Iterator i = certStore.getCertificates(filter).iterator(); if (i.hasNext()) { responderCert = (X509Certificate) i.next();
public static Collection<? extends Certificate> getCertificates(final PKIXCertStoreSelector selector, CertStore certStore) throws CertStoreException { return certStore.getCertificates(new CertSelector() { public boolean match(Certificate certificate) { return (selector == null) ? true : selector.match(certificate); } public Object clone() { return this; } }); } }
public static Collection<? extends Certificate> getCertificates(final PKIXCertStoreSelector selector, CertStore certStore) throws CertStoreException { return certStore.getCertificates(new SelectorClone(selector)); }
public static Collection<? extends Certificate> getCertificates(final PKIXCertStoreSelector selector, CertStore certStore) throws CertStoreException { return certStore.getCertificates(new SelectorClone(selector)); }
/** * Finds the certificate of the SCEP message object recipient. * * @param store * the certificate store to inspect. * @return the recipient's certificate. * @throws CertStoreException * if the CertStore cannot be inspected */ X509Certificate selectCertificate(final CertStore store, final Collection<X509CertSelector> selectors) throws CertStoreException { for (CertSelector selector : selectors) { LOGGER.debug("Selecting certificate using {}", selector); Collection<? extends Certificate> certs = store .getCertificates(selector); if (certs.size() > 0) { LOGGER.debug("Selected {} certificate(s) using {}", certs.size(), selector); return (X509Certificate) certs.iterator().next(); } else { LOGGER.debug("No certificates selected"); } } return (X509Certificate) store.getCertificates(null).iterator().next(); }
/** * Returns the CertStore that was the outcome of this transaction. * <p> * If the state of this transaction is not {@link State#CERT_ISSUED}, * this method will throw an {@link IllegalStateException}. * * @return the certificate store. * @throws IOException * @throws IllegalStateException */ public List<X509Certificate> getIssuedCertificates() throws IOException { if (state != State.CERT_ISSUED) { throw new IllegalStateException(); } try { return getCertificates(certStore.getCertificates(null)); } catch (CertStoreException e) { throw new IOException(e); } }
public Collection engineGetCertificates(CertSelector certSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection certs = store.getCertificates(certSelector); if (searchAllStores) { allCerts.addAll(certs); } else if (!certs.isEmpty()) { return certs; } } return allCerts; }
public Collection engineGetCertificates(CertSelector certSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection certs = store.getCertificates(certSelector); if (searchAllStores) { allCerts.addAll(certs); } else if (!certs.isEmpty()) { return certs; } } return allCerts; }
public Collection engineGetCertificates(CertSelector certSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection certs = store.getCertificates(certSelector); if (searchAllStores) { allCerts.addAll(certs); } else if (!certs.isEmpty()) { return certs; } } return allCerts; }
public Collection engineGetCertificates(CertSelector certSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection certs = store.getCertificates(certSelector); if (searchAllStores) { allCerts.addAll(certs); } else if (!certs.isEmpty()) { return certs; } } return allCerts; }
private static X509Certificate selectIssuerCertificate(CertStore store) { X509CertSelector signingSelector = new X509CertSelector(); boolean[] keyUsage = new boolean[9]; signingSelector.setKeyUsage(keyUsage); signingSelector.setBasicConstraints(0); X509Certificate issuer; try { LOGGER.debug("Selecting certificate with basicConstraints"); Collection<? extends Certificate> certs = store.getCertificates(signingSelector); if (certs.size() > 0) { issuer = (X509Certificate) certs.iterator().next(); } else { throw new RuntimeException("No suitable certificate for verification"); } } catch (CertStoreException e) { throw new RuntimeException(e); } return issuer; }
private static X509Certificate selectMessageVerifier(CertStore store) { X509CertSelector signingSelector = new X509CertSelector(); boolean[] keyUsage = new boolean[9]; keyUsage[DIGITAL_SIGNATURE] = true; signingSelector.setKeyUsage(keyUsage); try { LOGGER.debug("Selecting certificate with digitalSignature keyUsage"); Collection<? extends Certificate> certs = store.getCertificates(signingSelector); if (certs.size() > 0) { return (X509Certificate) certs.iterator().next(); } else { LOGGER.debug("No certificates found. Falling back to CA certificate"); keyUsage = new boolean[9]; signingSelector.setKeyUsage(keyUsage); signingSelector.setBasicConstraints(0); certs = store.getCertificates(signingSelector); if (certs.size() > 0) { return (X509Certificate) certs.iterator().next(); } else { throw new RuntimeException("No suitable certificate for verification"); } } } catch (CertStoreException e) { throw new RuntimeException(e); } }
