Search in sources :

Example 6 with SmtpAgentException

use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.

the class RESTSmtpAgentConfig method buildPolicyResolvers.

@Override
protected void buildPolicyResolvers() {
    final Map<String, Collection<PolicyExpression>> incomingPrivatePolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> outgoingPrivatePolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> incomingPublicPolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> outgoingPublicPolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> trustPolicies = new HashMap<String, Collection<PolicyExpression>>();
    Collection<CertPolicyGroupDomainReltn> domainReltns = null;
    try {
        // get all of the policy group to domain relations... 
        // doing this all in one call for efficiency
        domainReltns = policyService.getPolicyGroupDomainReltns();
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting certificate policy configuration: " + e.getMessage(), e);
    }
    if (domainReltns != null) {
        for (CertPolicyGroupDomainReltn domainReltn : domainReltns) {
            if (domainReltn.getPolicyGroup().getPolicies() != null) {
                for (CertPolicyGroupUse policyReltn : domainReltn.getPolicyGroup().getPolicies()) {
                    if (policyReltn.getPolicyUse().equals(CertPolicyUse.PRIVATE_RESOLVER)) {
                        if (policyReltn.isIncoming())
                            addPolicyToMap(incomingPrivatePolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                        if (policyReltn.isOutgoing())
                            addPolicyToMap(outgoingPrivatePolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                    } else if (policyReltn.getPolicyUse().equals(CertPolicyUse.PUBLIC_RESOLVER)) {
                        if (policyReltn.isIncoming())
                            addPolicyToMap(incomingPublicPolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                        if (policyReltn.isOutgoing())
                            addPolicyToMap(outgoingPublicPolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                    } else if (policyReltn.getPolicyUse().equals(CertPolicyUse.TRUST)) {
                        addPolicyToMap(trustPolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                    }
                }
            }
        }
    }
    publicPolicyResolverModule = PublicPolicyResolverModule.create(new DomainPolicyResolverProvider(incomingPublicPolicies, outgoingPublicPolicies));
    privatePolicyResolverModule = PrivatePolicyResolverModule.create(new DomainPolicyResolverProvider(incomingPrivatePolicies, outgoingPrivatePolicies));
    trustPolicyResolverModule = TrustPolicyResolverModule.create(new DomainPolicyResolverProvider(trustPolicies));
}
Also used : SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) CertPolicyGroupDomainReltn(org.nhindirect.config.model.CertPolicyGroupDomainReltn) HashMap(java.util.HashMap) CertPolicyGroupUse(org.nhindirect.config.model.CertPolicyGroupUse) Collection(java.util.Collection) PolicyExpression(org.nhindirect.policy.PolicyExpression) DomainPolicyResolverProvider(org.nhindirect.stagent.policy.impl.provider.DomainPolicyResolverProvider) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException)

Example 7 with SmtpAgentException

use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.

the class RESTSmtpAgentConfig method getAnchorsFromNonWS.

