1 13 14 package org.ejbca.core.protocol.xkms.generators; 15 16 import java.util.ArrayList ; 17 import java.util.Collection ; 18 19 import javax.ejb.EJBException ; 20 21 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal; 22 import org.ejbca.core.model.ca.caadmin.CAInfo; 23 import org.ejbca.core.model.log.Admin; 24 25 34 35 public class XKMSConfig { 36 37 private static String REQUIRESIGNATURE = "@xkms.request.requiresignature@"; 39 private static String ACCEPTEDCAS = "@xkms.request.acceptedcas@"; 40 private static String ACCEPTSIGNREQUEST = "@xkms.response.acceptsignrequest@"; 41 private static String ALWAYSSIGN = "@xkms.response.alwayssign@"; 42 private static String CAUSEDFORSIGNING = "@xkms.response.causedforsigning@"; 43 private static String SIGNATUREISNONREP = "@xkms.keyusage.signatureisnonrep@"; 44 45 private static String POPREQUIRED = "@xkms.krss.poprequired@"; 46 private static String SERVERGENKEYLENGTH = "@xkms.krss.servergenkeylength@"; 47 private static String ALLOWREVOKATION = "@xkms.krss.allowrevokation@"; 48 private static String ALLOWAUTOREISSUE = "@xkms.krss.allowautomaticreissue@"; 49 50 private static Boolean signReq = null; 51 56 public static boolean isSignedRequestRequired(){ 57 if(signReq == null){ 58 if(REQUIRESIGNATURE.equalsIgnoreCase("true")){ 59 signReq = new Boolean (true); 60 } 61 62 if(REQUIRESIGNATURE.equalsIgnoreCase("false")){ 63 signReq = new Boolean (false); 64 } 65 66 if(signReq == null){ 67 throw new EJBException ("Property parameter xkms.request.requiresignature is missconfigured, must be either 'true' or 'false'."); 68 } 69 70 71 } 72 73 return signReq.booleanValue(); 74 } 75 76 77 private static Boolean acceptSignReq = null; 78 83 public static boolean acceptSignRequests(){ 84 if(acceptSignReq == null){ 85 if(ACCEPTSIGNREQUEST.equalsIgnoreCase("true")){ 86 acceptSignReq = new Boolean (true); 87 } 88 89 if(ACCEPTSIGNREQUEST.equalsIgnoreCase("false")){ 90 acceptSignReq = new Boolean (false); 91 } 92 93 if(acceptSignReq == null){ 94 throw new EJBException ("Property parameter xkms.response.acceptsignrequest is missconfigured, must be either 'true' or 'false'."); 95 } 96 97 } 98 99 return acceptSignReq.booleanValue(); 100 } 101 102 103 private static Boolean alwaysSignResponses = null; 104 109 public static boolean alwaysSignResponses(){ 110 if(alwaysSignResponses == null){ 111 if(ALWAYSSIGN.equalsIgnoreCase("true")){ 112 alwaysSignResponses = new Boolean (true); 113 } 114 115 if(ALWAYSSIGN.equalsIgnoreCase("false")){ 116 alwaysSignResponses = new Boolean (false); 117 } 118 119 if(alwaysSignResponses == null){ 120 throw new EJBException ("Property parameter xkms.response.alwayssign is missconfigured, must be either 'true' or 'false'."); 121 } 122 123 } 124 return alwaysSignResponses.booleanValue(); 125 } 126 127 128 private static Boolean signIsNonRep = null; 129 133 public static boolean signatureIsNonRep(){ 134 if(signIsNonRep == null){ 135 if(SIGNATUREISNONREP.equalsIgnoreCase("true")){ 136 signIsNonRep = new Boolean (true); 137 } 138 139 if(SIGNATUREISNONREP.equalsIgnoreCase("false")){ 140 signIsNonRep = new Boolean (false); 141 } 142 143 if(signIsNonRep == null){ 144 throw new EJBException ("Property parameter xkms.keyusage.signatureisnonrep is missconfigured, must be either 'true' or 'false'."); 145 } 146 147 } 148 149 150 return signIsNonRep.booleanValue(); 151 } 152 153 154 private static Integer cAIdUsedForSigning = null; 155 160 public static int cAIdUsedForSigning(Admin admin,ICAAdminSessionLocal cAAdminSession){ 161 if(cAIdUsedForSigning == null){ 162 CAInfo info = cAAdminSession.getCAInfo(admin, CAUSEDFORSIGNING); 163 if(info == null){ 164 throw new EJBException ("Property parameter xkms.response.causedforsigning ("+CAUSEDFORSIGNING+") is missconfigured, should contain a existing CA name."); 165 } 166 167 cAIdUsedForSigning = new Integer (info.getCAId()); 168 } 169 return cAIdUsedForSigning.intValue(); 170 } 171 172 173 private static Collection acceptedCAs = null; 174 179 public static Collection getAcceptedCA(Admin admin,ICAAdminSessionLocal cAAdminSession){ 180 if(acceptedCAs == null){ 181 acceptedCAs = new ArrayList (); 182 183 String [] cANames = ACCEPTEDCAS.split(";"); 184 185 for(int i=0; i < cANames.length;i++){ 186 CAInfo info = cAAdminSession.getCAInfo(admin, cANames[i]); 187 if(info == null){ 188 throw new EJBException ("Property parameter xkms.request.acceptedcas is missconfigured, should contain a ';' separated string of existing CA names."); 189 } 190 acceptedCAs.add(new Integer (info.getCAId())); 191 } 192 193 } 194 return acceptedCAs; 195 } 196 197 private static Boolean pOPRequired = null; 198 202 public static boolean isPOPRequired(){ 203 if(pOPRequired == null){ 204 if(POPREQUIRED.equalsIgnoreCase("true")){ 205 pOPRequired = new Boolean (true); 206 } 207 208 if(POPREQUIRED.equalsIgnoreCase("false")){ 209 pOPRequired = new Boolean (false); 210 } 211 212 if(pOPRequired == null){ 213 throw new EJBException ("Property parameter xkms.krss.poprequired is missconfigured, must be either 'true' or 'false'."); 214 } 215 216 } 217 218 219 return pOPRequired.booleanValue(); 220 } 221 222 223 private static Integer serverKeyLength = null; 224 228 public static int getServerKeyLength(){ 229 if(serverKeyLength == null){ 230 try{ 231 serverKeyLength = new Integer (Integer.parseInt(SERVERGENKEYLENGTH)); 232 }catch(NumberFormatException e){} 233 catch(NullPointerException e){} 234 235 236 if(serverKeyLength == null){ 237 throw new EJBException ("Property parameter xkms.krss.servergenkeylength is missconfigured, must contain digits only."); 238 } 239 } 240 241 return serverKeyLength.intValue(); 242 } 243 244 private static Boolean allowRevokation = null; 245 249 public static boolean isRevokationAllowed(){ 250 if(allowRevokation == null){ 251 if(ALLOWREVOKATION.equalsIgnoreCase("true")){ 252 allowRevokation = new Boolean (true); 253 } 254 255 if(ALLOWREVOKATION.equalsIgnoreCase("false")){ 256 allowRevokation = new Boolean (false); 257 } 258 259 if(allowRevokation == null){ 260 throw new EJBException ("Property parameter xkms.krss.allowrevokation is missconfigured, must be either 'true' or 'false'."); 261 } 262 } 263 264 return allowRevokation.booleanValue(); 265 } 266 267 private static Boolean allowAutoReissue = null; 268 272 public static boolean isAutomaticReissueAllowed(){ 273 if(allowAutoReissue == null){ 274 if(ALLOWAUTOREISSUE.equalsIgnoreCase("true")){ 275 allowAutoReissue = new Boolean (true); 276 } 277 278 if(ALLOWAUTOREISSUE.equalsIgnoreCase("false")){ 279 allowAutoReissue = new Boolean (false); 280 } 281 282 if(allowAutoReissue == null){ 283 throw new EJBException ("Property parameter xkms.krss.allowautomaticreissue is missconfigured, must be either 'true' or 'false'."); 284 } 285 } 286 287 return allowAutoReissue.booleanValue(); 288 } 289 290 } 291 | Popular Tags |