/** * Copyright 2006 by Know-Center, Graz, Austria * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a * joint initiative of the Federal Chancellery Austria and Graz University of * Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egiz.pdfas.web.helper; import java.util.Date; import org.apache.commons.lang.time.DateFormatUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; /** * This class deals with invalid signing times. * @author tknall */ public final class SigningTimeHelper { private SigningTimeHelper() { } private static Integer tolerance = null; /** * The log. */ private final static Log LOG = LogFactory.getLog(SigningTimeHelper.class); private final static String FORMAT_UTC_DATE_PATTERN = "yyyy-MM-dd'T'HH:mm:ss'Z'"; public static synchronized void checkSigningTimeAgainstHostTime(Date signingTime) throws SignatureException { if (tolerance == null) { try { String toleranceString = WebSettingsReader.getInstance().getSigningTimeTolerance(); if (toleranceString != null) { tolerance = new Integer(Integer.parseInt(toleranceString)); } else { LOG.warn("Configuration key signingtimetolerance missing. Disabling signing time check."); tolerance = new Integer(-1); } } catch (NumberFormatException e) { LOG.warn("Invalid configuration key signingtimetolerance. Disabling signing time check."); tolerance = new Integer(-1); } catch (SettingsException e) { LOG.warn("Invalid configuration key signingtimetolerance. Disabling signing time check."); tolerance = new Integer(-1); } } if (tolerance.intValue() == -1) { return; } // current time Date currentTime = new Date(); // lower limit Date lowerLimit = new Date(currentTime.getTime() - tolerance.intValue()*1000); // upper limit Date upperLimit = new Date(currentTime.getTime() + tolerance.intValue()*1000); String signingTimeString = DateFormatUtils.formatUTC(signingTime, FORMAT_UTC_DATE_PATTERN); if (LOG.isDebugEnabled()) { String lower = DateFormatUtils.formatUTC(lowerLimit, FORMAT_UTC_DATE_PATTERN); String upper = DateFormatUtils.formatUTC(upperLimit, FORMAT_UTC_DATE_PATTERN); LOG.debug("Checking if signing time " + signingTimeString + " is valid according to the given time frame [ " + lower + ", " + upper + " ]."); } if (signingTime.before(lowerLimit) || signingTime.after(upperLimit)) { throw new SignatureException(ErrorCode.INVALID_SIGNING_TIME, "The signing time " + signingTimeString + " is out of the given tolerance of " + tolerance.intValue() + " seconds."); } } }