@Override
protected void getAnchorsFromNonWS(Map<String, Collection<X509Certificate>> incomingAnchors, Map<String, Collection<X509Certificate>> outgoingAnchors, String storeType) {
    ArrayList<String> incomingLookups = new ArrayList<String>();
    ArrayList<String> outgoingLookups = new ArrayList<String>();
    for (String domain : domains) {
        incomingLookups.add(domain + "IncomingAnchorAliases");
        outgoingLookups.add(domain + "OutgoingAnchorAliases");
    }
    Collection<Setting> incomingAliasSettings = new ArrayList<Setting>();
    Collection<Setting> outgoingAliasSettings = new ArrayList<Setting>();
    for (String lookup : incomingLookups) {
        try {
            Setting st = settingsService.getSetting(lookup);
            if (st != null)
                incomingAliasSettings.add(st);
        } catch (Exception e) {
            throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor aliases: " + e.getMessage(), e);
        }
    }
    for (String lookup : outgoingLookups) {
        try {
            Setting st = settingsService.getSetting(lookup);
            if (st != null)
                outgoingAliasSettings.add(st);
        } catch (Exception e) {
            throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor aliases: " + e.getMessage(), e);
        }
    }
    // get the anchors from the correct store
    if (storeType.equalsIgnoreCase(STORE_TYPE_KEYSTORE)) {
        Setting file;
        Setting pass;
        Setting privKeyPass;
        try {
            file = settingsService.getSetting("AnchorKeyStoreFile");
            pass = settingsService.getSetting("AnchorKeyStoreFilePass");
            privKeyPass = settingsService.getSetting("AnchorKeyStorePrivKeyPass");
        } catch (Exception e) {
            throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor key store settings: " + e.getMessage(), e);
        }
        KeyStoreCertificateStore store = new KeyStoreCertificateStore((file == null) ? null : file.getValue(), (pass == null) ? "DefaultFilePass" : pass.getValue(), (privKeyPass == null) ? "DefaultKeyPass" : privKeyPass.getValue());
        // get incoming anchors
        if (incomingAliasSettings != null) {
            for (Setting setting : incomingAliasSettings) {
                Collection<X509Certificate> certs = new ArrayList<X509Certificate>();
                String[] aliases = setting.getValue().split(",");
                for (String alias : aliases) {
                    X509Certificate cert = store.getByAlias(alias);
                    if (cert != null) {
                        certs.add(cert);
                    }
                }
                incomingAnchors.put(setting.getName().substring(0, setting.getName().lastIndexOf("IncomingAnchorAliases")), certs);
            }
        }
        // get outgoing anchors
        if (outgoingAliasSettings != null) {
            for (Setting setting : outgoingAliasSettings) {
                Collection<X509Certificate> certs = new ArrayList<X509Certificate>();
                String[] aliases = setting.getValue().split(",");
                for (String alias : aliases) {
                    X509Certificate cert = store.getByAlias(alias);
                    if (cert != null) {
                        certs.add(cert);
                    }
                }
                outgoingAnchors.put(setting.getName().substring(0, setting.getName().lastIndexOf("OutgoingAnchorAliases")), certs);
            }
        }
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_LDAP)) {
        LDAPCertificateStore ldapCertificateStore = (LDAPCertificateStore) buildLdapCertificateStoreProvider("TrustAnchor", "LDAPTrustAnchorStore").get();
        // get incoming anchors
        if (incomingAliasSettings != null) {
            for (Setting setting : incomingAliasSettings) {
                Collection<X509Certificate> certs = new ArrayList<X509Certificate>();
                String[] aliases = setting.getValue().split(",");
                for (String alias : aliases) {
                    //TODO what if 2nd entry has no certs? Fail?
                    //each alias could have multiple certificates
                    certs.addAll(ldapCertificateStore.getCertificates(alias));
                }
                incomingAnchors.put(setting.getName().substring(0, setting.getName().lastIndexOf("IncomingAnchorAliases")), certs);
            }
        }
        // get outgoing anchors
        if (outgoingAliasSettings != null) {
            for (Setting setting : outgoingAliasSettings) {
                Collection<X509Certificate> certs = new ArrayList<X509Certificate>();
                String[] aliases = setting.getValue().split(",");
                for (String alias : aliases) {
                    //TODO what if 2nd entry has no certs? Fail?
                    //each alias could have multiple certificates
                    certs.addAll(ldapCertificateStore.getCertificates(alias));
                }
                outgoingAnchors.put(setting.getName().substring(0, setting.getName().lastIndexOf("OutgoingAnchorAliases")), certs);
            }
        }
    }
}
Also used : SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) Setting(org.nhindirect.config.model.Setting) ArrayList(java.util.ArrayList) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException) X509Certificate(java.security.cert.X509Certificate) KeyStoreCertificateStore(org.nhindirect.stagent.cert.impl.KeyStoreCertificateStore) LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore) Collection(java.util.Collection)

