diff --git a/src/org/digidoc4j/Configuration.java b/src/org/digidoc4j/Configuration.java index b3fb7e476..1ff9e8c08 100644 --- a/src/org/digidoc4j/Configuration.java +++ b/src/org/digidoc4j/Configuration.java @@ -39,7 +39,7 @@ import static org.apache.commons.lang.StringUtils.isNotEmpty; /** - * Possibility to create custom configurations for {@link ContainerFacade} implementations. + * Possibility to create custom configurations for {@link Container} implementations. *

* You can specify the configuration mode, either {@link Configuration.Mode#TEST} or {@link Configuration.Mode#PROD} * configuration. Default is {@link Configuration.Mode#PROD}. @@ -145,7 +145,9 @@ public class Configuration implements Serializable { public static final long CACHE_NO_DATA_FILES = 0; public static final String TEST_OCSP_URL = "http://demo.sk.ee/ocsp"; - public static final String SIGN_OCSP_REQUESTS = "SIGN_OCSP_REQUESTS"; + private static final String SIGN_OCSP_REQUESTS = "SIGN_OCSP_REQUESTS"; + private static final String OCSP_PKCS_12_CONTAINER = "DIGIDOC_PKCS12_CONTAINER"; + private static final String OCSP_PKCS_12_PASSWD = "DIGIDOC_PKCS12_PASSWD"; private final Mode mode; private LinkedHashMap configurationFromFile; @@ -177,6 +179,7 @@ private void initDefaultValues() { configuration.put("validationPolicy", "conf/test_constraint.xml"); configuration.put("ocspSource", TEST_OCSP_URL); configuration.put(SIGN_OCSP_REQUESTS, "false"); + jDigiDocConfiguration.put(SIGN_OCSP_REQUESTS, "false"); } else { configuration.put("tspSource", "http://tsa.sk.ee"); configuration.put("tslLocation", @@ -185,6 +188,7 @@ private void initDefaultValues() { configuration.put("validationPolicy", "conf/constraint.xml"); configuration.put("ocspSource", "http://ocsp.sk.ee/"); configuration.put(SIGN_OCSP_REQUESTS, "true"); + jDigiDocConfiguration.put(SIGN_OCSP_REQUESTS, "true"); } logger.debug(mode + "configuration:\n" + configuration); @@ -238,6 +242,7 @@ public char[] getOCSPAccessCertificatePassword() { public void setOCSPAccessCertificateFileName(String fileName) { logger.debug("Setting OCSPAccessCertificateFileName: " + fileName); setConfigurationParameter("OCSPAccessCertificateFile", fileName); + jDigiDocConfiguration.put(OCSP_PKCS_12_CONTAINER, fileName); logger.debug("OCSPAccessCertificateFile is set"); } @@ -248,7 +253,9 @@ public void setOCSPAccessCertificateFileName(String fileName) { */ public void setOCSPAccessCertificatePassword(char[] password) { logger.debug("Setting OCSPAccessCertificatePassword: "); - setConfigurationParameter("OCSPAccessCertificatePassword", String.valueOf(password)); + String value = String.valueOf(password); + setConfigurationParameter("OCSPAccessCertificatePassword", value); + jDigiDocConfiguration.put(OCSP_PKCS_12_PASSWD, value); logger.debug("OCSPAccessCertificatePassword is set"); } @@ -256,7 +263,7 @@ public void setSignOCSPRequests(boolean shouldSignOcspRequests) { logger.debug("Should sign OCSP requests: " + shouldSignOcspRequests); String valueToSet = String.valueOf(shouldSignOcspRequests); setConfigurationParameter(SIGN_OCSP_REQUESTS, valueToSet); - setJDigiDocConfigurationValue(SIGN_OCSP_REQUESTS, valueToSet); + jDigiDocConfiguration.put(SIGN_OCSP_REQUESTS, valueToSet); } /** @@ -424,7 +431,6 @@ private void reportFileParseErrors() { private void loadInitialConfigurationValues() { logger.debug(""); setJDigiDocConfigurationValue("DIGIDOC_LOG4J_CONFIG", DEFAULT_LOG4J_CONFIGURATION); - setJDigiDocConfigurationValue(SIGN_OCSP_REQUESTS, Boolean.toString(hasToBeOCSPRequestSigned())); setJDigiDocConfigurationValue("DIGIDOC_SECURITY_PROVIDER", DEFAULT_SECURITY_PROVIDER); setJDigiDocConfigurationValue("DIGIDOC_SECURITY_PROVIDER_NAME", DEFAULT_SECURITY_PROVIDER_NAME); setJDigiDocConfigurationValue("KEY_USAGE_CHECK", DEFAULT_KEY_USAGE_CHECK); @@ -444,12 +450,17 @@ private void loadInitialConfigurationValues() { setConfigurationValue("VALIDATION_POLICY", "validationPolicy"); setConfigurationValue("PKCS11_MODULE", "pkcs11Module"); setConfigurationValue("OCSP_SOURCE", "ocspSource"); - setConfigurationValue("DIGIDOC_PKCS12_CONTAINER", "OCSPAccessCertificateFile"); - setConfigurationValue("DIGIDOC_PKCS12_PASSWD", "OCSPAccessCertificatePassword"); + setConfigurationValue(OCSP_PKCS_12_CONTAINER, "OCSPAccessCertificateFile"); + setConfigurationValue(OCSP_PKCS_12_PASSWD, "OCSPAccessCertificatePassword"); setConfigurationValue("CONNECTION_TIMEOUT", "connectionTimeout"); setConfigurationValue(SIGN_OCSP_REQUESTS, SIGN_OCSP_REQUESTS); setConfigurationValue("TSL_KEYSTORE_LOCATION", "tslKeyStoreLocation"); setConfigurationValue("TSL_KEYSTORE_PASSWORD", "tslKeyStorePassword"); + + setJDigiDocConfigurationValue(SIGN_OCSP_REQUESTS, Boolean.toString(hasToBeOCSPRequestSigned())); + setJDigiDocConfigurationValue(OCSP_PKCS_12_CONTAINER, getOCSPAccessCertificateFileName()); + + initOcspAccessCertPasswordForJDigidoc(); } private void setConfigurationValue(String fileKey, String configurationKey) { @@ -958,5 +969,12 @@ public Configuration copy() { } return copyConfiguration; } + + private void initOcspAccessCertPasswordForJDigidoc() { + char[] ocspAccessCertificatePassword = getOCSPAccessCertificatePassword(); + if(ocspAccessCertificatePassword != null && ocspAccessCertificatePassword.length > 0) { + setJDigiDocConfigurationValue(OCSP_PKCS_12_PASSWD, String.valueOf(ocspAccessCertificatePassword)); + } + } } diff --git a/test/org/digidoc4j/ConfigurationTest.java b/test/org/digidoc4j/ConfigurationTest.java index 60dbc114e..664c8ced7 100644 --- a/test/org/digidoc4j/ConfigurationTest.java +++ b/test/org/digidoc4j/ConfigurationTest.java @@ -46,6 +46,9 @@ import static org.junit.Assert.*; public class ConfigurationTest { + private static final String SIGN_OCSP_REQUESTS = "SIGN_OCSP_REQUESTS"; + private static final String OCSP_PKCS12_CONTAINER = "DIGIDOC_PKCS12_CONTAINER"; + private static final String OCSP_PKCS_12_PASSWD = "DIGIDOC_PKCS12_PASSWD"; private Configuration configuration; @Rule @@ -261,12 +264,14 @@ public void setOcspSource() throws Exception { @Test public void defaultOCSPAccessCertificateFile() { assertNull(configuration.getOCSPAccessCertificateFileName()); + assertNull(getJDigiDocConfValue(configuration, OCSP_PKCS12_CONTAINER)); } @Test public void getOCSPAccessCertificateFileFromConfigurationFile() { configuration.loadConfiguration("testFiles/digidoc_test_conf.yaml"); assertEquals("conf/OCSP_access_certificate_test_file_name", configuration.getOCSPAccessCertificateFileName()); + assertEquals("conf/OCSP_access_certificate_test_file_name", getJDigiDocConfValue(configuration, OCSP_PKCS12_CONTAINER)); } @Test @@ -274,6 +279,7 @@ public void getOCSPAccessCertificateFileFromStream() throws FileNotFoundExceptio FileInputStream stream = new FileInputStream("testFiles/digidoc_test_conf.yaml"); configuration.loadConfiguration(stream); assertEquals("conf/OCSP_access_certificate_test_file_name", configuration.getOCSPAccessCertificateFileName()); + assertEquals("conf/OCSP_access_certificate_test_file_name", getJDigiDocConfValue(configuration, OCSP_PKCS12_CONTAINER)); } @Test @@ -281,17 +287,20 @@ public void setOCSPAccessCertificateFileNameOverwritesConfigurationFile() { configuration.loadConfiguration("testFiles/digidoc_test_conf.yaml"); configuration.setOCSPAccessCertificateFileName("New File"); assertEquals("New File", configuration.getOCSPAccessCertificateFileName()); + assertEquals("New File", getJDigiDocConfValue(configuration, OCSP_PKCS12_CONTAINER)); } @Test public void defaultOCSPAccessCertificatePassword() { assertEquals(0, configuration.getOCSPAccessCertificatePassword().length); + assertNull(getJDigiDocConfValue(configuration, OCSP_PKCS_12_PASSWD)); } @Test