public static X509CertificateTuple createTuple(CertStore store) { if (cache.containsKey(store)) { LOGGER.debug("{} has already been inspected, retrieving result from cache.", store); return cache.get(store); } else if (!cache.isEmpty()) { LOGGER.debug("Cache missed, so clearing"); cache.clear(); } try { Collection<? extends Certificate> certs = store.getCertificates(null); LOGGER.debug("CertStore contains {} certificate(s):", certs.size()); int i = 0; for (Certificate cert : certs) { X509Certificate x509 = (X509Certificate) cert; LOGGER.debug("{}. '{}'", ++i, x509.getSubjectDN()); } } catch (CertStoreException e) { throw new RuntimeException(e); } X509Certificate encryption = selectEncryptionCertificate(store); LOGGER.debug("Using {} for message encryption", encryption.getSubjectDN()); X509Certificate signing = selectMessageVerifier(store); LOGGER.debug("Using {} for message verification", signing.getSubjectDN()); X509Certificate issuer = selectIssuerCertificate(store); LOGGER.debug("Using {} for issuer", signing.getSubjectDN()); X509CertificateTuple tuple = new X509CertificateTuple(signing, encryption, issuer); cache.put(store, tuple); return tuple; }
private void inspect() throws CertStoreException { Collection<? extends Certificate> certs = store.getCertificates(null); LOGGER.debug("CertStore contains {} certificate(s):", certs.size()); int i = 0; for (Certificate cert : certs) { X509Certificate x509 = (X509Certificate) cert; LOGGER.debug("{}. '[dn={}; serial={}]'", new Object[] { ++i, x509.getSubjectDN(), x509.getSerialNumber() }); } LOGGER.debug("Looking for recipient entity"); recipient = selectCertificate(store, getRecipientSelectors()); LOGGER.debug("Using [dn={}; serial={}] for recipient entity", recipient.getSubjectDN(), recipient.getSerialNumber()); LOGGER.debug("Looking for message signing entity"); signer = selectCertificate(store, getSignerSelectors()); LOGGER.debug("Using [dn={}; serial={}] for message signing entity", signer.getSubjectDN(), signer.getSerialNumber()); LOGGER.debug("Looking for issuing entity"); issuer = selectCertificate(store, getIssuerSelectors(recipient.getIssuerX500Principal().getEncoded())); LOGGER.debug("Using [dn={}; serial={}] for issuing entity", issuer.getSubjectDN(), issuer.getSerialNumber()); }
CMSSignedData s = new CMSSignedData(signedBytes); CertStore certs = s.getCertificatesAndCRLs("Collection", "BC"); SignerInformationStore signers = s.getSignerInfos(); boolean verified = false; for (Iterator i = signers.getSigners().iterator(); i.hasNext(); ) { SignerInformation signer = (SignerInformation) i.next(); Collection<? extends Certificate> certCollection = certs.getCertificates(signer.getSID()); if (!certCollection.isEmpty()) { X509Certificate cert = (X509Certificate) certCollection.iterator().next(); if (signer.verify(cert.getPublicKey(), "BC")) { verified = true; } } } CMSProcessable signedContent = s.getSignedContent() ; byte[] originalContent = (byte[]) signedContent.getContent();
static List getCertificatesFromStore(CertStore certStore) throws CertStoreException, CMSException { List certs = new ArrayList(); try { for (Iterator it = certStore.getCertificates(null).iterator(); it.hasNext();) { X509Certificate c = (X509Certificate)it.next(); certs.add(Certificate.getInstance(ASN1Primitive.fromByteArray(c.getEncoded()))); } return certs; } catch (IllegalArgumentException e) { throw new CMSException("error processing certs", e); } catch (IOException e) { throw new CMSException("error processing certs", e); } catch (CertificateEncodingException e) { throw new CMSException("error encoding certs", e); } }
static List getCertificatesFromStore(CertStore certStore) throws CertStoreException, CMSException { List certs = new ArrayList(); try { for (Iterator it = certStore.getCertificates(null).iterator(); it.hasNext();) { X509Certificate c = (X509Certificate)it.next(); certs.add(Certificate.getInstance(ASN1Primitive.fromByteArray(c.getEncoded()))); } return certs; } catch (IllegalArgumentException e) { throw new CMSException("error processing certs", e); } catch (IOException e) { throw new CMSException("error processing certs", e); } catch (CertificateEncodingException e) { throw new CMSException("error encoding certs", e); } }
/** * Retrieves the certificate with the provided serial number as issued by the * server CA. * * @return the certificate. * @throws IOException if any I/O error occurs. * @throws PKIOperationFailureException if the transaction is rejected. */ public List<X509Certificate> getCertificate(BigInteger serial) throws IOException, PKIOperationFailureException { X509Certificate ca = issuerCertificate; final GetCert req = new GetCert(ca.getIssuerX500Principal(), serial); performOperation(req); if (getState() == State.CERT_ISSUED) { try { return getCertificates(certStore.getCertificates(null)); } catch (CertStoreException e) { throw new RuntimeException(e); } } else if (getState() == State.CERT_REQ_PENDING) { throw new IllegalStateException(); } else { throw new PKIOperationFailureException(getFailureReason()); } }
"Collection", BouncyCastleProvider.PROVIDER_NAME); Collection<? extends Certificate> certificates = certStore .getCertificates(null); X509Certificate tsaCertificate = null; for (Certificate certificate : certificates) {
Collection<X509Certificate> certs = (Collection<X509Certificate>) t.getCertStore().getCertificates(null); return new ArrayList<X509Certificate>(certs); } catch (CertStoreException e) {