SignatureTrustValidator (Red Hat JBoss Enterprise Application Platform 7.4.0.GA public API)

java.lang.Object
- org.apache.wss4j.dom.validate.SignatureTrustValidator

All Implemented Interfaces:

Validator

Direct Known Subclasses:

SamlAssertionValidator
```
public class SignatureTrustValidator
extends Object
implements Validator
```
This class verifies trust in a credential used to verify a signature, which is extracted from the Credential passed to the validate method.

Constructor Summary

Constructors
Constructor and Description

SignatureTrustValidator()

Constructors
Constructor and Description
`SignatureTrustValidator()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected Crypto`	`getCrypto(RequestData data)`
`Credential`	`validate(Credential credential, RequestData data)` Validate the credential argument.
`protected void`	`validateCertificates(X509Certificate[] certificates)` Validate the certificates by checking the validity of each cert
`protected void`	`validatePublicKey(PublicKey publicKey, Crypto crypto)` Validate a public key
`protected void`	`verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto, RequestData data, boolean enableRevocation)` Evaluate whether the given certificate chain should be trusted.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SignatureTrustValidator
```
public SignatureTrustValidator()
```
- Method Detail
  - validate
```
public Credential validate(Credential credential,
                           RequestData data)
                    throws WSSecurityException
```
    Validate the credential argument. It must contain a non-null X509Certificate chain or a PublicKey. A Crypto implementation is also required to be set. This implementation first attempts to verify trust on the certificate (chain). If this is not successful, then it will attempt to verify trust on the Public Key.
    
    Specified by:
    
    validate in interface Validator
    
    Parameters:
    
    credential - the Credential to be validated
    
    data - the RequestData associated with the request
    
    Returns:
    
    a validated Credential
    
    Throws:
    
    WSSecurityException - on a failed validation
  - getCrypto
```
protected Crypto getCrypto(RequestData data)
```
  - validateCertificates
```
protected void validateCertificates(X509Certificate[] certificates)
                             throws WSSecurityException
```
    Validate the certificates by checking the validity of each cert
    
    Throws:
    
    WSSecurityException
  - verifyTrustInCerts
```
protected void verifyTrustInCerts(X509Certificate[] certificates,
                                  Crypto crypto,
                                  RequestData data,
                                  boolean enableRevocation)
                           throws WSSecurityException
```
    Evaluate whether the given certificate chain should be trusted.
    
    Parameters:
    
    certificates - the certificate chain that should be validated against the keystore
    
    crypto - A Crypto instance
    
    data - A RequestData instance
    
    enableRevocation - Whether revocation is enabled or not
    
    Throws:
    
    WSSecurityException - if the certificate chain is not trusted
  - validatePublicKey
```
protected void validatePublicKey(PublicKey publicKey,
                                 Crypto crypto)
                          throws WSSecurityException
```
    Validate a public key
    
    Throws:
    
    WSSecurityException

Class SignatureTrustValidator

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SignatureTrustValidator

Method Detail

validate

getCrypto

validateCertificates

verifyTrustInCerts

validatePublicKey