ public class SignatureObject implements Serializable
// the certificate wasn't found in the local store
// - load it from the LDAP server.
- String normalized_issuer = normalizer_.normalize(issuer);
- byte[] cert_data = loadCertificateFromLDAP(serialNumber, normalized_issuer);
+ byte[] cert_data = loadCertificateFromLDAP(serialNumber, issuer);
if (cert_data == null)
{
logger_.info("The certificate '" + issuer + "', '" + serialNumber + "' wasn't found on the LDAP server either.");
@@ -1062,54 +1078,20 @@ public class SignatureObject implements Serializable
* server.
* @throws ClassNotFoundException
*/
- protected byte[] loadCertificateFromLDAP(String serialNumber, String issuer)
- {
- String ldap_server_url = null;
- try
- {
- ldap_server_url = settings_.getSetting("ldap.url");
- }
- catch (SettingNotFoundException e)
- {
- e.printStackTrace();
- logger_.info("LDAP server url setting not found.");
- return null;
- }
- logger_.debug("LDAP server url = " + ldap_server_url);
-
- // START modification by TK
- byte[] cert = null;
- String implClassURI = System.getProperty(LDAPAPI.SYS_PROP_IMPLEMENTATION);
- if (implClassURI != null && !"".equals(implClassURI)) {
- LDAPAPI ldapAPIImpl = null;
- try {
- Class clazz = Class.forName(implClassURI);
- Object ldapAPIImplObj = clazz.newInstance();
- if (!(ldapAPIImplObj instanceof LDAPAPI)) {
- throw new RuntimeException("Declared class does not implement \"" + LDAPAPI.class.getName() + "\".");
- }
- ldapAPIImpl = (LDAPAPI) ldapAPIImplObj;
- cert = ldapAPIImpl.loadBase64CertificateFromLDAP(serialNumber, issuer);
- } catch (InstantiationException e) {
- throw new RuntimeException("Declared implementation of \"" + LDAPAPI.class.getName() + "\" cannot be instantiated.");
- } catch (IllegalAccessException e) {
- throw new RuntimeException("Declared implementation of \"" + LDAPAPI.class.getName() + "\" cannot be instantiated (illegal access).");
- } catch (ClassNotFoundException e) {
- throw new RuntimeException("Unable to find class \"" + implClassURI + "\" as implementation of \"" + LDAPAPI.class.getName() + "\".");
- }
- if (cert == null) {
- logger_.warn("Unable to retrieve certificate (serial=\"" + serialNumber + "\", issuer=\"" + issuer + "\") via ldap server \"" + ldapAPIImpl.getURL(issuer) + "\".");
- }
-
- } else {
- // TODO[tknall]: replace dummy class with real implementing class that uses ldap-mappings from the configuration file
- // TODO[tknall]: don't instantiate class each time; create singleton
- logger_.warn("There was no implementation of \"" + LDAPAPI.class.getName() + "\" defined by system property \"" + LDAPAPI.SYS_PROP_IMPLEMENTATION + "\". Using fallback implementation \"" + DummyLDAPAPI.class.getName() + "\".");
- LDAPAPI api = new DummyLDAPAPI(ldap_server_url);
- cert = api.loadBase64CertificateFromLDAP(serialNumber, issuer);
- }
- // STOP modification by TK
- return cert;
+ protected byte[] loadCertificateFromLDAP(String serialNumber, String issuer) {
+ // START modification by TK
+ String implClassURI = System.getProperty(LDAPAPI.SYS_PROP_IMPLEMENTATION);
+ LDAPAPI ldapAPIImpl;
+ try {
+ // note: in case of implClassURI==null the default implementation
+ // at.knowcenter.wag.egov.egiz.ldap.api.LDAPAPIImpl is used
+ ldapAPIImpl = LDAPAPIFactory.getInstance().createLDAPAPI(implClassURI);
+ } catch (LDAPAPIException e) {
+ throw new RuntimeException(e);
+ }
+ String normalized_issuer = normalizeIssuer(issuer);
+ return ldapAPIImpl.loadBase64CertificateFromLDAP(serialNumber, normalized_issuer);
+ // STOP modification by TK
}
/**