Search in sources :

Example 1 with ApprovedCATypeV2

use of ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedCATypeV2 in project X-Road by nordic-institute.

the class SharedParametersV2 method cacheCaCerts.

private void cacheCaCerts() throws CertificateException, IOException {
    List<X509Certificate> allCaCerts = new ArrayList<>();
    for (ApprovedCATypeV2 caType : confType.getApprovedCA()) {
        List<CaInfoType> topCAs = Arrays.asList(caType.getTopCA());
        List<CaInfoType> intermediateCAs = caType.getIntermediateCA();
        cacheOcspData(topCAs);
        cacheOcspData(intermediateCAs);
        List<X509Certificate> pkiCaCerts = new ArrayList<>();
        pkiCaCerts.addAll(getTopOrIntermediateCaCerts(topCAs));
        pkiCaCerts.addAll(getTopOrIntermediateCaCerts(intermediateCAs));
        Boolean authenticationOnly = caType.isAuthenticationOnly();
        if (authenticationOnly == null || !authenticationOnly) {
            verificationCaCerts.addAll(pkiCaCerts);
        }
        for (X509Certificate pkiCaCert : pkiCaCerts) {
            caCertsAndCertProfiles.put(pkiCaCert, caType.getCertificateProfileInfo());
            caCertsAndApprovedCAData.put(pkiCaCert, caType);
        }
        allCaCerts.addAll(pkiCaCerts);
    }
    for (X509Certificate cert : allCaCerts) {
        X509CertificateHolder certHolder = new X509CertificateHolder(cert.getEncoded());
        subjectsAndCaCerts.put(certHolder.getSubject(), cert);
    }
}
Also used : X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) ArrayList(java.util.ArrayList) CaInfoType(ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.CaInfoType) ApprovedCATypeV2(ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedCATypeV2) X509Certificate(java.security.cert.X509Certificate)

Example 2 with ApprovedCATypeV2

use of ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedCATypeV2 in project X-Road by nordic-institute.

the class GlobalConfImpl method getApprovedCA.

@Override
public ApprovedCAInfo getApprovedCA(String instanceIdentifier, X509Certificate cert) throws CodedException {
    SharedParametersV2 p = getSharedParameters(instanceIdentifier);
    ApprovedCATypeV2 approvedCAType = p.getCaCertsAndApprovedCAData().get(cert);
    if (approvedCAType == null) {
        throw new CodedException(X_INTERNAL_ERROR, "Could not find approved CA info for certificate " + cert.getSubjectX500Principal().getName());
    }
    return createApprovedCAInfo(approvedCAType);
}
Also used : CodedException(ee.ria.xroad.common.CodedException) ApprovedCATypeV2(ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedCATypeV2)

Aggregations

ApprovedCATypeV2 (ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.ApprovedCATypeV2)2 CodedException (ee.ria.xroad.common.CodedException)1 CaInfoType (ee.ria.xroad.common.conf.globalconf.sharedparameters.v2.CaInfoType)1 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1