AllowAllAlgorithmPolicy.java

  1. /*
  2.  * Java Trust Project.
  3.  * Copyright (C) 2011 FedICT.
  4.  * Copyright (C) 2014-2019 e-Contract.be BVBA.
  5.  *
  6.  * This is free software; you can redistribute it and/or modify it
  7.  * under the terms of the GNU Lesser General Public License version
  8.  * 3.0 as published by the Free Software Foundation.
  9.  *
  10.  * This software is distributed in the hope that it will be useful,
  11.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  13.  * Lesser General Public License for more details.
  14.  *
  15.  * You should have received a copy of the GNU Lesser General Public
  16.  * License along with this software; if not, see
  17.  * http://www.gnu.org/licenses/.
  18.  */

  19. package be.fedict.trust.policy;

  20. import java.util.Date;

  21. import org.slf4j.Logger;
  22. import org.slf4j.LoggerFactory;

  23. /**
  24.  * An algorithm policy implementation that allows everything.
  25.  * <p>
  26.  * Gives a log warning on MD5.
  27.  * </p>
  28.  *
  29.  * @author Frank Cornelis
  30.  *
  31.  */
  32. public class AllowAllAlgorithmPolicy implements AlgorithmPolicy {

  33.     private static final Logger LOGGER = LoggerFactory.getLogger(AllowAllAlgorithmPolicy.class);

  34.     @Override
  35.     public void checkSignatureAlgorithm(String signatureAlgorithm, Date validationDate) throws Exception {
  36.         LOGGER.debug("validate signature algorithm: {}", signatureAlgorithm);
  37.         if (signatureAlgorithm.contains("MD5") || signatureAlgorithm.equals("1.2.840.113549.1.1.4")) {
  38.             LOGGER.warn("MD5 being used");
  39.         }
  40.     }
  41. }