Java CertStore.getCertificates方法代码示例

import java.security.cert.CertStore; //导入方法依赖的package包/类
public Collection engineGetCertificates(CertSelector certSelector)
    throws CertStoreException
{
    boolean searchAllStores = params.getSearchAllStores();
    Iterator iter = params.getCertStores().iterator();
    List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST;

    while (iter.hasNext())
    {
        CertStore store = (CertStore)iter.next();
        Collection certs = store.getCertificates(certSelector);

        if (searchAllStores)
        {
            allCerts.addAll(certs);
        }
        else if (!certs.isEmpty())
        {
            return certs;
        }
    }

    return allCerts;
}
 

import java.security.cert.CertStore; //导入方法依赖的package包/类
public static Collection<? extends Certificate> getCertificates(final PKIXCertStoreSelector selector, CertStore certStore)
    throws CertStoreException
{
    return certStore.getCertificates(new CertSelector()
    {
        public boolean match(Certificate certificate)
        {
            return (selector == null) ? true : selector.match(certificate);
        }

        public Object clone()
        {
            return this;
        }
    });
}
 

import java.security.cert.CertStore; //导入方法依赖的package包/类
@SuppressWarnings({ "unchecked", "resource" })
private List<DadesCertificat> obtenirDadesCertificatNoPdf(
		byte[] signatura) throws Exception {
	X509Certificate[] certificats = null;
	byte[] pkcs7Bytes = signatura;
	ASN1InputStream asn1is = new ASN1InputStream(new ByteArrayInputStream(pkcs7Bytes));
	ContentInfo pkcs7Info = ContentInfo.getInstance(asn1is.readObject());
	SignedData signedData = SignedData.getInstance(pkcs7Info.getContent());
	ASN1Set signerInfos = signedData.getSignerInfos();
	int numSignatures = signerInfos.size();
	if (numSignatures > 0) {
		afegirProveidorBouncyCastle();
		CMSSignedData cmsSignedData = new CMSSignedData(pkcs7Bytes);
		SignerInformationStore signers = cmsSignedData.getSignerInfos();
		CertStore certStore = cmsSignedData.getCertificatesAndCRLs("Collection", "BC");
		List<X509Certificate> certs = new ArrayList<X509Certificate>();
		for (SignerInformation signer: (Collection<SignerInformation>)signers.getSigners()) {
			for (Certificate cert: certStore.getCertificates(signer.getSID())) {
				if (cert instanceof X509Certificate)
					certs.add((X509Certificate)cert);
			}
		}
		certificats = certs.toArray(new X509Certificate[certs.size()]);
		if (certificats.length != 1)
			throw new SignaturaPluginException("Aquesta signatura conté més d'un certificat");
		//resposta.setInfoCertificat(getInfoCertificat(certificats[0]));
		List<DadesCertificat> dadesCertificats = new ArrayList<DadesCertificat>();
		dadesCertificats.add(getDadesCertificat(certificats[0]));
		return dadesCertificats;
	}
	return null;
}
 

import java.security.cert.CertStore; //导入方法依赖的package包/类
@org.junit.Test
public void testGetSKIBytesFromCert() throws Exception {
    File f = null;
    if (BASEDIR != null && !"".equals(BASEDIR)) {
        f = new File(BASEDIR + SEP +
            "src/test/resources/ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/lugh.crt");
    } else {
        f = new File(
            "src/test/resources/ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/lugh.crt");
    }

    FileInputStream fis = new FileInputStream(f);
    X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);

    // Get subject key identifier from certificate
    byte[] skid = XMLX509SKI.getSKIBytesFromCert(cert);

    // Use X509CertSelector to match on certificate using the skid,
    // thereby testing that the returned skid was correct
    X509CertSelector xcs = new X509CertSelector();
    // DER-encode skid - required by X509CertSelector
    byte[] encodedSkid = new byte[skid.length+2];
    encodedSkid[0] = 0x04; // OCTET STRING tag value
    encodedSkid[1] = (byte) skid.length; // length
    System.arraycopy(skid, 0, encodedSkid, 2, skid.length);
    xcs.setSubjectKeyIdentifier(encodedSkid);

    CertStore cs = CertStore.getInstance(
        "Collection",
        new CollectionCertStoreParameters(Collections.singleton(cert)));

    Collection<?> certs = cs.getCertificates(xcs);
    assertTrue(!certs.isEmpty());
}
 

import java.security.cert.CertStore; //导入方法依赖的package包/类
private void checkResult(CertStore certS)   throws CertStoreException, 
        InvalidAlgorithmParameterException {
    CertSelector certSelector = new X509CertSelector();
    CRLSelector crlSelector = new X509CRLSelector();
    Collection collection = certS.getCertificates(certSelector);
    assertNull("Not null collection", collection);
    collection = certS.getCRLs(crlSelector);
    assertNull("Not null collection", collection);
}
 

import java.security.cert.CertStore; //导入方法依赖的package包/类
public static Collection<? extends Certificate> getCertificates(final PKIXCertStoreSelector selector, CertStore certStore)
    throws CertStoreException
{
    return certStore.getCertificates(new SelectorClone(selector));
}
 

import java.security.cert.CertStore; //导入方法依赖的package包/类
private void basicTest()
    throws Exception
{
    CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");

    X509Certificate rootCert = (X509Certificate)cf
            .generateCertificate(new ByteArrayInputStream(
                    CertPathTest.rootCertBin));
    X509Certificate interCert = (X509Certificate)cf
            .generateCertificate(new ByteArrayInputStream(
                    CertPathTest.interCertBin));
    X509Certificate finalCert = (X509Certificate)cf
            .generateCertificate(new ByteArrayInputStream(
                    CertPathTest.finalCertBin));
    X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
            CertPathTest.rootCrlBin));
    X509CRL interCrl = (X509CRL)cf
            .generateCRL(new ByteArrayInputStream(
                    CertPathTest.interCrlBin));

    // Testing CollectionCertStore generation from List
    List list = new ArrayList();
    list.add(rootCert);
    list.add(interCert);
    list.add(finalCert);
    list.add(rootCrl);
    list.add(interCrl);
    CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
    CertStore store1 = CertStore.getInstance("Collection", ccsp, "BC");
    CertStore store2 = CertStore.getInstance("Collection", ccsp, "BC");

    List storeList = new ArrayList();
    storeList.add(store1);
    storeList.add(store2);
    CertStore store = CertStore.getInstance("Multi", new MultiCertStoreParameters(storeList));

    // Searching for rootCert by subjectDN
    X509CertSelector targetConstraints = new X509CertSelector();
    targetConstraints.setSubject(rootCert.getSubjectX500Principal().getName());
    Collection certs = store.getCertificates(targetConstraints);

    if (certs.size() != 2 || !certs.contains(rootCert))
    {
        fail("2 rootCerts not found by subjectDN");
    }

    store = CertStore.getInstance("Multi", new MultiCertStoreParameters(storeList, false));
    certs = store.getCertificates(targetConstraints);
    
    if (certs.size() != 1 || !certs.contains(rootCert))
    {
        fail("1 rootCert not found by subjectDN");
    }
}