public class SignatureTrustValidator extends Object implements Validator
Constructor and Description |
---|
SignatureTrustValidator() |
Modifier and Type | Method and Description |
---|---|
protected Crypto |
getCrypto(RequestData data) |
protected boolean |
matchesIssuerDnPattern(X509Certificate cert,
Collection<Pattern> issuerDNPatterns) |
Credential |
validate(Credential credential,
RequestData data)
Validate the credential argument.
|
protected void |
validateCertificates(X509Certificate[] certificates)
Validate the certificates by checking the validity of each cert
|
protected void |
validatePublicKey(PublicKey publicKey,
Crypto crypto)
Validate a public key
|
protected void |
verifyTrustInCerts(X509Certificate[] certificates,
Crypto crypto,
RequestData data,
boolean enableRevocation)
Evaluate whether the given certificate chain should be trusted.
|
public Credential validate(Credential credential, RequestData data) throws WSSecurityException
validate
in interface Validator
credential
- the Credential to be validateddata
- the RequestData associated with the requestWSSecurityException
- on a failed validationprotected Crypto getCrypto(RequestData data)
protected void validateCertificates(X509Certificate[] certificates) throws WSSecurityException
WSSecurityException
protected void verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto, RequestData data, boolean enableRevocation) throws WSSecurityException
certificates
- the certificate chain that should be validated against the keystorecrypto
- A Crypto instancedata
- A RequestData instanceenableRevocation
- Whether revocation is enabled or notWSSecurityException
- if the certificate chain is not trustedprotected void validatePublicKey(PublicKey publicKey, Crypto crypto) throws WSSecurityException
WSSecurityException
protected boolean matchesIssuerDnPattern(X509Certificate cert, Collection<Pattern> issuerDNPatterns)
Copyright © 2017 JBoss by Red Hat. All rights reserved.