Class TrustedCertPathFinder


  • public final class TrustedCertPathFinder
    extends java.lang.Object
    Created by IntelliJ IDEA. User: turtlebender Date: Jan 20, 2010 Time: 4:51:38 PM To change this template use File | Settings | File Templates.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private static org.apache.commons.logging.Log logger  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      private static java.security.cert.X509Certificate checkCertificate​(java.util.List<java.security.cert.X509Certificate> trustedCertPath, java.security.cert.X509Certificate x509Certificate, java.security.cert.Certificate issuerCertificate)  
      static java.security.cert.CertPath findTrustedCertPath​(java.security.KeyStore keyStore, java.security.cert.CertPath certPath)
      Method that validates the provided cert path to find a trusted certificate in the certificate store.
      private static java.security.cert.CertPath isTrustedCert​(java.security.KeyStore keyStore, java.security.cert.X509Certificate x509Certificate, java.util.List<java.security.cert.X509Certificate> trustedCertPath)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        private static org.apache.commons.logging.Log logger
    • Constructor Detail

      • TrustedCertPathFinder

        private TrustedCertPathFinder()
    • Method Detail

      • isTrustedCert

        private static java.security.cert.CertPath isTrustedCert​(java.security.KeyStore keyStore,
                                                                 java.security.cert.X509Certificate x509Certificate,
                                                                 java.util.List<java.security.cert.X509Certificate> trustedCertPath)
                                                          throws java.security.cert.CertPathValidatorException
        Throws:
        java.security.cert.CertPathValidatorException
      • findTrustedCertPath

        public static java.security.cert.CertPath findTrustedCertPath​(java.security.KeyStore keyStore,
                                                                      java.security.cert.CertPath certPath)
                                                               throws java.security.cert.CertPathValidatorException
        Method that validates the provided cert path to find a trusted certificate in the certificate store.

        For each certificate i in certPath, it is expected that the i+1 certificate is the issuer of the certificate path. See CertPath.

        For each certificate i in certpath, validate signature of certificate i get issuer of certificate i get certificate i+i ensure that the certificate i+1 is issuer of certificate i If not, throw an exception for illegal argument validate signature of i+1 Throw exception if it does not validate check if i+1 is a trusted certificate in the trust store. If so return certpath until i+1 If not, continue; If all certificates in the certpath have been checked and none exisits in trust store, check if trust store has certificate of issuer of last certificate in CertPath. If so, return certPath + trusted certificate from trust store If not, throw an exception for lack of valid trust root.

        Parameters:
        keyStore - The key store containing CA trust root certificates
        certPath - The certpath from which to extract a valid cert path to a trusted certificate.
        Returns:
        The valid CertPath.
        Throws:
        java.security.cert.CertPathValidatorException - If the CertPath is invalid.
      • checkCertificate

        private static java.security.cert.X509Certificate checkCertificate​(java.util.List<java.security.cert.X509Certificate> trustedCertPath,
                                                                           java.security.cert.X509Certificate x509Certificate,
                                                                           java.security.cert.Certificate issuerCertificate)
                                                                    throws java.security.cert.CertPathValidatorException
        Throws:
        java.security.cert.CertPathValidatorException