You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/09/10 11:57:40 UTC
svn commit: r1521415 -
/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
Author: coheigea
Date: Tue Sep 10 09:57:40 2013
New Revision: 1521415
URL: http://svn.apache.org/r1521415
Log:
Always validate CertPath
Modified:
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java?rev=1521415&r1=1521414&r2=1521415&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java Tue Sep 10 09:57:40 2013
@@ -83,14 +83,15 @@ public class TrustedAuthorityValidator i
CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
CertPath certPath = builder.build(pkixParams).getCertPath();
- // Now validate the CertPath including CRL checking
+ // Now validate the CertPath (including CRL checking)
if (!crls.isEmpty()) {
pkixParams.setRevocationEnabled(true);
CertStoreParameters crlParams = new CollectionCertStoreParameters(crls);
pkixParams.addCertStore(CertStore.getInstance("Collection", crlParams));
- CertPathValidator validator = CertPathValidator.getInstance("PKIX");
- validator.validate(certPath, pkixParams);
}
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+ validator.validate(certPath, pkixParams);
} catch (InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
} catch (NoSuchAlgorithmException e) {