Examples with CertificateResolver org.nhindirect.stagent.cert.CertificateResolver used on opensource projects

Example 16 with CertificateResolver

use of org.nhindirect.stagent.cert.CertificateResolver in project nhin-d by DirectProject.

the class TrustChainValidator_IntermidiateCert_Test method testValidateChain_IntermediatePublicResolver_OpenSSLCerts.

public void testValidateChain_IntermediatePublicResolver_OpenSSLCerts() throws Exception {
    X509Certificate anchor = certFromData(getCertificateFileData("cert-c.der"));
    X509Certificate certToValidate = certFromData(getCertificateFileData("cert-a.der"));
    // uniform cert store that will just spit out whatever we put in it
    // will put the anchor in the public resolver... validator should hit it
    X509Certificate intermediateCert = certFromData(getCertificateFileData("cert-b.der"));
    CertificateResolver publicResolver = new UniformCertificateStore(intermediateCert);
    TrustChainValidator validator = new TrustChainValidator();
    validator.setCertificateResolver(Arrays.asList(publicResolver));
    boolean isTrusted = false;
    try {
        isTrusted = validator.isTrusted(certToValidate, Arrays.asList(anchor));
    } catch (Exception e) {
    }
    assertTrue(isTrusted);
}

Example 17 with CertificateResolver

use of org.nhindirect.stagent.cert.CertificateResolver in project nhin-d by DirectProject.

the class TrustChainValidator_IntermidiateCert_Test method testValidateCert_FindIntermediateByAltName_AssertValidated.

public void testValidateCert_FindIntermediateByAltName_AssertValidated() throws Exception {
    X509Certificate anchor = certFromData(getCertificateFileData("Test Alt Name CA ROO.der"));
    X509Certificate certToValidate = certFromData(getCertificateFileData("altNameOnly.der"));
    CertificateResolver publicCertResolver = new KeyStoreCertificateStore("src/test/resources/keystores/internalKeystore", "h3||0 wor|d", "pKpa$$wd");
    TrustChainValidator validator = new TrustChainValidator();
    validator.setCertificateResolver(Arrays.asList(publicCertResolver));
    boolean isTrusted = false;
    try {
        isTrusted = validator.isTrusted(certToValidate, Arrays.asList(anchor));
    } catch (Exception e) {
    }
    assertTrue(isTrusted);
}

Example 18 with CertificateResolver

use of org.nhindirect.stagent.cert.CertificateResolver in project nhin-d by DirectProject.

the class RESTSmtpAgentConfig method buildPrivateCertStore.

protected void buildPrivateCertStore() {
    Provider<CertificateResolver> resolverProvider = null;
    Setting setting = null;
    String storeType;
    try {
        setting = settingsService.getSetting("PrivateStoreType");
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store type: " + e.getMessage(), e);
    }
    if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
        // default to WS
        storeType = STORE_TYPE_WS;
    else
        storeType = setting.getValue();
    /*
		 * KeyStore based resolver
		 */
    if (storeType.equalsIgnoreCase(STORE_TYPE_KEYSTORE)) {
        Setting file;
        Setting pass;
        Setting privKeyPass;
        try {
            file = settingsService.getSetting("PrivateStoreFile");
            pass = settingsService.getSetting("PrivateStoreFilePass");
            privKeyPass = settingsService.getSetting("PrivateStorePrivKeyPass");
        } catch (Exception e) {
            throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting private store file settings: " + e.getMessage(), e);
        }
        resolverProvider = new KeyStoreCertificateStoreProvider((file == null) ? null : file.getValue(), (pass == null) ? null : pass.getValue(), (privKeyPass == null) ? null : privKeyPass.getValue());
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_LDAP)) {
        resolverProvider = buildLdapCertificateStoreProvider("PrivateStore", "LDAPPrivateCertStore");
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
        resolverProvider = new ConfigServiceRESTCertificateStoreProvider(certificateService, null, new ConfigServiceCertificateStore.DefaultConfigStoreCachePolicy(), this.storeProvider);
    } else {
        throw new SmtpAgentException(SmtpAgentError.InvalidPrivateCertStoreSettings);
    }
    privateCertModule = new PrivateCertStoreModule(resolverProvider);
}

Example 19 with CertificateResolver

use of org.nhindirect.stagent.cert.CertificateResolver in project nhin-d by DirectProject.

the class WSSmtpAgentConfig method buildPrivateCertStore.

protected void buildPrivateCertStore() {
    Provider<CertificateResolver> resolverProvider = null;
    Setting setting = null;
    String storeType;
    try {
        setting = cfService.getSettingByName("PrivateStoreType");
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store type: " + e.getMessage(), e);
    }
    if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
        // default to WS
        storeType = STORE_TYPE_WS;
    else
        storeType = setting.getValue();
    /*
		 * KeyStore based resolver
		 */
    if (storeType.equalsIgnoreCase(STORE_TYPE_KEYSTORE)) {
        Setting file;
        Setting pass;
        Setting privKeyPass;
        try {
            file = cfService.getSettingByName("PrivateStoreFile");
            pass = cfService.getSettingByName("PrivateStoreFilePass");
            privKeyPass = cfService.getSettingByName("PrivateStorePrivKeyPass");
        } catch (Exception e) {
            throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting private store file settings: " + e.getMessage(), e);
        }
        resolverProvider = new KeyStoreCertificateStoreProvider((file == null) ? null : file.getValue(), (pass == null) ? null : pass.getValue(), (privKeyPass == null) ? null : privKeyPass.getValue());
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_LDAP)) {
        resolverProvider = buildLdapCertificateStoreProvider("PrivateStore", "LDAPPrivateCertStore");
    } else if (storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
        resolverProvider = new ConfigServiceCertificateStoreProvider(cfService, null, new ConfigServiceCertificateStore.DefaultConfigStoreCachePolicy(), this.storeProvider);
    } else {
        throw new SmtpAgentException(SmtpAgentError.InvalidPrivateCertStoreSettings);
    }
    privateCertModule = new PrivateCertStoreModule(resolverProvider);
}

Example 20 with CertificateResolver

use of org.nhindirect.stagent.cert.CertificateResolver in project nhin-d by DirectProject.

the class XMLSmtpAgentConfig method buildPublicCertStore.

/*
	 * Build the certificate resolver for public certificates
	 */
@SuppressWarnings("unchecked")
private void buildPublicCertStore(Node publicCertNode) {
    Provider<CertificateResolver> resolverProvider = null;
    if (publicCertNode.getNodeType() == Node.ELEMENT_NODE) {
        Element certNode = (Element) publicCertNode;
        String storeType = certNode.getAttribute("type");
        /*
			 * KeyStore based resolver
			 */
        if (storeType.equalsIgnoreCase("keystore")) {
            resolverProvider = new KeyStoreCertificateStoreProvider(certNode.getAttribute("file"), certNode.getAttribute("filePass"), certNode.getAttribute("privKeyPass"));
        } else /*
			 * DNS resolver
			 */
        if (storeType.equalsIgnoreCase("dns")) {
            resolverProvider = new DNSCertStoreProvider(Collections.EMPTY_LIST, null, new DefaultCertStoreCachePolicy());
        } else /*
			 * Default to DNS with a default cache policy
			 */
        {
            resolverProvider = new DNSCertStoreProvider(Collections.EMPTY_LIST, null, new DefaultCertStoreCachePolicy());
        }
    }
    resolverProviders.add(resolverProvider);
}