use of com.github.zhenwei.provider.x509.X509CertStoreSelector in project robovm by robovm.
the class PKIXCertPathBuilderSpi method engineBuild.
/**
* Build and validate a CertPath using the given parameter.
*
* @param params PKIXBuilderParameters object containing all information to
* build the CertPath
*/
public CertPathBuilderResult engineBuild(CertPathParameters params) throws CertPathBuilderException, InvalidAlgorithmParameterException {
if (!(params instanceof PKIXBuilderParameters) && !(params instanceof ExtendedPKIXBuilderParameters)) {
throw new InvalidAlgorithmParameterException("Parameters must be an instance of " + PKIXBuilderParameters.class.getName() + " or " + ExtendedPKIXBuilderParameters.class.getName() + ".");
}
ExtendedPKIXBuilderParameters pkixParams = null;
if (params instanceof ExtendedPKIXBuilderParameters) {
pkixParams = (ExtendedPKIXBuilderParameters) params;
} else {
pkixParams = (ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters.getInstance((PKIXBuilderParameters) params);
}
Collection targets;
Iterator targetIter;
List certPathList = new ArrayList();
X509Certificate cert;
// search target certificates
Selector certSelect = pkixParams.getTargetConstraints();
if (!(certSelect instanceof X509CertStoreSelector)) {
throw new CertPathBuilderException("TargetConstraints must be an instance of " + X509CertStoreSelector.class.getName() + " for " + this.getClass().getName() + " class.");
}
try {
targets = CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getStores());
targets.addAll(CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getCertStores()));
} catch (AnnotatedException e) {
throw new ExtCertPathBuilderException("Error finding target certificate.", e);
}
if (targets.isEmpty()) {
throw new CertPathBuilderException("No certificate found matching targetContraints.");
}
CertPathBuilderResult result = null;
// check all potential target certificates
targetIter = targets.iterator();
while (targetIter.hasNext() && result == null) {
cert = (X509Certificate) targetIter.next();
result = build(cert, pkixParams, certPathList);
}
if (result == null && certPathException != null) {
if (certPathException instanceof AnnotatedException) {
throw new CertPathBuilderException(certPathException.getMessage(), certPathException.getCause());
}
throw new CertPathBuilderException("Possible certificate chain could not be validated.", certPathException);
}
if (result == null && certPathException == null) {
throw new CertPathBuilderException("Unable to find certificate chain.");
}
return result;
}
use of com.github.zhenwei.provider.x509.X509CertStoreSelector in project LinLong-Java by zhenwei1108.
the class LDAPStoreHelper method getUserCertificates.
/**
* Returns end certificates.
* <p>
* The attributeDescriptorCertificate is self signed by a source of authority and holds a
* description of the privilege and its delegation rules.
*
* @param selector The selector to find the certificates.
* @return A possible empty collection with certificates.
* @throws StoreException
*/
public Collection getUserCertificates(X509CertStoreSelector selector) throws StoreException {
String[] attrs = splitString(params.getUserCertificateAttribute());
String[] attrNames = splitString(params.getLdapUserCertificateAttributeName());
String[] subjectAttributeNames = splitString(params.getUserCertificateSubjectAttributeName());
List list = certSubjectSerialSearch(selector, attrs, attrNames, subjectAttributeNames);
Set resultSet = createCerts(list, selector);
if (resultSet.size() == 0) {
X509CertStoreSelector emptySelector = new X509CertStoreSelector();
list = certSubjectSerialSearch(emptySelector, attrs, attrNames, subjectAttributeNames);
resultSet.addAll(createCerts(list, selector));
}
return resultSet;
}
use of com.github.zhenwei.provider.x509.X509CertStoreSelector in project LinLong-Java by zhenwei1108.
the class X509StoreLDAPCerts method getCertificatesFromCrossCertificatePairs.
private Collection getCertificatesFromCrossCertificatePairs(X509CertStoreSelector xselector) throws StoreException {
Set set = new HashSet();
X509CertPairStoreSelector ps = new X509CertPairStoreSelector();
ps.setForwardSelector(xselector);
ps.setReverseSelector(new X509CertStoreSelector());
Set crossCerts = new HashSet(helper.getCrossCertificatePairs(ps));
Set forward = new HashSet();
Set reverse = new HashSet();
Iterator it = crossCerts.iterator();
while (it.hasNext()) {
X509CertificatePair pair = (X509CertificatePair) it.next();
if (pair.getForward() != null) {
forward.add(pair.getForward());
}
if (pair.getReverse() != null) {
reverse.add(pair.getReverse());
}
}
set.addAll(forward);
set.addAll(reverse);
return set;
}
Aggregations