nbi.xmlsec
Class PEPClientKeySelector
java.lang.Object
javax.xml.crypto.KeySelector
nbi.xmlsec.PEPClientKeySelector
- public class PEPClientKeySelector
- extends KeySelector
Implements the KeySelector
interface for
the DOMValidateContext
in the method
PEPClient.validateSignature(InputStream)
.
Currently, this implementation supports only validation of
X509Certificates
as
KeyInfo Content objects
.
- Since:
- Version:
- $Revision: 1.6 $
- Author:
- Lutz Suhrbier
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
logger
static Logger logger
PEPClientKeySelector
public PEPClientKeySelector()
- Default constructor.
select
public KeySelectorResult select(KeyInfo keyInfo,
KeySelector.Purpose purpose,
AlgorithmMethod method,
XMLCryptoContext context)
throws KeySelectorException
- Selects and validates the first
X509Certificates
from the list
of KeyInfo Content objects
.
- Returns:
- The public key from the certificate.
- Throws:
KeySelectorException
- Signals any error during certificate validation.- See Also:
KeySelector.select(javax.xml.crypto.dsig.keyinfo.KeyInfo,
javax.xml.crypto.KeySelector.Purpose,
javax.xml.crypto.AlgorithmMethod, javax.xml.crypto.XMLCryptoContext)
validateCertificate
private void validateCertificate(X509Certificate cert)
throws NoSuchAlgorithmException,
CertificateException,
IOException,
KeyStoreException,
CertPathValidatorException,
InvalidAlgorithmParameterException,
CertPathBuilderException
- Validates an
X509Certificate
.
The validation comprises a validity check and the certification path. The
validation takes places according to the default PKIX validation process.
It uses the default (SSL)trust store defined in the system properties
"javax.net.ssl.trustStore" and "javax.net.ssl.trustStorePassword".
- Parameters:
cert
- The X509Certificate
to validate.
- Throws:
NoSuchAlgorithmException
CertificateException
IOException
KeyStoreException
CertPathValidatorException
InvalidAlgorithmParameterException
CertPathBuilderException
Copyright © 2006 Lutz Suhrbier, Freie Universität Berlin. All Rights Reserved.