本文整理汇总了Java中org.bouncycastle.util.Selector类的典型用法代码示例。如果您正苦于以下问题:Java Selector类的具体用法?Java Selector怎么用?Java Selector使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
Selector类属于org.bouncycastle.util包,在下文中一共展示了Selector类的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Return a collection of entries matching the passed in selector.
*
* @param selector the selector to validate entries against.
* @return a possibly empty collection of matched entries.
* @throws StoreException in case of an underlying issue.
*/
public Collection getMatches(Selector selector)
throws StoreException
{
if (selector == null)
{
return entries.values();
}
List results = new ArrayList();
for (Iterator it = entries.values().iterator(); it.hasNext();)
{
Object next = it.next();
if (selector.match(next))
{
results.add(next);
}
}
return Collections.unmodifiableList(results);
}
示例2: setParams
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Method to support <code>clone()</code> under J2ME.
* <code>super.clone()</code> does not exist and fields are not copied.
*
* @param params Parameters to set. If this are
* <code>ExtendedPKIXParameters</code> they are copied to.
*/
protected void setParams(PKIXParameters params)
{
setDate(params.getDate());
setCertPathCheckers(params.getCertPathCheckers());
setCertStores(params.getCertStores());
setAnyPolicyInhibited(params.isAnyPolicyInhibited());
setExplicitPolicyRequired(params.isExplicitPolicyRequired());
setPolicyMappingInhibited(params.isPolicyMappingInhibited());
setRevocationEnabled(params.isRevocationEnabled());
setInitialPolicies(params.getInitialPolicies());
setPolicyQualifiersRejected(params.getPolicyQualifiersRejected());
setSigProvider(params.getSigProvider());
setTargetCertConstraints(params.getTargetCertConstraints());
try
{
setTrustAnchors(params.getTrustAnchors());
}
catch (Exception e)
{
// cannot happen
throw new RuntimeException(e.getMessage());
}
if (params instanceof ExtendedPKIXParameters)
{
ExtendedPKIXParameters _params = (ExtendedPKIXParameters) params;
validityModel = _params.validityModel;
useDeltas = _params.useDeltas;
additionalLocationsEnabled = _params.additionalLocationsEnabled;
selector = _params.selector == null ? null
: (Selector) _params.selector.clone();
stores = new ArrayList(_params.stores);
additionalStores = new ArrayList(_params.additionalStores);
trustedACIssuers = new HashSet(_params.trustedACIssuers);
prohibitedACAttributes = new HashSet(_params.prohibitedACAttributes);
necessaryACAttributes = new HashSet(_params.necessaryACAttributes);
attrCertCheckers = new HashSet(_params.attrCertCheckers);
}
}
示例3: engineGetMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Returns a collection of matching certificates from the LDAP location.
* <p/>
* The selector must be a of type <code>X509CertStoreSelector</code>. If
* it is not an empty collection is returned.
* <p/>
* The implementation searches only for CA certificates, if the method
* {@link java.security.cert.X509CertSelector#getBasicConstraints()} is
* greater or equal to 0. If it is -2 only end certificates are searched.
* <p/>
* The subject and the serial number for end certificates should be
* reasonable criterias for a selector.
*
* @param selector The selector to use for finding.
* @return A collection with the matches.
* @throws StoreException if an exception occurs while searching.
*/
public Collection engineGetMatches(Selector selector) throws StoreException
{
if (!(selector instanceof X509CertStoreSelector))
{
return Collections.EMPTY_SET;
}
X509CertStoreSelector xselector = (X509CertStoreSelector)selector;
Set set = new HashSet();
// test if only CA certificates should be selected
if (xselector.getBasicConstraints() > 0)
{
set.addAll(helper.getCACertificates(xselector));
set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
}
// only end certificates should be selected
else if (xselector.getBasicConstraints() == -2)
{
set.addAll(helper.getUserCertificates(xselector));
}
// nothing specified
else
{
set.addAll(helper.getUserCertificates(xselector));
set.addAll(helper.getCACertificates(xselector));
set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
}
return set;
}
示例4: engineGetMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Returns a collection of matching CRLs from the LDAP location.
