001: /*************************************************************************
002: * *
003: * EJBCA: The OpenSource Certificate Authority *
004: * *
005: * This software is free software; you can redistribute it and/or *
006: * modify it under the terms of the GNU Lesser General Public *
007: * License as published by the Free Software Foundation; either *
008: * version 2.1 of the License, or any later version. *
009: * *
010: * See terms of license at gnu.org. *
011: * *
012: *************************************************************************/package org.ejbca.core.protocol.xkms.generators;
013:
014: import java.util.ArrayList;
015: import java.util.Collection;
016:
017: import javax.ejb.EJBException;
018:
019: import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal;
020: import org.ejbca.core.model.ca.caadmin.CAInfo;
021: import org.ejbca.core.model.log.Admin;
022:
023: /**
024: * Class that parses the property file for the
025: * XKMS configuration
026: *
027: *
028: * @author Philip Vendil 2006 dec 17
029: *
030: * @version $Id: XKMSConfig.java,v 1.3 2007/02/02 09:36:56 anatom Exp $
031: */
032:
033: public class XKMSConfig {
034:
035: // Configuration variables
036: private static String REQUIRESIGNATURE = "@xkms.request.requiresignature@";
037: private static String ACCEPTEDCAS = "@xkms.request.acceptedcas@";
038: private static String ACCEPTSIGNREQUEST = "@xkms.response.acceptsignrequest@";
039: private static String ALWAYSSIGN = "@xkms.response.alwayssign@";
040: private static String CAUSEDFORSIGNING = "@xkms.response.causedforsigning@";
041: private static String SIGNATUREISNONREP = "@xkms.keyusage.signatureisnonrep@";
042:
043: private static String POPREQUIRED = "@xkms.krss.poprequired@";
044: private static String SERVERGENKEYLENGTH = "@xkms.krss.servergenkeylength@";
045: private static String ALLOWREVOKATION = "@xkms.krss.allowrevokation@";
046: private static String ALLOWAUTOREISSUE = "@xkms.krss.allowautomaticreissue@";
047:
048: private static Boolean signReq = null;
049:
050: /**
051: * Method that returns the parameter in the propertyfile
052: * xkms.request.requiresignature which indicates
053: * that a signature is required for all KISS requests
054: */
055: public static boolean isSignedRequestRequired() {
056: if (signReq == null) {
057: if (REQUIRESIGNATURE.equalsIgnoreCase("true")) {
058: signReq = new Boolean(true);
059: }
060:
061: if (REQUIRESIGNATURE.equalsIgnoreCase("false")) {
062: signReq = new Boolean(false);
063: }
064:
065: if (signReq == null) {
066: throw new EJBException(
067: "Property parameter xkms.request.requiresignature is missconfigured, must be either 'true' or 'false'.");
068: }
069:
070: }
071:
072: return signReq.booleanValue();
073: }
074:
075: private static Boolean acceptSignReq = null;
076:
077: /**
078: * Method that returns the parameter in the propertyfile
079: * xkms.response.acceptsignrequest which indicates
080: * that the service will sign the responses on requests
081: */
082: public static boolean acceptSignRequests() {
083: if (acceptSignReq == null) {
084: if (ACCEPTSIGNREQUEST.equalsIgnoreCase("true")) {
085: acceptSignReq = new Boolean(true);
086: }
087:
088: if (ACCEPTSIGNREQUEST.equalsIgnoreCase("false")) {
089: acceptSignReq = new Boolean(false);
090: }
091:
092: if (acceptSignReq == null) {
093: throw new EJBException(
094: "Property parameter xkms.response.acceptsignrequest is missconfigured, must be either 'true' or 'false'.");
095: }
096:
097: }
098:
099: return acceptSignReq.booleanValue();
100: }
101:
102: private static Boolean alwaysSignResponses = null;
103:
104: /**
105: * Method that returns the parameter in the propertyfile
106: * xkms.response.alwayssign which indicates
107: * that the service will always sign the responses.
