org.bouncycastle.util.Store类的使用及代码示例

x33g5p2x  于2022-01-30 转载在 其他  
字(12.1k)|赞(0)|评价(0)|浏览(202)

本文整理了Java中org.bouncycastle.util.Store类的一些代码示例,展示了Store类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Store类的具体详情如下:
包路径:org.bouncycastle.util.Store
类名称:Store

Store介绍

[英]A generic interface describing a simple store of objects.
[中]描述简单对象存储的通用接口。

代码示例

代码示例来源:origin: org.apache.poi/poi-ooxml

Collection<X509CertificateHolder> certificates = timeStampToken.getCertificates().getMatches(null);

代码示例来源:origin: apache/pdfbox

/**
 * Processes a signer store and goes through the signers certificate-chain. Adds the found data
 * to the certInfo. Handles only the first signer, although multiple would be possible, but is
 * not yet practicable.
 *
 * @param certificatesStore To get the certificate information from. Certificates will be saved
 * in certificatesMap.
 * @param signedData data from which to get the SignerInformation
 * @param certInfo where to add certificate information
 * @return Signer Information of the processed certificatesStore for further usage.
 * @throws IOException on data-processing error
 * @throws CertificateProccessingException on a specific error with a certificate
 */
private SignerInformation processSignerStore(Store<X509CertificateHolder> certificatesStore,
    CMSSignedData signedData, CertSignatureInformation certInfo)
    throws IOException, CertificateProccessingException
{
  Collection<SignerInformation> signers = signedData.getSignerInfos().getSigners();
  SignerInformation signerInformation = signers.iterator().next();
  @SuppressWarnings("unchecked")
  Collection<X509CertificateHolder> matches = certificatesStore
      .getMatches((Selector<X509CertificateHolder>) signerInformation.getSID());
  X509Certificate certificate = getCertFromHolder(matches.iterator().next());
  Collection<X509CertificateHolder> allCerts = certificatesStore.getMatches(null);
  addAllCerts(allCerts);
  traverseChain(certificate, certInfo, MAX_CERTIFICATE_CHAIN_DEPTH);
  return signerInformation;
}

代码示例来源:origin: apache/pdfbox

private void verifyCertificateChain(Store<X509CertificateHolder> certificatesStore,
    X509Certificate certFromSignedData, Date signDate)
    throws CertificateVerificationException, CertificateException
{
  // Verify certificate chain (new since 10/2018)
  // Please post bad PDF files that succeed and
  // good PDF files that fail in
  // https://issues.apache.org/jira/browse/PDFBOX-3017
  Collection<X509CertificateHolder> certificateHolders = certificatesStore.getMatches(null);
  Set<X509Certificate> additionalCerts = new HashSet<>();
  JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter();
  for (X509CertificateHolder certHolder : certificateHolders)
  {
    X509Certificate certificate = certificateConverter.getCertificate(certHolder);
    if (!certificate.equals(certFromSignedData))
    {
      additionalCerts.add(certificate);
    }
  }
  CertificateVerifier.verifyCertificate(certFromSignedData, additionalCerts, true, signDate);
}

代码示例来源:origin: apache/pdfbox

private void validateTimestampToken(TimeStampToken timeStampToken)
    throws TSPException, CertificateException, OperatorCreationException, IOException
{
  // https://stackoverflow.com/questions/42114742/
  Collection<X509CertificateHolder> tstMatches =
      timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
  X509CertificateHolder holder = tstMatches.iterator().next();
  X509Certificate tstCert = new JcaX509CertificateConverter().getCertificate(holder);
  SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(SecurityProvider.getProvider()).build(tstCert);
  timeStampToken.validate(siv);
  System.out.println("TimeStampToken validated");
}

