Examples with CertificatePathValidator org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator used on opensource projects

Search in sources :

Example 1 with CertificatePathValidator

use of org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator in project wso2-synapse by wso2.

the class RevocationVerificationManager method verifyRevocationStatus.

/**
 * This method first tries to verify the given certificate chain using OCSP since OCSP verification is
 * faster. If that fails it tries to do the verification using CRL.
 * @param peerCertificates  javax.security.cert.X509Certificate[] array of peer certificate chain from peer/client.
 * @throws CertificateVerificationException
 */
public void verifyRevocationStatus(javax.security.cert.X509Certificate[] peerCertificates) throws CertificateVerificationException {
    X509Certificate[] convertedCertificates = convert(peerCertificates);
    long start = System.currentTimeMillis();
    OCSPCache ocspCache = OCSPCache.getCache();
    ocspCache.init(cacheSize, cacheDelayMins);
    CRLCache crlCache = CRLCache.getCache();
    crlCache.init(cacheSize, cacheDelayMins);
    RevocationVerifier[] verifiers = { new OCSPVerifier(ocspCache), new CRLVerifier(crlCache) };
    for (RevocationVerifier verifier : verifiers) {
        try {
            CertificatePathValidator pathValidator = new CertificatePathValidator(convertedCertificates, verifier);
            pathValidator.validatePath();
            log.info("Path verification Successful. Took " + (System.currentTimeMillis() - start) + " ms.");
            return;
        } catch (Exception e) {
            log.info(verifier.getClass().getSimpleName() + " failed.");
            log.debug("Certificate verification with " + verifier.getClass().getSimpleName() + " failed. ", e);
        }
    }
    throw new CertificateVerificationException("Path Verification Failed for both OCSP and CRL");
}
Also used : CertificatePathValidator(org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator) OCSPCache(org.apache.synapse.transport.certificatevalidation.ocsp.OCSPCache) X509Certificate(java.security.cert.X509Certificate) CRLCache(org.apache.synapse.transport.certificatevalidation.crl.CRLCache) OCSPVerifier(org.apache.synapse.transport.certificatevalidation.ocsp.OCSPVerifier) CRLVerifier(org.apache.synapse.transport.certificatevalidation.crl.CRLVerifier)

Example 2 with CertificatePathValidator

use of org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator in project wso2-synapse by wso2.

the class RevocationVerificationTest method ocspPathValidation.

private void ocspPathValidation(X509Certificate[] certChain) throws Exception {
    OCSPCache ocspCache = OCSPCache.getCache();
    ocspCache.init(5, 5);
    RevocationVerifier verifier = new OCSPVerifier(ocspCache);
    CertificatePathValidator pathValidator = new CertificatePathValidator(certChain, verifier);
    pathValidator.validatePath();
}
Also used : CertificatePathValidator(org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator) OCSPCache(org.apache.synapse.transport.certificatevalidation.ocsp.OCSPCache) OCSPVerifier(org.apache.synapse.transport.certificatevalidation.ocsp.OCSPVerifier)

Example 3 with CertificatePathValidator

use of org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator in project wso2-synapse by wso2.

the class RevocationVerificationTest method crlPathValidation.

private void crlPathValidation(X509Certificate[] certChain) throws Exception {
    CRLCache crlCache = CRLCache.getCache();
    crlCache.init(5, 5);
    RevocationVerifier verifier = new CRLVerifier(crlCache);
    CertificatePathValidator pathValidator = new CertificatePathValidator(certChain, verifier);
    pathValidator.validatePath();
}
Also used : CertificatePathValidator(org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator) CRLCache(org.apache.synapse.transport.certificatevalidation.crl.CRLCache) CRLVerifier(org.apache.synapse.transport.certificatevalidation.crl.CRLVerifier)

Aggregations

CertificatePathValidator (org.apache.synapse.transport.certificatevalidation.pathvalidation.CertificatePathValidator)3 CRLCache (org.apache.synapse.transport.certificatevalidation.crl.CRLCache)2 CRLVerifier (org.apache.synapse.transport.certificatevalidation.crl.CRLVerifier)2 OCSPCache (org.apache.synapse.transport.certificatevalidation.ocsp.OCSPCache)2 OCSPVerifier (org.apache.synapse.transport.certificatevalidation.ocsp.OCSPVerifier)2 X509Certificate (java.security.cert.X509Certificate)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial