diff --git a/phase4-lib/src/main/java/com/helger/phase4/crypto/AS4IncomingSecurityConfiguration.java b/phase4-lib/src/main/java/com/helger/phase4/crypto/AS4IncomingSecurityConfiguration.java
index 1e2c5e78f..7bf6a1455 100644
--- a/phase4-lib/src/main/java/com/helger/phase4/crypto/AS4IncomingSecurityConfiguration.java
+++ b/phase4-lib/src/main/java/com/helger/phase4/crypto/AS4IncomingSecurityConfiguration.java
@@ -16,8 +16,6 @@
*/
package com.helger.phase4.crypto;
-import java.security.Provider;
-
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.NotThreadSafe;
@@ -33,45 +31,39 @@
@NotThreadSafe
public class AS4IncomingSecurityConfiguration implements IAS4IncomingSecurityConfiguration
{
- private Provider m_aSecurityProviderSign;
- private Provider m_aSecurityProviderCrypt;
+ private AS4SigningParams m_aSigningParams;
+ private AS4CryptParams m_aCryptParams;
private IAS4DecryptParameterModifier m_aDecryptParameterModifier;
public AS4IncomingSecurityConfiguration ()
{}
@Nullable
- public Provider getSecurityProviderSign ()
+ public AS4SigningParams getSigningParams ()
{
- return m_aSecurityProviderSign;
+ return m_aSigningParams;
}
@Nonnull
- public AS4IncomingSecurityConfiguration setSecurityProviderSign (@Nullable final Provider a)
+ public AS4IncomingSecurityConfiguration setSigningParams (@Nullable final AS4SigningParams a)
{
- m_aSecurityProviderSign = a;
+ m_aSigningParams = a;
return this;
}
@Nullable
- public Provider getSecurityProviderCrypt ()
+ public AS4CryptParams getCryptParams ()
{
- return m_aSecurityProviderCrypt;
+ return m_aCryptParams;
}
@Nonnull
- public AS4IncomingSecurityConfiguration setSecurityProviderCrypt (@Nullable final Provider a)
+ public AS4IncomingSecurityConfiguration setCryptParams (@Nullable final AS4CryptParams a)
{
- m_aSecurityProviderCrypt = a;
+ m_aCryptParams = a;
return this;
}
- @Nonnull
- public AS4IncomingSecurityConfiguration setSecurityProvider (@Nullable final Provider a)
- {
- return setSecurityProviderSign (a).setSecurityProviderCrypt (a);
- }
-
@Nullable
public IAS4DecryptParameterModifier getDecryptParameterModifier ()
{
@@ -88,8 +80,8 @@ public AS4IncomingSecurityConfiguration setDecryptParameterModifier (@Nullable f
@Override
public String toString ()
{
- return new ToStringGenerator (null).append ("SecurityProviderSign", m_aSecurityProviderSign)
- .append ("SecurityProviderCrypt", m_aSecurityProviderCrypt)
+ return new ToStringGenerator (null).append ("SigningParams", m_aSigningParams)
+ .append ("CryptParams", m_aCryptParams)
.append ("DecryptParameterModifier", m_aDecryptParameterModifier)
.getToString ();
}
@@ -97,9 +89,9 @@ public String toString ()
@Nonnull
public static AS4IncomingSecurityConfiguration createDefaultInstance ()
{
- // No SecurityProviderSign
- // No SecurityProviderCrypt
- // No RequestDataModifier
+ // No SigningParams
+ // No CryptParams
+ // No DecryptParameterModifier
return new AS4IncomingSecurityConfiguration ();
}
}
diff --git a/phase4-lib/src/main/java/com/helger/phase4/crypto/IAS4IncomingSecurityConfiguration.java b/phase4-lib/src/main/java/com/helger/phase4/crypto/IAS4IncomingSecurityConfiguration.java
index ab03b9b4e..a55d9b0b4 100644
--- a/phase4-lib/src/main/java/com/helger/phase4/crypto/IAS4IncomingSecurityConfiguration.java
+++ b/phase4-lib/src/main/java/com/helger/phase4/crypto/IAS4IncomingSecurityConfiguration.java
@@ -18,6 +18,7 @@
import java.security.Provider;
+import javax.annotation.Nonnull;
import javax.annotation.Nullable;
/**
@@ -28,13 +29,59 @@
*/
public interface IAS4IncomingSecurityConfiguration
{
+
+ /**
+ * @return The signing parameters to be used for incoming messages. May be
+ * null.
+ * @since 2.3.0
+ */
+ @Nullable
+ AS4SigningParams getSigningParams ();
+
+ /**
+ * @return A clone of the existing signing parameters or a new object. Never
+ * null.
+ * @since 2.3.0
+ */
+ @Nonnull
+ default AS4SigningParams getSigningParamsCloneOrNew ()
+ {
+ final AS4SigningParams a = getSigningParams ();
+ return a == null ? new AS4SigningParams () : a.getClone ();
+ }
+
+ /**
+ * @return The crypt parameters to be used for incoming messages. May be
+ * null.
+ * @since 2.3.0
+ */
+ @Nullable
+ AS4CryptParams getCryptParams ();
+
+ /**
+ * @return A clone of the existing crypt parameters or a new object. Never
+ * null.
+ * @since 2.3.0
+ */
+ @Nonnull
+ default AS4CryptParams getCryptParamsCloneOrNew ()
+ {
+ final AS4CryptParams a = getCryptParams ();
+ return a == null ? new AS4CryptParams () : a.getClone ();
+ }
+
/**
* @return The Java Security provider to be used for incoming messages. May be
* null to indicate the usage of the default JDK security
* provider.
*/
@Nullable
- Provider getSecurityProviderSign ();
+ @Deprecated (forRemoval = true, since = "2.3.0")
+ default Provider getSecurityProviderSign ()
+ {
+ final AS4SigningParams a = getSigningParams ();
+ return a == null ? null : a.getSecurityProvider ();
+ }
/**
* @return The Java Security provider to be used for incoming messages. May be
@@ -42,7 +89,12 @@ public interface IAS4IncomingSecurityConfiguration
* provider.
*/
@Nullable
- Provider getSecurityProviderCrypt ();
+ @Deprecated (forRemoval = true, since = "2.3.0")
+ default Provider getSecurityProviderCrypt ()
+ {
+ final AS4CryptParams a = getCryptParams ();
+ return a == null ? null : a.getSecurityProvider ();
+ }
/**
* @return An optional modifier to customize WSS4J
diff --git a/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4PullRequestBuilder.java b/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4PullRequestBuilder.java
index aba4a4fb8..c51df0496 100644
--- a/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4PullRequestBuilder.java
+++ b/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4PullRequestBuilder.java
@@ -193,8 +193,8 @@ protected final void mainSendMessage () throws Phase4Exception
}
// Create on demand with all necessary parameters
- final AS4IncomingSecurityConfiguration aIncomingSecurityConfiguration = new AS4IncomingSecurityConfiguration ().setSecurityProviderSign (m_aSigningParams.getSecurityProvider ())
- .setSecurityProviderCrypt (m_aCryptParams.getSecurityProvider ())
+ final AS4IncomingSecurityConfiguration aIncomingSecurityConfiguration = new AS4IncomingSecurityConfiguration ().setSigningParams (m_aSigningParams.getClone ())
+ .setCryptParams (m_aCryptParams.getClone ())
.setDecryptParameterModifier (m_aDecryptParameterModifier);
// Main sending
diff --git a/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4UserMessageBuilderMIMEPayload.java b/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4UserMessageBuilderMIMEPayload.java
index aaa4f98f2..9475bf173 100644
--- a/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4UserMessageBuilderMIMEPayload.java
+++ b/phase4-lib/src/main/java/com/helger/phase4/sender/AbstractAS4UserMessageBuilderMIMEPayload.java
@@ -164,8 +164,8 @@ protected final void mainSendMessage () throws Phase4Exception
aUserMsg.addAttachment (WSS4JAttachment.createOutgoingFileAttachment (aAttachment, aResHelper));
// Create on demand with all necessary parameters
- final AS4IncomingSecurityConfiguration aIncomingSecurityConfiguration = new AS4IncomingSecurityConfiguration ().setSecurityProviderSign (m_aSigningParams.getSecurityProvider ())
- .setSecurityProviderCrypt (m_aCryptParams.getSecurityProvider ())
+ final AS4IncomingSecurityConfiguration aIncomingSecurityConfiguration = new AS4IncomingSecurityConfiguration ().setSigningParams (m_aSigningParams.getClone ())
+ .setCryptParams (m_aCryptParams.getClone ())
.setDecryptParameterModifier (m_aDecryptParameterModifier);
// Main sending
diff --git a/phase4-lib/src/main/java/com/helger/phase4/servlet/AS4RequestHandler.java b/phase4-lib/src/main/java/com/helger/phase4/servlet/AS4RequestHandler.java
index 8cc7b0d3a..8e54c8c7d 100644
--- a/phase4-lib/src/main/java/com/helger/phase4/servlet/AS4RequestHandler.java
+++ b/phase4-lib/src/main/java/com/helger/phase4/servlet/AS4RequestHandler.java
@@ -1157,8 +1157,8 @@ private IAS4ResponseFactory _createResponseReceiptMessage (@Nonnull final IAS4Me
// We've got our response
final Document aResponseDoc = aReceiptMessage.getAsSoapDocument ();
- final AS4SigningParams aSigningParams = new AS4SigningParams ().setFromPMode (aEffectiveLeg.getSecurity ())
