Beispiel #1
0
  private X509Certificate[] getX509(CryptoType cryptoType) {
    // Try to get X509 certificate from local keystore if it is configured
    if (allowX509FromJKS && fallbackCrypto != null) {
      X509Certificate[] localCerts = getCertificateLocaly(cryptoType);
      if (localCerts != null && localCerts.length > 0) {
        return localCerts;
      }
    }
    CryptoType.TYPE type = cryptoType.getType();
    if (type == TYPE.SUBJECT_DN) {
      return getX509FromXKMSByID(Applications.PKIX, cryptoType.getSubjectDN());
    } else if (type == TYPE.ENDPOINT) {
      return getX509FromXKMSByEndpoint(cryptoType.getEndpoint());
    } else if (type == TYPE.ALIAS) {
      Applications appId = null;
      boolean isServiceName = isServiceName(cryptoType);
      if (!isServiceName) {
        appId = Applications.PKIX;
      } else {
        appId = Applications.SERVICE_NAME;
      }
      return getX509FromXKMSByID(appId, cryptoType.getAlias());

    } else if (type == TYPE.ISSUER_SERIAL) {
      return getX509FromXKMSByIssuerSerial(cryptoType.getIssuer(), cryptoType.getSerial());
    }
    throw new IllegalArgumentException("Unsupported type " + type);
  }
Beispiel #2
0
 @Override
 public X509Certificate[] getX509Certificates(CryptoType cryptoType) throws WSSecurityException {
   if (LOG.isLoggable(Level.INFO)) {
     LOG.info(
         String.format(
             "XKMS Runtime: getting public certificate for alias: %s; issuer: %s; subjectDN: %s",
             cryptoType.getAlias(), cryptoType.getIssuer(), cryptoType.getSubjectDN()));
   }
   X509Certificate[] certs = getX509(cryptoType);
   if (certs == null) {
     LOG.warning(
         String.format(
             "Cannot find certificate for alias: %s, issuer: %s; subjectDN: %s",
             cryptoType.getAlias(), cryptoType.getIssuer(), cryptoType.getSubjectDN()));
   }
   return certs;
 }