byte[] keyIdentifier = x509Data.itemSKI(0).getSKIBytes(); SignatureVerificationKeyCallback.X509CertificateRequest certRequest = new SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest(keyIdentifier); SignatureVerificationKeyCallback verifyKeyCallback = new SignatureVerificationKeyCallback(certRequest);
X509Certificate cert = getCertificateFromTrustStore( request.getSubjectKeyIdentifier(), cb.getRuntimeProperties()); request.setX509Certificate(cert);
public X509Certificate getCertificate(Map context, byte[] keyIdentifier) throws XWSSecurityException { X509Certificate cert = null; SignatureVerificationKeyCallback.X509CertificateRequest certRequest = new SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest(keyIdentifier); SignatureVerificationKeyCallback verifyKeyCallback = new SignatureVerificationKeyCallback(certRequest); if (!isDefaultHandler) { ProcessingContext.copy(verifyKeyCallback.getRuntimeProperties(), context); } Callback[] callbacks = new Callback[]{verifyKeyCallback}; try { callbackHandler.handle(callbacks); } catch (Exception e) { log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest"}); log.log(Level.SEVERE, "WSS0217.callbackhandler.handle.exception.log", e); throw new XWSSecurityException(e); } cert = certRequest.getX509Certificate(); if (cert == null) { // not found so throw an exception log.log(Level.SEVERE, "WSS0221.cannot.locate.cert", new Object[]{keyIdentifier}); throw new XWSSecurityException("No Matching public key for " + Base64.encode(keyIdentifier) + " subject key identifier found"); } return cert; }
@Override protected final void handleX509SubjectKeyIdentifierBasedRequest(SignatureVerificationKeyCallback callback, SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest request) throws IOException { X509Certificate certificate = getCertificateFromTrustStore(request.getSubjectKeyIdentifier()); request.setX509Certificate(certificate); }
@Override protected final void handleX509SubjectKeyIdentifierBasedRequest(SignatureVerificationKeyCallback callback, SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest request) throws IOException { X509Certificate certificate = getCertificateFromTrustStore(request.getSubjectKeyIdentifier()); request.setX509Certificate(certificate); }
@Override protected final void handleX509SubjectKeyIdentifierBasedRequest(SignatureVerificationKeyCallback callback, SignatureVerificationKeyCallback.X509SubjectKeyIdentifierBasedRequest request) throws IOException { X509Certificate certificate = getCertificateFromTrustStore(request.getSubjectKeyIdentifier()); request.setX509Certificate(certificate); }