* <p/>
* The selector must be a of type <code>X509CRLStoreSelector</code>. If
* it is not an empty collection is returned.
* <p/>
* The issuer should be a reasonable criteria for a selector.
*
* @param selector The selector to use for finding.
* @return A collection with the matches.
* @throws StoreException if an exception occurs while searching.
*/
public Collection engineGetMatches(Selector selector) throws StoreException
{
if (!(selector instanceof X509CRLStoreSelector))
{
return Collections.EMPTY_SET;
}
X509CRLStoreSelector xselector = (X509CRLStoreSelector)selector;
Set set = new HashSet();
// test only delta CRLs should be selected
if (xselector.isDeltaCRLIndicatorEnabled())
{
set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
}
// nothing specified
else
{
set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
set.addAll(helper.getAttributeAuthorityRevocationLists(xselector));
set
.addAll(helper
.getAttributeCertificateRevocationLists(xselector));
set.addAll(helper.getAuthorityRevocationLists(xselector));
set.addAll(helper.getCertificateRevocationLists(xselector));
}
return set;
}
示例5: engineGetMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Returns a collection of matching certificates from the LDAP location.
* <p>
* The selector must be a of type <code>X509CertStoreSelector</code>. If
* it is not an empty collection is returned.
* </p><p>
* The implementation searches only for CA certificates, if the method
* {@link java.security.cert.X509CertSelector#getBasicConstraints()} is
* greater or equal to 0. If it is -2 only end certificates are searched.
* </p><p>
* The subject and the serial number for end certificates should be
* reasonable criterias for a selector.
* </p>
* @param selector The selector to use for finding.
* @return A collection with the matches.
* @throws StoreException if an exception occurs while searching.
*/
public Collection engineGetMatches(Selector selector) throws StoreException
{
if (!(selector instanceof X509CertStoreSelector))
{
return Collections.EMPTY_SET;
}
X509CertStoreSelector xselector = (X509CertStoreSelector)selector;
Set set = new HashSet();
// test if only CA certificates should be selected
if (xselector.getBasicConstraints() > 0)
{
set.addAll(helper.getCACertificates(xselector));
set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
}
// only end certificates should be selected
else if (xselector.getBasicConstraints() == -2)
{
set.addAll(helper.getUserCertificates(xselector));
}
// nothing specified
else
{
set.addAll(helper.getUserCertificates(xselector));
set.addAll(helper.getCACertificates(xselector));
set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
}
return set;
}
示例6: engineGetMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Returns a collection of matching CRLs from the LDAP location.
* <p>
* The selector must be a of type <code>X509CRLStoreSelector</code>. If
* it is not an empty collection is returned.
* </p><p>
* The issuer should be a reasonable criteria for a selector.
* </p>
* @param selector The selector to use for finding.
* @return A collection with the matches.
* @throws StoreException if an exception occurs while searching.
*/
public Collection engineGetMatches(Selector selector) throws StoreException
{
if (!(selector instanceof X509CRLStoreSelector))
{
return Collections.EMPTY_SET;
}
X509CRLStoreSelector xselector = (X509CRLStoreSelector)selector;
Set set = new HashSet();
// test only delta CRLs should be selected
if (xselector.isDeltaCRLIndicatorEnabled())
{
set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
}
// nothing specified
else
{
set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
set.addAll(helper.getAttributeAuthorityRevocationLists(xselector));
set
.addAll(helper
.getAttributeCertificateRevocationLists(xselector));
set.addAll(helper.getAuthorityRevocationLists(xselector));
set.addAll(helper.getCertificateRevocationLists(xselector));
}
return set;
}
示例7: logCertificates
import org.bouncycastle.util.Selector; //导入依赖的package包/类
private void logCertificates(Store store, Selector selector) {
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> certificates = store.getMatches(selector);
LOG.debug("match size: " + certificates.size());
Iterator<X509CertificateHolder> certificatesIterator = certificates.iterator();
while (certificatesIterator.hasNext()) {
X509CertificateHolder certificateHolder = certificatesIterator.next();
LOG.debug("certificate issuer: " + certificateHolder.getIssuer());
LOG.debug("certificate subject: " + certificateHolder.getSubject());
}
}
示例8: getMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
public Collection getMatches(Selector selector)
{
return _spi.engineGetMatches(selector);
}
示例9: engineGetMatches
import org.bouncycastle.util.Selector; //导入依赖的package包/类
public Collection engineGetMatches(Selector selector)
{
return _store.getMatches(selector);
}
示例10: engineValidate
import org.bouncycastle.util.Selector; //导入依赖的package包/类
/**
* Validates an attribute certificate with the given certificate path.