- .setSecurityProvider (m_aIncomingSecurityConfig.getSecurityProviderSign ());
+ final AS4SigningParams aSigningParams = m_aIncomingSecurityConfig.getSigningParamsCloneOrNew ()
+ .setFromPMode (aEffectiveLeg.getSecurity ());
final ESoapVersion eResponseSoapVersion = aEffectiveLeg.getProtocol ().getSoapVersion ();
if (eResponseSoapVersion != eSoapVersion)
LOGGER.warn ("Received message with " +
@@ -1439,14 +1439,14 @@ private IAS4ResponseFactory _handleSoapMessage (@Nonnull final HttpHeaderMap aHt
aLocalResponseAttachments);
// Send UserMessage
- final AS4SigningParams aSigningParams = new AS4SigningParams ().setFromPMode (aEffectiveLeg.getSecurity ())
- .setSecurityProvider (m_aIncomingSecurityConfig.getSecurityProviderSign ());
+ final AS4SigningParams aSigningParams = m_aIncomingSecurityConfig.getSigningParamsCloneOrNew ()
+ .setFromPMode (aEffectiveLeg.getSecurity ());
// Use the original receiver ID as the alias into the keystore for
// encrypting the response message
final String sEncryptionAlias = aEbmsUserMessage.getPartyInfo ().getTo ().getPartyIdAtIndex (0).getValue ();
- final AS4CryptParams aCryptParams = new AS4CryptParams ().setFromPMode (aEffectiveLeg.getSecurity ())
- .setAlias (sEncryptionAlias)
- .setSecurityProvider (m_aIncomingSecurityConfig.getSecurityProviderCrypt ());
+ final AS4CryptParams aCryptParams = m_aIncomingSecurityConfig.getCryptParamsCloneOrNew ()
+ .setFromPMode (aEffectiveLeg.getSecurity ())
+ .setAlias (sEncryptionAlias);
aAsyncResponseFactory = _createResponseUserMessage (aState,
aEffectiveLeg.getProtocol ().getSoapVersion (),
@@ -1673,15 +1673,15 @@ private IAS4ResponseFactory _handleSoapMessage (@Nonnull final HttpHeaderMap aHt
aEbmsUserMessage,
aResponseAttachments);
- final AS4SigningParams aSigningParams = new AS4SigningParams ().setFromPMode (aLeg2.getSecurity ())
- .setSecurityProvider (m_aIncomingSecurityConfig.getSecurityProviderSign ());
+ final AS4SigningParams aSigningParams = m_aIncomingSecurityConfig.getSigningParamsCloneOrNew ()
+ .setFromPMode (aLeg2.getSecurity ());
final String sEncryptionAlias = aEbmsUserMessage.getPartyInfo ()
.getTo ()
.getPartyIdAtIndex (0)
.getValue ();
- final AS4CryptParams aCryptParams = new AS4CryptParams ().setFromPMode (aLeg2.getSecurity ())
- .setAlias (sEncryptionAlias)
- .setSecurityProvider (m_aIncomingSecurityConfig.getSecurityProviderCrypt ());
+ final AS4CryptParams aCryptParams = m_aIncomingSecurityConfig.getCryptParamsCloneOrNew ()
+ .setFromPMode (aLeg2.getSecurity ())
+ .setAlias (sEncryptionAlias);
ret = _createResponseUserMessage (aState,
aLeg2.getProtocol ().getSoapVersion (),
aResponseUserMsg,
diff --git a/phase4-lib/src/main/java/com/helger/phase4/servlet/soap/SOAPHeaderElementProcessorRegistry.java b/phase4-lib/src/main/java/com/helger/phase4/servlet/soap/SOAPHeaderElementProcessorRegistry.java
index b84bdabc6..5549e1aab 100644
--- a/phase4-lib/src/main/java/com/helger/phase4/servlet/soap/SOAPHeaderElementProcessorRegistry.java
+++ b/phase4-lib/src/main/java/com/helger/phase4/servlet/soap/SOAPHeaderElementProcessorRegistry.java
@@ -32,6 +32,7 @@
import com.helger.commons.collection.impl.CommonsLinkedHashMap;
import com.helger.commons.collection.impl.ICommonsOrderedMap;
import com.helger.commons.equals.EqualsHelper;
+import com.helger.phase4.crypto.AS4SigningParams;
import com.helger.phase4.crypto.IAS4CryptoFactory;
import com.helger.phase4.crypto.IAS4IncomingSecurityConfiguration;
import com.helger.phase4.crypto.IAS4PModeAwareCryptoFactory;
@@ -122,10 +123,12 @@ public static SOAPHeaderElementProcessorRegistry createDefault (@Nonnull final I
// WSS4J must be after Ebms3Messaging handler!
final Supplier aFallbackPModeProvider = () -> aFallbackPMode;
+ final AS4SigningParams aSigningParams = aIncomingSecurityConfiguration.getSigningParams ();
ret.registerHeaderElementProcessor (SOAPHeaderElementProcessorWSS4J.QNAME_SECURITY,
new SOAPHeaderElementProcessorWSS4J (aCryptoFactorySign,
aCryptoFactoryCrypt,
- aIncomingSecurityConfiguration.getSecurityProviderSign (),
+ aSigningParams == null ? null
+ : aSigningParams.getSecurityProvider (),
aFallbackPModeProvider,
aIncomingSecurityConfiguration.getDecryptParameterModifier ()));
return ret;