/** Verifies the trust of a certificate. * @param result*/ protected void verifyCertificateTrust(WSHandlerResult result) throws WSSecurityException { List<WSSecurityEngineResult> results = result.getActionResults().get(WSConstants.SIGN); if (!CollectionUtils.isEmpty(results)) { WSSecurityEngineResult actionResult = results.get(0); X509Certificate returnCert = (X509Certificate) actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE); Credential credential = new Credential(); credential.setCertificates(new X509Certificate[] { returnCert}); RequestData requestData = new RequestData(); requestData.setSigVerCrypto(validationSignatureCrypto); requestData.setEnableRevocation(enableRevocation); SignatureTrustValidator validator = new SignatureTrustValidator(); validator.validate(credential, requestData); } }
/** Verifies the trust of a certificate. * @param result*/ protected void verifyCertificateTrust(WSHandlerResult result) throws WSSecurityException { List<WSSecurityEngineResult> results = result.getActionResults().get(WSConstants.SIGN); if (!CollectionUtils.isEmpty(results)) { WSSecurityEngineResult actionResult = results.get(0); X509Certificate returnCert = (X509Certificate) actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE); Credential credential = new Credential(); credential.setCertificates(new X509Certificate[] { returnCert}); RequestData requestData = new RequestData(); requestData.setSigVerCrypto(validationSignatureCrypto); requestData.setEnableRevocation(enableRevocation); SignatureTrustValidator validator = new SignatureTrustValidator(); validator.validate(credential, requestData); } }
/** Verifies the trust of a certificate. * @param result*/ protected void verifyCertificateTrust(WSHandlerResult result) throws WSSecurityException { List<WSSecurityEngineResult> results = result.getActionResults().get(WSConstants.SIGN); if (!CollectionUtils.isEmpty(results)) { WSSecurityEngineResult actionResult = results.get(0); X509Certificate returnCert = (X509Certificate) actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE); Credential credential = new Credential(); credential.setCertificates(new X509Certificate[] { returnCert}); RequestData requestData = new RequestData(); requestData.setSigVerCrypto(validationSignatureCrypto); requestData.setEnableRevocation(enableRevocation); SignatureTrustValidator validator = new SignatureTrustValidator(); validator.validate(credential, requestData); } }
public void validateTrust(Crypto crypto, X509Certificate cert, PublicKey publicKey, Collection<Pattern> subjectCertConstraints) throws WSSecurityException { SignatureTrustValidator validator = new SignatureTrustValidator(); RequestData data = new RequestData(); data.setSigVerCrypto(crypto); data.setSubjectCertConstraints(subjectCertConstraints); Credential trustCredential = new Credential(); trustCredential.setPublicKey(publicKey); if (cert != null) { trustCredential.setCertificates(new X509Certificate[]{cert}); } validator.validate(trustCredential, data); } }
public void validateTrust(Crypto crypto, X509Certificate cert, PublicKey publicKey, Collection<Pattern> subjectCertConstraints) throws WSSecurityException { SignatureTrustValidator validator = new SignatureTrustValidator(); RequestData data = new RequestData(); data.setSigVerCrypto(crypto); data.setSubjectCertConstraints(subjectCertConstraints); Credential trustCredential = new Credential(); trustCredential.setPublicKey(publicKey); if (cert != null) { trustCredential.setCertificates(new X509Certificate[]{cert}); } validator.validate(trustCredential, data); } }
Validator signatureValidator = new SignatureTrustValidator(); signatureValidator.validate(trustCredential, requestData); } catch (WSSecurityException e) {
trustCredential.setPublicKey(samlKeyInfo.getPublicKey()); trustCredential.setCertificates(samlKeyInfo.getCerts()); Validator signatureValidator = new SignatureTrustValidator();