use of org.apache.cxf.xkms.model.xkms.ValidateResultType in project cxf by apache.
the class XKMSInvoker method checkCertificateValidity.
protected boolean checkCertificateValidity(X509Certificate cert, boolean directTrust) {
try {
ValidateRequestType validateRequestType = prepareValidateXKMSRequest(cert);
if (directTrust) {
validateRequestType.getQueryKeyBinding().getKeyUsage().add(KeyUsageEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_SIGNATURE);
}
ValidateResultType validateResultType = xkmsConsumer.validate(validateRequestType);
String id = cert.getSubjectDN().getName();
CertificateValidationResult result = parseValidateXKMSResponse(validateResultType, id);
if (!result.isValid()) {
LOG.warn(String.format("Certificate %s is not valid: %s", cert.getSubjectDN(), result.getDescription()));
}
return result.isValid();
} catch (RuntimeException e) {
String msg = String.format("XKMS validate call fails for certificate: %s. Error: %s", cert.getSubjectDN(), e.getMessage());
LOG.warn(msg, e);
throw new XKMSValidateException(msg, e);
}
}
use of org.apache.cxf.xkms.model.xkms.ValidateResultType in project cxf by apache.
the class XKMSService method validate.
@Override
public ValidateResultType validate(ValidateRequestType request) {
ValidateResultType response = XKMSResponseFactory.createResponse(request, new ValidateResultType());
try {
validateRequest(request);
// Create basic response
KeyBindingType binding = createKeyBinding(response);
// Validate request
for (Validator validator : validators) {
StatusType status = validator.validate(request);
addValidationReasons(binding, status);
}
resolveValidationStatus(binding);
return response;
} catch (Exception e) {
return handleException("recover", e, response);
}
}
Aggregations