Added the flag to check the merchant certificate validity in Identity and security util file also changes reflected to client and xmlclient file

Author: ammajumd

java/src/main/java/com/cybersource/ws/client/Client.java

@@ -212,12 +212,13 @@ private static void setVersionInformation(Map<String, String> request) {
      * @throws SignException if signing fails.
      * @throws SAXException 
      * @throws SignEncryptException 
+     * @throws ConfigException 
      */
     private static Document soapWrapAndSign(
             Map request, MerchantConfig mc, DocumentBuilder builder,
             LoggerWrapper logger)
             throws
-            IOException, SignException, SAXException, SignEncryptException {
+            IOException, SignException, SAXException, SignEncryptException, ConfigException {
         boolean logSignedData = mc.getLogSignedData();
         if (!logSignedData) {
             logger.log(

java/src/main/java/com/cybersource/ws/client/Identity.java

@@ -9,6 +9,7 @@
  */
 package com.cybersource.ws.client;
 
+import java.io.File;
 import java.security.PrivateKey;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
@@ -35,9 +36,15 @@ public class Identity {
     private PrivateKey privateKey;
 
     private MerchantConfig merchantConfig;
+
+	private long lastModifiedDate;
 
     private static final String SERVER_ALIAS = "CyberSource_SJC_US";
 
+    Logger logger;
+    
+    
+    
     /**
      * Creates an Identity instance.this type of the instance can
      * only be used to store server certificate identity.
@@ -93,9 +100,23 @@ public Identity(MerchantConfig merchantConfig,X509Certificate x509Certificate, P
         this.merchantConfig = merchantConfig;
         this.x509Cert = x509Certificate;
         this.privateKey = privateKey;
+        try {
+			this.lastModifiedDate=merchantConfig.getKeyFile().lastModified();
+		} catch (ConfigException e) {
+			logger.log(Logger.LT_EXCEPTION,
+                    "Identity object ,cannot instantiate with key file lastModifiedDate. "
+                    + e.getMessage());
+         throw new SignException(e.getMessage());
+		}
         setUpMerchant();
     }
 
+    public boolean isValid(File keyFile)
+    {
+    	
+       return this.lastModifiedDate == keyFile.lastModified();
+    }
+    
     private void setUpMerchant() throws SignException {
         if (serialNumber == null && x509Cert != null) {
             String subjectDN = x509Cert.getSubjectDN().getName();

java/src/main/java/com/cybersource/ws/client/SecurityUtil.java

@@ -48,6 +48,8 @@ public class SecurityUtil {
 
     private static BouncyCastleProvider bcProvider = new BouncyCastleProvider();
 
+   
+    
 
     // This is loaded by WSS4J but since we use it lets make sure its here
     static {
@@ -77,12 +79,15 @@ private static void initKeystore() throws KeyStoreException, CredentialException
      * @throws IOException
      * @throws CredentialException
      */
-    public static void loadMerchantP12File(MerchantConfig merchantConfig, Logger logger) throws SignException, SignEncryptException {
+    public static void loadMerchantP12File(MerchantConfig merchantConfig, Logger logger) throws SignException, SignEncryptException, ConfigException {
 
         // Load the KeyStore and get the signing key and certificate do this once only
         // This change is made based on the assumptions that at point of time , a merchant will have only one P12 Key
-        
-        if(identities.get(merchantConfig.getMerchantID()) == null){
+       
+			
+		
+        Identity identitys=identities.get(merchantConfig.getMerchantID());
+        if(identities.get(merchantConfig.getMerchantID()) == null || !(identitys.isValid(merchantConfig.getKeyFile()))){
             try {
                 if (localKeyStoreHandler == null)
                     initKeystore();

java/src/main/java/com/cybersource/ws/client/XMLClient.java

@@ -355,11 +355,12 @@ private static void setVersionInformation(Document request, String nsURI) {
      * @return signed document.
      * @throws SignException if signing fails.
      * @throws SignEncryptException 
+     * @throws ConfigException 
      */
     private static Document soapWrapAndSign(
             Document doc, MerchantConfig mc, DocumentBuilder builder,
             LoggerWrapper logger)
-            throws SignException, SignEncryptException {
+            throws SignException, SignEncryptException, ConfigException {
     	boolean logSignedData = mc.getLogSignedData();
 
     	if (!logSignedData) {