public void getOCSPAccessCertificatePasswordFromConfigurationFile() throws Exception { configuration.loadConfiguration("testFiles/digidoc_test_conf.yaml"); assertArrayEquals("OCSP_test_password".toCharArray(), configuration.getOCSPAccessCertificatePassword()); + assertEquals("OCSP_test_password", getJDigiDocConfValue(configuration, OCSP_PKCS_12_PASSWD)); } @Test @@ -300,18 +309,21 @@ public void setOCSPAccessCertificatePasswordOverwritesConfigurationFile() { char[] newPassword = "New password".toCharArray(); configuration.setOCSPAccessCertificatePassword(newPassword); assertArrayEquals(newPassword, configuration.getOCSPAccessCertificatePassword()); + assertEquals("New password", getJDigiDocConfValue(configuration, OCSP_PKCS_12_PASSWD)); } @Test public void signingOcspRequest_ShouldBeEnabled_InProdByDefault() throws Exception { Configuration configuration = new Configuration(Mode.PROD); assertTrue(configuration.hasToBeOCSPRequestSigned()); + assertEquals("true", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test public void signingOcspRequest_ShouldBeDisabled_InTestByDefault() throws Exception { Configuration configuration = new Configuration(Mode.TEST); assertFalse(configuration.hasToBeOCSPRequestSigned()); + assertEquals("false", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test @@ -319,6 +331,7 @@ public void disableSigningOcspRequestsInProd() throws Exception { Configuration configuration = new Configuration(Mode.PROD); configuration.setSignOCSPRequests(false); assertFalse(configuration.hasToBeOCSPRequestSigned()); + assertEquals("false", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test @@ -326,6 +339,7 @@ public void enableSigningOcspRequestsInTest() throws Exception { Configuration configuration = new Configuration(Mode.TEST); configuration.setSignOCSPRequests(true); assertTrue(configuration.hasToBeOCSPRequestSigned()); + assertEquals("true", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test @@ -333,6 +347,7 @@ public void loadDisableSigningOcspRequestFromConfFileInProd() throws Exception { Configuration configuration = new Configuration(Mode.PROD); configuration.loadConfiguration("testFiles/digidoc_test_all_optional_settings.yaml"); assertFalse(configuration.hasToBeOCSPRequestSigned()); + assertEquals("false", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test @@ -341,6 +356,7 @@ public void loadDisableSigningOcspRequestFromConfFile() throws Exception { Configuration configuration = new Configuration(); configuration.loadConfiguration(confFile.getPath()); assertFalse(configuration.hasToBeOCSPRequestSigned()); + assertEquals("false", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test @@ -349,6 +365,7 @@ public void loadEnableSigningOcspRequestFromConfFile() throws Exception { Configuration configuration = new Configuration(); configuration.loadConfiguration(confFile.getPath()); assertTrue(configuration.hasToBeOCSPRequestSigned()); + assertEquals("true", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); } @Test @@ -444,7 +461,7 @@ public void generateJDigiDocConfig() throws Exception { assertEquals("false", jDigiDocConf.get("DATAFILE_HASHCODE_MODE")); assertEquals(DEFAULT_CANONICALIZATION_FACTORY_IMPLEMENTATION, jDigiDocConf.get("CANONICALIZATION_FACTORY_IMPL")); assertEquals("-1", jDigiDocConf.get("DIGIDOC_MAX_DATAFILE_CACHED")); - assertEquals("false", jDigiDocConf.get("SIGN_OCSP_REQUESTS")); + assertEquals("false", jDigiDocConf.get(SIGN_OCSP_REQUESTS)); assertEquals("jar://certs/KLASS3-SK OCSP.crt", jDigiDocConf.get("DIGIDOC_CA_1_OCSP2_CERT")); } @@ -798,24 +815,20 @@ public void verifyAllOptionalConfigurationSettingsAreLoadedFromFile() throws Exc