Java tutorial
/* DigiDoc4J library * * This software is released under either the GNU Library General Public * License (see LICENSE.LGPL). * * Note that the only valid version of the LGPL license as far as this * project is concerned is the original GNU Library General Public License * Version 2.1, February 1999 */ package org.digidoc4j.impl.bdoc.tsl; import java.io.File; import java.io.IOException; import java.io.InputStream; import java.io.Serializable; import java.nio.file.Files; import java.nio.file.Paths; import org.apache.commons.io.FileUtils; import org.digidoc4j.Configuration; import org.digidoc4j.exceptions.DigiDoc4JException; import org.digidoc4j.exceptions.TslCertificateSourceInitializationException; import org.digidoc4j.exceptions.TslKeyStoreNotFoundException; import org.digidoc4j.impl.bdoc.CachingDataLoader; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import eu.europa.esig.dss.DSSException; import eu.europa.esig.dss.client.http.DataLoader; import eu.europa.esig.dss.client.http.Protocol; import eu.europa.esig.dss.client.http.commons.CommonsDataLoader; import eu.europa.esig.dss.tsl.service.TSLRepository; import eu.europa.esig.dss.tsl.service.TSLValidationJob; import eu.europa.esig.dss.x509.KeyStoreCertificateSource; public class TslLoader implements Serializable { private static final Logger logger = LoggerFactory.getLogger(TslLoader.class); public static final File fileCacheDirectory = new File( System.getProperty("java.io.tmpdir") + "/digidoc4jTSLCache"); private boolean checkSignature = true; private Configuration configuration; private transient TSLRepository tslRepository; private transient TSLCertificateSourceImpl tslCertificateSource; private transient TSLValidationJob tslValidationJob; public TslLoader(Configuration configuration) { this.configuration = configuration; } public void prepareTsl() { try { tslCertificateSource = new TSLCertificateSourceImpl(); tslRepository = new TSLRepository(); tslRepository.setTrustedListsCertificateSource(tslCertificateSource); tslValidationJob = createTslValidationJob(tslRepository); } catch (DSSException e) { logger.error("Unable to load TSL: " + e.getMessage()); throw new TslCertificateSourceInitializationException(e.getMessage()); } } public static void invalidateCache() { logger.info("Cleaning TSL cache directory at " + fileCacheDirectory.getPath()); try { if (fileCacheDirectory.exists()) { FileUtils.cleanDirectory(fileCacheDirectory); } else { logger.debug("TSL cache directory doesn't exist"); } } catch (Exception e) { logger.error(e.getMessage()); throw new DigiDoc4JException(e); } } public void setCheckSignature(boolean checkSignature) { this.checkSignature = checkSignature; } public TSLCertificateSourceImpl getTslCertificateSource() { return tslCertificateSource; } public TSLValidationJob getTslValidationJob() { return tslValidationJob; } protected TSLRepository getTslRepository() { return tslRepository; } private TSLValidationJob createTslValidationJob(TSLRepository tslRepository) { TSLValidationJob tslValidationJob = new TSLValidationJob(); tslValidationJob.setDataLoader(createDataLoader()); tslValidationJob.setDssKeyStore(getKeyStore()); tslValidationJob.setLotlUrl(configuration.getTslLocation()); tslValidationJob.setLotlCode("EU"); tslValidationJob.setRepository(tslRepository); tslValidationJob.setCheckLOTLSignature(checkSignature); tslValidationJob.setCheckTSLSignatures(checkSignature); tslValidationJob.setFilterTerritories(configuration.getTrustedTerritories()); return tslValidationJob; } private DataLoader createDataLoader() { if (Protocol.isHttpUrl(configuration.getTslLocation())) { CachingDataLoader dataLoader = new CachingDataLoader(configuration); dataLoader.setTimeoutConnection(configuration.getConnectionTimeout()); dataLoader.setTimeoutSocket(configuration.getSocketTimeout()); dataLoader.setCacheExpirationTime(configuration.getTslCacheExpirationTime()); dataLoader.setFileCacheDirectory(fileCacheDirectory); logger.debug("Using file cache directory for storing TSL: " + fileCacheDirectory); return dataLoader; } else { return new CommonsDataLoader(); } } private KeyStoreCertificateSource getKeyStore() { File tslKeystoreFile = getTslKeystoreFile(); return new KeyStoreCertificateSource(tslKeystoreFile, configuration.getTslKeyStorePassword()); } private File getTslKeystoreFile() throws TslKeyStoreNotFoundException { try { String keystoreLocation = configuration.getTslKeyStoreLocation(); if (Files.exists(Paths.get(keystoreLocation))) { return new File(keystoreLocation); } File tempFile = File.createTempFile("temp-tsl-keystore", ".jks"); InputStream in = getClass().getClassLoader().getResourceAsStream(keystoreLocation); if (in == null) { logger.error("keystore not found in location " + keystoreLocation); throw new TslKeyStoreNotFoundException("keystore not found in location " + keystoreLocation); } FileUtils.copyInputStreamToFile(in, tempFile); return tempFile; } catch (IOException e) { logger.error(e.getMessage()); throw new TslKeyStoreNotFoundException(e.getMessage()); } } }