Example 8 with SmtpAgentException

use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.

the class WSSmtpAgentConfig method buildPolicyResolvers.

protected void buildPolicyResolvers() {
    final Map<String, Collection<PolicyExpression>> incomingPrivatePolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> outgoingPrivatePolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> incomingPublicPolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> outgoingPublicPolicies = new HashMap<String, Collection<PolicyExpression>>();
    final Map<String, Collection<PolicyExpression>> trustPolicies = new HashMap<String, Collection<PolicyExpression>>();
    CertPolicyGroupDomainReltn[] domainReltns = null;
    try {
        // get all of the policy group to domain relations... 
        // doing this all in one call for efficiency
        domainReltns = cfService.getPolicyGroupDomainReltns();
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting certificate policy configuration: " + e.getMessage(), e);
    }
    if (domainReltns != null) {
        for (CertPolicyGroupDomainReltn domainReltn : domainReltns) {
            if (domainReltn.getCertPolicyGroup().getCertPolicyGroupReltn() != null) {
                for (CertPolicyGroupReltn policyReltn : domainReltn.getCertPolicyGroup().getCertPolicyGroupReltn()) {
                    if (policyReltn.getPolicyUse().equals(CertPolicyUse.PRIVATE_RESOLVER)) {
                        if (policyReltn.isIncoming())
                            addPolicyToMap(incomingPrivatePolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                        if (policyReltn.isOutgoing())
                            addPolicyToMap(outgoingPrivatePolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                    } else if (policyReltn.getPolicyUse().equals(CertPolicyUse.PUBLIC_RESOLVER)) {
                        if (policyReltn.isIncoming())
                            addPolicyToMap(incomingPublicPolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                        if (policyReltn.isOutgoing())
                            addPolicyToMap(outgoingPublicPolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                    } else if (policyReltn.getPolicyUse().equals(CertPolicyUse.TRUST)) {
                        addPolicyToMap(trustPolicies, domainReltn.getDomain().getDomainName(), policyReltn);
                    }
                }
            }
        }
    }
    publicPolicyResolverModule = PublicPolicyResolverModule.create(new DomainPolicyResolverProvider(incomingPublicPolicies, outgoingPublicPolicies));
    privatePolicyResolverModule = PrivatePolicyResolverModule.create(new DomainPolicyResolverProvider(incomingPrivatePolicies, outgoingPrivatePolicies));
    trustPolicyResolverModule = TrustPolicyResolverModule.create(new DomainPolicyResolverProvider(trustPolicies));
}
Also used : CertPolicyGroupReltn(org.nhind.config.CertPolicyGroupReltn) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) CertPolicyGroupDomainReltn(org.nhind.config.CertPolicyGroupDomainReltn) HashMap(java.util.HashMap) Collection(java.util.Collection) PolicyExpression(org.nhindirect.policy.PolicyExpression) DomainPolicyResolverProvider(org.nhindirect.stagent.policy.impl.provider.DomainPolicyResolverProvider) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 9 with SmtpAgentException

use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.

the class WSSmtpAgentConfig method buildDomains.

protected void buildDomains() {
    domains = new ArrayList<String>();
    domainPostmasters = new HashMap<String, DomainPostmaster>();
    // get the domain list first
    try {
        int domainCount = cfService.getDomainCount();
        lookedupWSDomains = cfService.listDomains(null, domainCount);
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting domains list: " + e.getMessage(), e);
    }
    if (lookedupWSDomains != null) {
        for (Domain dom : lookedupWSDomains) {
            domains.add(dom.getDomainName());
            try {
                String configuredAddress = dom.getPostMasterEmail();
                configuredAddress = (configuredAddress == null || configuredAddress.trim().isEmpty()) ? DomainPostmaster.getDefaultPostmaster(dom.getDomainName()) : configuredAddress;
                domainPostmasters.put(dom.getDomainName().toUpperCase(Locale.getDefault()), new DomainPostmaster(dom.getDomainName(), new InternetAddress(configuredAddress)));
            } catch (AddressException e) {
            }
        }
    }
    if (domains.size() == 0)
        throw new SmtpAgentException(SmtpAgentError.MissingDomains);
    // now get the trust anchors
    buildTrustAnchorResolver();
}
Also used : SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) InternetAddress(javax.mail.internet.InternetAddress) AddressException(javax.mail.internet.AddressException) DomainPostmaster(org.nhindirect.gateway.smtp.DomainPostmaster) Domain(org.nhind.config.Domain) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 10 with SmtpAgentException

use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.