*
* <p>
* <code>params</code> must be an instance of
* <code>ExtendedPKIXParameters</code>.
* <p>
* The target constraints in the <code>params</code> must be an
* <code>X509AttributeCertStoreSelector</code> with at least the attribute
* certificate criterion set. Obey that also target informations may be
* necessary to correctly validate this attribute certificate.
* <p>
* The attribute certificate issuer must be added to the trusted attribute
* issuers with {@link ExtendedPKIXParameters#setTrustedACIssuers(Set)}.
*
* @param certPath The certificate path which belongs to the attribute
* certificate issuer public key certificate.
* @param params The PKIX parameters.
* @return A <code>PKIXCertPathValidatorResult</code> of the result of
* validating the <code>certPath</code>.
* @throws InvalidAlgorithmParameterException if <code>params</code> is
* inappropriate for this validator.
* @throws CertPathValidatorException if the verification fails.
*/
public CertPathValidatorResult engineValidate(CertPath certPath,
CertPathParameters params) throws CertPathValidatorException,
InvalidAlgorithmParameterException
{
if (!(params instanceof ExtendedPKIXParameters))
{
throw new InvalidAlgorithmParameterException(
"Parameters must be a "
+ ExtendedPKIXParameters.class.getName() + " instance.");
}
ExtendedPKIXParameters pkixParams = (ExtendedPKIXParameters) params;
Selector certSelect = pkixParams.getTargetConstraints();
if (!(certSelect instanceof X509AttributeCertStoreSelector))
{
throw new InvalidAlgorithmParameterException(
"TargetConstraints must be an instance of "
+ X509AttributeCertStoreSelector.class.getName() + " for "
+ this.getClass().getName() + " class.");
}
X509AttributeCertificate attrCert = ((X509AttributeCertStoreSelector) certSelect)
.getAttributeCert();
CertPath holderCertPath = RFC3281CertPathUtilities.processAttrCert1(attrCert, pkixParams);
CertPathValidatorResult result = RFC3281CertPathUtilities.processAttrCert2(certPath, pkixParams);
X509Certificate issuerCert = (X509Certificate) certPath
.getCertificates().get(0);
RFC3281CertPathUtilities.processAttrCert3(issuerCert, pkixParams);
RFC3281CertPathUtilities.processAttrCert4(issuerCert, pkixParams);
RFC3281CertPathUtilities.processAttrCert5(attrCert, pkixParams);
// 6 already done in X509AttributeCertStoreSelector
RFC3281CertPathUtilities.processAttrCert7(attrCert, certPath, holderCertPath, pkixParams);
RFC3281CertPathUtilities.additionalChecks(attrCert, pkixParams);
Date date = null;
try
{
date = CertPathValidatorUtilities
.getValidCertDateFromValidityModel(pkixParams, null, -1);
}
catch (AnnotatedException e)
{
throw new ExtCertPathValidatorException(
"Could not get validity date from attribute certificate.", e);
}
RFC3281CertPathUtilities.checkCRLs(attrCert, pkixParams, issuerCert, date, certPath.getCertificates());
return result;
}