代码示例来源:origin: hsiafan/apk-parser

/**
 * get certificate info
 */
@SuppressWarnings("unchecked")
public List<CertificateMeta> parse() throws CertificateException {
  CMSSignedData cmsSignedData;
  try {
    cmsSignedData = new CMSSignedData(data);
  } catch (CMSException e) {
    throw new CertificateException(e);
  }
  Store<X509CertificateHolder> certStore = cmsSignedData.getCertificates();
  SignerInformationStore signerInfos = cmsSignedData.getSignerInfos();
  Collection<SignerInformation> signers = signerInfos.getSigners();
  List<X509Certificate> certificates = new ArrayList<>();
  for (SignerInformation signer : signers) {
    Collection<X509CertificateHolder> matches = certStore.getMatches(signer.getSID());
    for (X509CertificateHolder holder : matches) {
      certificates.add(new JcaX509CertificateConverter().setProvider(provider).getCertificate(holder));
    }
  }
  return CertificateMetas.from(certificates);
}

代码示例来源:origin: apache/pdfbox

@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> matches =
    certificatesStore.getMatches((Selector<X509CertificateHolder>) signerInformation.getSID());
X509CertificateHolder certificateHolder = matches.iterator().next();
X509Certificate certFromSignedData = new JcaX509CertificateConverter().getCertificate(certificateHolder);
  X509CertificateHolder tstCertHolder = (X509CertificateHolder) timeStampToken.getCertificates().getMatches(null).iterator().next();
  X509Certificate certFromTimeStamp = new JcaX509CertificateConverter().getCertificate(tstCertHolder);
  certificateHolderSet.addAll(certificatesStore.getMatches(null));
  certificateHolderSet.addAll(timeStampToken.getCertificates().getMatches(null));
  verifyCertificateChain(new CollectionStore<>(certificateHolderSet),
      certFromTimeStamp,

代码示例来源:origin: org.xwiki.commons/xwiki-commons-crypto-pkix

@SuppressWarnings("unchecked")
private static Collection<X509CertificateHolder> getCertificates(Store store)
{
  return store.getMatches(null);
}

代码示例来源:origin: org.xwiki.commons/xwiki-commons-crypto-pkix

/**
 * Get the first certificate matching the provided selector.
 *
 * @param selector the selector.
 * @return a certificate holder.
 */
public X509CertificateHolder getCertificate(Selector selector)
{
  try {
    return (X509CertificateHolder) this.store.getMatches(selector).iterator().next();
  } catch (Throwable t) {
    return null;
  }
}

代码示例来源:origin: ebourg/jsign

@Override
protected Collection<X509CertificateHolder> getExtraCertificates(CMSSignedData token) {
  return token.getCertificates().getMatches(null);
}

代码示例来源:origin: stackoverflow.com

TimeStampToken tok = response.getTimeStampToken();
Store certs = tok.getCertificates(); 
ArrayList<X509CertificateHolder> listCert = new ArrayList(certs.getMatches(null));
X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(listCert.get(0));
expiration = cert.getNotAfter();

代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on

protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect,
                           List certStores)
    throws AnnotatedException
  {
    Set certs = new HashSet();
    Iterator iter = certStores.iterator();

    while (iter.hasNext())
    {
      Object obj = iter.next();

      if (obj instanceof Store)
      {
        Store certStore = (Store)obj;
        try
        {
          certs.addAll(certStore.getMatches(certSelect));
        }
        catch (StoreException e)
        {
          throw new AnnotatedException(
              "Problem while picking certificates from X.509 store.", e);
        }
      }
    }
    return certs;
  }
}

代码示例来源:origin: org.xwiki.commons/xwiki-commons-crypto-pkix

@Override
  public Collection<CertifiedPublicKey> getCertificate(PrincipalIndentifier subject)
  {
    AttributeCertificateHolder selector = new AttributeCertificateHolder(BcUtils.getX500Name(subject));

    try {
      Collection<?> matches = this.store.getMatches(selector);
      Collection<CertifiedPublicKey> result = new ArrayList<CertifiedPublicKey>(matches.size());
      for (Object holder : matches) {
        if (holder instanceof X509CertificateHolder) {
          result.add(BcUtils.convertCertificate(this.factory, (X509CertificateHolder) holder));
        }
      }
      return (!result.isEmpty()) ? result : null;
    } catch (Throwable t) {
      return null;
    }
  }
}