configuration.loadConfiguration("testFiles/digidoc_test_all_optional_settings.yaml"); - assertEquals("TEST_DIGIDOC_LOG4J_CONFIG", configuration.getJDigiDocConfiguration().get("DIGIDOC_LOG4J_CONFIG")); - assertEquals("123876", configuration.getJDigiDocConfiguration().get("DIGIDOC_MAX_DATAFILE_CACHED")); - assertEquals("TEST_DIGIDOC_NOTARY_IMPL", configuration.getJDigiDocConfiguration().get("DIGIDOC_NOTARY_IMPL")); - assertEquals("TEST_DIGIDOC_OCSP_SIGN_CERT_SERIAL", configuration.getJDigiDocConfiguration().get - ("DIGIDOC_OCSP_SIGN_CERT_SERIAL")); - assertEquals("TEST_DIGIDOC_SECURITY_PROVIDER", configuration.getJDigiDocConfiguration().get - ("DIGIDOC_SECURITY_PROVIDER")); - assertEquals("TEST_DIGIDOC_SECURITY_PROVIDER_NAME", configuration.getJDigiDocConfiguration().get - ("DIGIDOC_SECURITY_PROVIDER_NAME")); - assertEquals("TEST_DIGIDOC_TSLFAC_IMPL", configuration.getJDigiDocConfiguration().get("DIGIDOC_TSLFAC_IMPL")); - assertEquals("false", configuration.getJDigiDocConfiguration().get("DIGIDOC_USE_LOCAL_TSL")); - assertEquals("false", configuration.getJDigiDocConfiguration().get("KEY_USAGE_CHECK")); - assertEquals("false", configuration.getJDigiDocConfiguration().get("SIGN_OCSP_REQUESTS")); - assertEquals("TEST_DIGIDOC_DF_CACHE_DIR", configuration.getJDigiDocConfiguration().get("DIGIDOC_DF_CACHE_DIR")); - assertEquals("TEST_DIGIDOC_FACTORY_IMPL", configuration.getJDigiDocConfiguration().get("DIGIDOC_FACTORY_IMPL")); - assertEquals("TEST_CANONICALIZATION_FACTORY_IMPL", configuration.getJDigiDocConfiguration().get - ("CANONICALIZATION_FACTORY_IMPL")); - assertEquals("false", configuration.getJDigiDocConfiguration().get("DATAFILE_HASHCODE_MODE")); + assertEquals("TEST_DIGIDOC_LOG4J_CONFIG", getJDigiDocConfValue(configuration, "DIGIDOC_LOG4J_CONFIG")); + assertEquals("123876", getJDigiDocConfValue(configuration, "DIGIDOC_MAX_DATAFILE_CACHED")); + assertEquals("TEST_DIGIDOC_NOTARY_IMPL", getJDigiDocConfValue(configuration, "DIGIDOC_NOTARY_IMPL")); + assertEquals("TEST_DIGIDOC_OCSP_SIGN_CERT_SERIAL", getJDigiDocConfValue(configuration, "DIGIDOC_OCSP_SIGN_CERT_SERIAL")); + assertEquals("TEST_DIGIDOC_SECURITY_PROVIDER", getJDigiDocConfValue(configuration, "DIGIDOC_SECURITY_PROVIDER")); + assertEquals("TEST_DIGIDOC_SECURITY_PROVIDER_NAME", getJDigiDocConfValue(configuration, "DIGIDOC_SECURITY_PROVIDER_NAME")); + assertEquals("TEST_DIGIDOC_TSLFAC_IMPL", getJDigiDocConfValue(configuration, "DIGIDOC_TSLFAC_IMPL")); + assertEquals("false", getJDigiDocConfValue(configuration, "DIGIDOC_USE_LOCAL_TSL")); + assertEquals("false", getJDigiDocConfValue(configuration, "KEY_USAGE_CHECK")); + assertEquals("false", getJDigiDocConfValue(configuration, SIGN_OCSP_REQUESTS)); + assertEquals("TEST_DIGIDOC_DF_CACHE_DIR", getJDigiDocConfValue(configuration, "DIGIDOC_DF_CACHE_DIR")); + assertEquals("TEST_DIGIDOC_FACTORY_IMPL", getJDigiDocConfValue(configuration, "DIGIDOC_FACTORY_IMPL")); + assertEquals("TEST_CANONICALIZATION_FACTORY_IMPL", getJDigiDocConfValue(configuration, "CANONICALIZATION_FACTORY_IMPL")); + assertEquals("false", getJDigiDocConfValue(configuration, "DATAFILE_HASHCODE_MODE")); assertEquals("TEST_DIGIDOC_PKCS12_CONTAINER", configuration.configuration.get("OCSPAccessCertificateFile")); assertEquals("TEST_DIGIDOC_PKCS12_PASSWD", configuration.configuration.get("OCSPAccessCertificatePassword")); assertEquals("TEST_OCSP_SOURCE", configuration.configuration.get("ocspSource")); @@ -880,6 +893,10 @@ private File createConfFileWithParameter(String parameter) throws IOException { return confFile; } + private String getJDigiDocConfValue(Configuration configuration, String key) { + return configuration.getJDigiDocConfiguration().get(key); + } + // // getCACerts is currently only used for testing purposes and not yet updated for multiple CA's // @Test // public void readConfigurationFromPropertiesFile() throws Exception {