cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1521418 - /cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
Date Tue, 10 Sep 2013 10:04:17 GMT
Author: coheigea
Date: Tue Sep 10 10:04:16 2013
New Revision: 1521418

URL: http://svn.apache.org/r1521418
Log:
Merged revisions 1521415 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1521415 | coheigea | 2013-09-10 10:57:40 +0100 (Tue, 10 Sep 2013) | 2 lines

  Always validate CertPath

........

Modified:
    cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java

Modified: cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java?rev=1521418&r1=1521417&r2=1521418&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
(original)
+++ cxf/branches/2.7.x-fixes/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
Tue Sep 10 10:04:16 2013
@@ -83,14 +83,15 @@ public class TrustedAuthorityValidator i
             CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
             CertPath certPath = builder.build(pkixParams).getCertPath();
             
-            // Now validate the CertPath including CRL checking
+            // Now validate the CertPath (including CRL checking)
             if (!crls.isEmpty()) {
                 pkixParams.setRevocationEnabled(true);
                 CertStoreParameters crlParams = new CollectionCertStoreParameters(crls);
                 pkixParams.addCertStore(CertStore.getInstance("Collection", crlParams));
-                CertPathValidator validator = CertPathValidator.getInstance("PKIX");
-                validator.validate(certPath, pkixParams);
             }
+            
+            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+            validator.validate(certPath, pkixParams);
         } catch (InvalidAlgorithmParameterException e) {
             throw new RuntimeException(e);
         } catch (NoSuchAlgorithmException e) {



Mime
View raw message