Java XKMSClientCache Examples

Programming Language: Java

Namespace/Package Name: org.apache.cxf.xkms.cache

Class/Type: XKMSClientCache

Examples at hotexamples.com: 3

Java XKMSClientCache - 3 examples found. These are the top rated real world Java examples of org.apache.cxf.xkms.cache.XKMSClientCache extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

get(2)

put(1)

Example #1

Show file

File: XkmsCryptoProvider.java Project: Evolveum/cxf

  private X509Certificate[] checkX509Cache(String key) {
    if (xkmsClientCache == null) {
      return null;
    }

    XKMSCacheToken cachedToken = xkmsClientCache.get(key);
    if (cachedToken != null && cachedToken.getX509Certificate() != null) {
      return new X509Certificate[] {cachedToken.getX509Certificate()};
    } else {
      return null;
    }
  }

Example #2

Show file

File: XkmsCryptoProvider.java Project: Evolveum/cxf

  @Override
  public void verifyTrust(
      X509Certificate[] certs,
      boolean enableRevocation,
      Collection<Pattern> subjectCertConstraints,
      Collection<Pattern> issuerCertConstraints)
      throws WSSecurityException {
    if (certs != null) {
      LOG.fine(String.format("Verifying certificate id: %s", certs[0].getSubjectDN()));
    }

    XKMSCacheToken cachedToken = null;
    // Try local cache first
    if (certs != null && certs.length > 0 && xkmsClientCache != null) {
      String key = certs[0].getSubjectX500Principal().getName();
      // Try by Subject DN and IssuerSerial
      cachedToken = xkmsClientCache.get(key);
      if (cachedToken == null) {
        key =
            getKeyForIssuerSerial(
                certs[0].getIssuerX500Principal().getName(), certs[0].getSerialNumber());
        cachedToken = xkmsClientCache.get(key);
      }
      if (cachedToken != null && cachedToken.isXkmsValidated()) {
        LOG.fine("Certificate has already been validated by the XKMS service");
        return;
      }
    }
    if (certs == null || certs[0] == null || !xkmsInvoker.validateCertificate(certs[0])) {
      throw new CryptoProviderException("The given certificate is not valid");
    }

    // Validate Cached token
    if (cachedToken != null) {
      cachedToken.setXkmsValidated(true);
    }

    // Otherwise, Store in the cache as a validated certificate
    storeCertificateInCache(certs[0], null, true);
  }

Example #3

Show file

File: XkmsCryptoProvider.java Project: Evolveum/cxf

 private void storeCertificateInCache(X509Certificate certificate, String key, boolean validated) {
   // Store in the cache
   if (certificate != null && xkmsClientCache != null) {
     XKMSCacheToken cacheToken = new XKMSCacheToken(certificate);
     cacheToken.setXkmsValidated(validated);
     // Store using a custom key (if any)
     if (key != null) {
       xkmsClientCache.put(key, cacheToken);
     }
     // Store it using IssuerSerial as well
     String issuerSerialKey =
         getKeyForIssuerSerial(
             certificate.getIssuerX500Principal().getName(), certificate.getSerialNumber());
     if (!issuerSerialKey.equals(key)) {
       xkmsClientCache.put(issuerSerialKey, cacheToken);
     }
     // Store it using the Subject DN as well
     String subjectDNKey = certificate.getSubjectX500Principal().getName();
     if (!subjectDNKey.equals(key)) {
       xkmsClientCache.put(subjectDNKey, cacheToken);
     }
   }
 }