X509TrustManager build() throws NoSuchAlgorithmException, KeyStoreException, ConfigXMLParseException { final String algorithm = this.algorithm != null ? this.algorithm : TrustManagerFactory.getDefaultAlgorithm(); Provider provider = findProvider(providers, providerName, TrustManagerFactory.class, algorithm); if (provider == null) { throw xmlLog.xmlUnableToIdentifyProvider(xmlLocation, providerName, "TrustManagerFactory", algorithm); } final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(algorithm, provider); if (crl) { return new X509CRLExtendedTrustManager(trustStore, trustManagerFactory, crlStream, maxCertPath, null); } else { trustManagerFactory.init(trustStore); } for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { return (X509TrustManager) trustManager; } } throw ElytronMessages.log.noDefaultTrustManager(); } }
CertStoreParameters csp = new CollectionCertStoreParameters(getCRLs(crlStream)); CertStore store = CertStore.getInstance("Collection", csp); params.addCertStore(store);
X509TrustManager build() throws NoSuchAlgorithmException, KeyStoreException, ConfigXMLParseException { final String algorithm = this.algorithm != null ? this.algorithm : TrustManagerFactory.getDefaultAlgorithm(); Provider provider = findProvider(providers, providerName, TrustManagerFactory.class, algorithm); if (provider == null) { throw xmlLog.xmlUnableToIdentifyProvider(xmlLocation, providerName, "TrustManagerFactory", algorithm); } final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(algorithm, provider); if (crl) { return new X509CRLExtendedTrustManager(trustStore, trustManagerFactory, crlStream, maxCertPath, null); } else { trustManagerFactory.init(trustStore); } for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { return (X509TrustManager) trustManager; } } throw ElytronMessages.log.noDefaultTrustManager(); } }
CertStoreParameters csp = new CollectionCertStoreParameters(getCRLs(crlStream)); CertStore store = CertStore.getInstance("Collection", csp); params.addCertStore(store);
X509TrustManager build() throws NoSuchAlgorithmException, KeyStoreException, ConfigXMLParseException { final String algorithm = this.algorithm != null ? this.algorithm : TrustManagerFactory.getDefaultAlgorithm(); Provider provider = findProvider(providers, providerName, TrustManagerFactory.class, algorithm); if (provider == null) { throw xmlLog.xmlUnableToIdentifyProvider(xmlLocation, providerName, "TrustManagerFactory", algorithm); } final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(algorithm, provider); if (crl) { return new X509CRLExtendedTrustManager(trustStore, trustManagerFactory, crlStream, maxCertPath, null); } else { trustManagerFactory.init(trustStore); } for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { return (X509TrustManager) trustManager; } } throw ElytronMessages.log.noDefaultTrustManager(); } }
CertStoreParameters csp = new CollectionCertStoreParameters(getCRLs(crlStream)); CertStore store = CertStore.getInstance("Collection", csp); params.addCertStore(store);
X509TrustManager build() throws NoSuchAlgorithmException, KeyStoreException, ConfigXMLParseException { final String algorithm = this.algorithm != null ? this.algorithm : TrustManagerFactory.getDefaultAlgorithm(); Provider provider = findProvider(providers, providerName, TrustManagerFactory.class, algorithm); if (provider == null) { throw xmlLog.xmlUnableToIdentifyProvider(xmlLocation, providerName, "TrustManagerFactory", algorithm); } final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(algorithm, provider); if (crl) { return new X509CRLExtendedTrustManager(trustStore, trustManagerFactory, crlStream, maxCertPath, null); } else { trustManagerFactory.init(trustStore); } for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { return (X509TrustManager) trustManager; } } throw ElytronMessages.log.noDefaultTrustManager(); } }
CertStoreParameters csp = new CollectionCertStoreParameters(getCRLs(crlStream)); CertStore store = CertStore.getInstance("Collection", csp); params.addCertStore(store);
private ValueSupplier<TrustManager> createX509CRLExtendedTrustManager(ServiceBuilder<TrustManager> serviceBuilder, OperationContext context, String algorithm, String providerName, InjectedValue<Provider[]> providersInjector, InjectedValue<KeyStore> keyStoreInjector, ModelNode crlNode) throws OperationFailedException { String crlPath = PATH.resolveModelAttribute(context, crlNode).asStringOrNull(); String crlRelativeTo = RELATIVE_TO.resolveModelAttribute(context, crlNode).asStringOrNull(); int certPath = MAXIMUM_CERT_PATH.resolveModelAttribute(context, crlNode).asInt(); final InjectedValue<PathManager> pathManagerInjector = new InjectedValue<>(); if (crlPath != null) { if (crlRelativeTo != null) { serviceBuilder.addDependency(PathManagerService.SERVICE_NAME, PathManager.class, pathManagerInjector); serviceBuilder.requires(pathName(crlRelativeTo)); } } return () -> { TrustManagerFactory trustManagerFactory = createTrustManagerFactory(providersInjector.getOptionalValue(), providerName, algorithm); KeyStore keyStore = keyStoreInjector.getOptionalValue(); if (crlPath != null) { try { X509CRLExtendedTrustManager trustManager = new X509CRLExtendedTrustManager(keyStore, trustManagerFactory, new FileInputStream(resolveFileLocation(crlPath, crlRelativeTo, pathManagerInjector)), certPath, null); return createReloadableX509CRLTrustManager(crlPath, crlRelativeTo, certPath, pathManagerInjector, trustManagerFactory, keyStore, trustManager); } catch (FileNotFoundException e) { throw ElytronSubsystemMessages.ROOT_LOGGER.unableToAccessCRL(e); } } return new X509CRLExtendedTrustManager(keyStore, trustManagerFactory, null, certPath, null); }; }