the class WSSmtpAgentConfig method buildPrivateCertStore.

protected void buildPrivateCertStore() {
    Provider<CertificateResolver> resolverProvider = null;
    Setting setting = null;
    String storeType;
    try {
        setting = cfService.getSettingByName("PrivateStoreType");
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store type: " + e.getMessage(), e);
    }
    if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
        // default to WS
        storeType = STORE_TYPE_WS;
    else
        storeType = setting.getValue();
    /*
		 * KeyStore based resolver
		 */
    if (storeType.equalsIgnoreCase(STORE_TYPE_KEYSTORE)) {
        Setting file;
        Setting pass;
        Setting privKeyPass;
        try {
            file = cfService.getSettingByName("PrivateStoreFile");
            pass = cfService.getSettingByName("PrivateStoreFilePass");
            privKeyPass = cfService.getSettingByName("PrivateStorePrivKeyPass");
        } catch (Exception e) {
            throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting private store file settings: " + e.getMessage(), e);
        }
        resolverProvider = new KeyStoreCertificateStoreProvider((file == null) ? null : file.getValue(), (pass == null) ? null : pass.getValue(), (privKeyPass == null) ? null : privKeyPass.getValue());
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_LDAP)) {
        resolverProvider = buildLdapCertificateStoreProvider("PrivateStore", "LDAPPrivateCertStore");
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
        resolverProvider = new ConfigServiceCertificateStoreProvider(cfService, null, new ConfigServiceCertificateStore.DefaultConfigStoreCachePolicy(), this.storeProvider);
    } else {
        throw new SmtpAgentException(SmtpAgentError.InvalidPrivateCertStoreSettings);
    }
    privateCertModule = new PrivateCertStoreModule(resolverProvider);
}
Also used : PrivateCertStoreModule(org.nhindirect.stagent.module.PrivateCertStoreModule) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) ConfigServiceCertificateStoreProvider(org.nhindirect.gateway.smtp.config.cert.impl.provider.ConfigServiceCertificateStoreProvider) KeyStoreCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider) Setting(org.nhind.config.Setting) CertificateResolver(org.nhindirect.stagent.cert.CertificateResolver) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Aggregations

SmtpAgentException (org.nhindirect.gateway.smtp.SmtpAgentException)31 PolicyParseException (org.nhindirect.policy.PolicyParseException)20 AddressException (javax.mail.internet.AddressException)19 IOException (java.io.IOException)10 CertificateException (java.security.cert.CertificateException)10 Collection (java.util.Collection)8 ArrayList (java.util.ArrayList)7 Setting (org.nhind.config.Setting)7 Setting (org.nhindirect.config.model.Setting)7 LDAPCertificateStore (org.nhindirect.stagent.cert.impl.LDAPCertificateStore)7 X509Certificate (java.security.cert.X509Certificate)6 HashMap (java.util.HashMap)6 CertificateResolver (org.nhindirect.stagent.cert.CertificateResolver)5 KeyStoreCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider)5 LdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)5 MultiDomainTrustAnchorResolverProvider (org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)5 UniformTrustAnchorResolverProvider (org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)5 DomainPolicyResolverProvider (org.nhindirect.stagent.policy.impl.provider.DomainPolicyResolverProvider)4 ByteArrayInputStream (java.io.ByteArrayInputStream)3 InternetAddress (javax.mail.internet.InternetAddress)3