108: */
109: public static boolean alwaysSignResponses() {
110: if (alwaysSignResponses == null) {
111: if (ALWAYSSIGN.equalsIgnoreCase("true")) {
112: alwaysSignResponses = new Boolean(true);
113: }
114:
115: if (ALWAYSSIGN.equalsIgnoreCase("false")) {
116: alwaysSignResponses = new Boolean(false);
117: }
118:
119: if (alwaysSignResponses == null) {
120: throw new EJBException(
121: "Property parameter xkms.response.alwayssign is missconfigured, must be either 'true' or 'false'.");
122: }
123:
124: }
125: return alwaysSignResponses.booleanValue();
126: }
127:
128: private static Boolean signIsNonRep = null;
129:
130: /**
131: * Method that returns the parameter in the propertyfile
132: * xkms.keyusage.signatureisnonrep
133: */
134: public static boolean signatureIsNonRep() {
135: if (signIsNonRep == null) {
136: if (SIGNATUREISNONREP.equalsIgnoreCase("true")) {
137: signIsNonRep = new Boolean(true);
138: }
139:
140: if (SIGNATUREISNONREP.equalsIgnoreCase("false")) {
141: signIsNonRep = new Boolean(false);
142: }
143:
144: if (signIsNonRep == null) {
145: throw new EJBException(
146: "Property parameter xkms.keyusage.signatureisnonrep is missconfigured, must be either 'true' or 'false'.");
147: }
148:
149: }
150:
151: return signIsNonRep.booleanValue();
152: }
153:
154: private static Integer cAIdUsedForSigning = null;
155:
156: /**
157: * Method that returns the parameter in the propertyfile
158: * xkms.response.causedforsigning on which CA that should
159: * be used for signing XKMS requests
160: */
161: public static int cAIdUsedForSigning(Admin admin,
162: ICAAdminSessionLocal cAAdminSession) {
163: if (cAIdUsedForSigning == null) {
164: CAInfo info = cAAdminSession.getCAInfo(admin,
165: CAUSEDFORSIGNING);
166: if (info == null) {
167: throw new EJBException(
168: "Property parameter xkms.response.causedforsigning ("
169: + CAUSEDFORSIGNING
170: + ") is missconfigured, should contain a existing CA name.");
171: }
172:
173: cAIdUsedForSigning = new Integer(info.getCAId());
174: }
175: return cAIdUsedForSigning.intValue();
176: }
177:
178: private static Collection acceptedCAs = null;
179:
180: /**
181: * Method that returns the parameter in the propertyfile
182: * xkms.request.acceptedcas on which CA that should
183: * be accepted for signing XKMS requests
184: */
185: public static Collection getAcceptedCA(Admin admin,
186: ICAAdminSessionLocal cAAdminSession) {
187: if (acceptedCAs == null) {
188: acceptedCAs = new ArrayList();
189:
190: String[] cANames = ACCEPTEDCAS.split(";");
191:
192: for (int i = 0; i < cANames.length; i++) {
193: CAInfo info = cAAdminSession.getCAInfo(admin,
194: cANames[i]);
195: if (info == null) {
196: throw new EJBException(
197: "Property parameter xkms.request.acceptedcas is missconfigured, should contain a ';' separated string of existing CA names.");
198: }
199: acceptedCAs.add(new Integer(info.getCAId()));
200: }
201:
202: }
203: return acceptedCAs;
204: }
205:
206: private static Boolean pOPRequired = null;
207:
208: /**
209: * Method that returns the parameter in the propertyfile
210: * xkms.krss.poprequired
211: */
212: public static boolean isPOPRequired() {
213: if (pOPRequired == null) {
214: if (POPREQUIRED.equalsIgnoreCase("true")) {
215: pOPRequired = new Boolean(true);
216: }
217:
218: if (POPREQUIRED.equalsIgnoreCase("false")) {
219: pOPRequired = new Boolean(false);
220: }
221:
222: if (pOPRequired == null) {
223: throw new EJBException(
224: "Property parameter xkms.krss.poprequired is missconfigured, must be either 'true' or 'false'.");
225: }
226:
227: }
228:
229: return pOPRequired.booleanValue();
230: }
231:
232: private static Integer serverKeyLength = null;
233:
234: /**
235: * Method that returns the parameter in the propertyfile
236: * xkms.krss.servergenkeylength
237: */
238: public static int getServerKeyLength() {
239: if (serverKeyLength == null) {
240: try {
241: serverKeyLength = new Integer(Integer
242: .parseInt(SERVERGENKEYLENGTH));
243: } catch (NumberFormatException e) {
244: } catch (NullPointerException e) {
245: }
246:
247: if (serverKeyLength == null) {
248: throw new EJBException(
249: "Property parameter xkms.krss.servergenkeylength is missconfigured, must contain digits only.");
250: }
251: }
252:
253: return serverKeyLength.intValue();
254: }
255:
256: private static Boolean allowRevokation = null;
257:
258: /**
259: * Method that returns the parameter in the propertyfile
260: * xkms.krss.allowrevokation
261: */
262: public static boolean isRevokationAllowed() {
263: if (allowRevokation == null) {
264: if (ALLOWREVOKATION.equalsIgnoreCase("true")) {
265: allowRevokation = new Boolean(true);
266: }
267:
268: if (ALLOWREVOKATION.equalsIgnoreCase("false")) {
269: allowRevokation = new Boolean(false);
270: }
271:
272: if (allowRevokation == null) {
273: throw new EJBException(
274: "Property parameter xkms.krss.allowrevokation is missconfigured, must be either 'true' or 'false'.");
275: }
276: }
277:
278: return allowRevokation.booleanValue();
279: }
280:
281: private static Boolean allowAutoReissue = null;
282:
283: /**
284: * Method that returns the parameter in the propertyfile
285: * xkms.krss.allowautomaticreissue
286: */
287: public static boolean isAutomaticReissueAllowed() {
288: if (allowAutoReissue == null) {
289: if (ALLOWAUTOREISSUE.equalsIgnoreCase("true")) {
290: allowAutoReissue = new Boolean(true);
291: }
292:
293: if (ALLOWAUTOREISSUE.equalsIgnoreCase("false")) {
294: allowAutoReissue = new Boolean(false);
295: }
296:
297: if (allowAutoReissue == null) {
298: throw new EJBException(
299: "Property parameter xkms.krss.allowautomaticreissue is missconfigured, must be either 'true' or 'false'.");
300: }
301: }
302:
303: return allowAutoReissue.booleanValue();
304: }
305:
306: }
|