代码示例来源:origin: esig/dss

/**
 * This method returns the List of certificates with the same SignerId.
 *
 * @param signerId
 *                 expected signerId.
 * @return If no match is found then an empty list is returned.
 */
@SuppressWarnings("unchecked")
public List<CertificateToken> getBySignerId(SignerId signerId) {
  Collection<CertificatePoolEntity> values = entriesByPublicKeyHash.values();
  for (CertificatePoolEntity entity : values) {
    List<CertificateToken> equivalentCertificates = entity.getEquivalentCertificates();
    CertificateToken token = equivalentCertificates.iterator().next();
    X509CertificateHolder x509CertificateHolder = DSSASN1Utils.getX509CertificateHolder(token);
    Store<X509CertificateHolder> store = new CollectionStore<X509CertificateHolder>(Collections.singleton(x509CertificateHolder));
    Collection<X509CertificateHolder> matches = store.getMatches(signerId);
    if (!matches.isEmpty()) {
      return equivalentCertificates;
    }
  }
  return Collections.emptyList();
}

代码示例来源:origin: stackoverflow.com

Store store = signedData.getCertificates(); 
SignerInformationStore signers = signedData.getSignerInfos(); 

Collection c = signers.getSigners(); 
Iterator it = c.iterator(); 

while (it.hasNext()) { 
  SignerInformation signer = (SignerInformation)it.next(); 

  Collection certCollection = store.getMatches(signer.getSID()); 
  Iterator certIt = certCollection.iterator(); 

  X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next(); 
  X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder); 

  if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
    ret = true; 
  }
}

代码示例来源:origin: arhs/sd-dss

/**
   * @throws org.bouncycastle.util.StoreException
   * @throws eu.europa.ec.markt.dss.exception.DSSException
   */
  @SuppressWarnings("unchecked")
  private ArrayList<CertificateToken> extractIdSignedDataCertificates() throws StoreException, DSSException {

    final ArrayList<CertificateToken> essCertIDCerts = new ArrayList<CertificateToken>();
    final Collection<X509CertificateHolder> x509CertificateHolders = (Collection<X509CertificateHolder>) cmsSignedData.getCertificates().getMatches(null);
    for (final X509CertificateHolder x509CertificateHolder : x509CertificateHolders) {

      final X509Certificate x509Certificate = DSSUtils.getCertificate(x509CertificateHolder);
      final CertificateToken certificateToken = addCertificate(x509Certificate);
      if (!essCertIDCerts.contains(certificateToken)) {
        essCertIDCerts.add(certificateToken);
      }
    }
    return essCertIDCerts;
  }
}

代码示例来源:origin: stackoverflow.com

// Loading the file first
 File f = new File("myFile.p7b");
 byte[] buffer = new byte[(int) f.length()];
 DataInputStream in = new DataInputStream(new FileInputStream(f));
 in.readFully(buffer);
 in.close();
 //Corresponding class of signed_data is CMSSignedData
 CMSSignedData signature = new CMSSignedData(buffer);
 Store cs = signature.getCertificates();
 SignerInformationStore signers = signature.getSignerInfos();
 Collection c = signers.getSigners();
 Iterator it = c.iterator();
 //the following array will contain the content of xml document
 byte[] data = null;
 while (it.hasNext()) {
   SignerInformation signer = (SignerInformation) it.next();
   Collection certCollection = cs.getMatches(signer.getSID());
   Iterator certIt = certCollection.iterator();
   X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
   CMSProcessable sc = signature.getSignedContent();
   data = (byte[]) sc.getContent();
 }

代码示例来源:origin: stackoverflow.com

CMSSignedData           s = new CMSSignedData(inputStream);
Store                   certStore = s.getCertificates(); // This is where you access embedded certificates
SignerInformationStore  signers = s.getSignerInfos();
Collection              c = signers.getSigners();
Iterator                it = c.iterator();

while (it.hasNext())
{
 SignerInformation   signer = (SignerInformation)it.next();
 Collection          certCollection = certStore.getMatches(signer.getSID());

 Iterator              certIt = certCollection.iterator();
 X509CertificateHolder cert = (X509CertificateHolder)certIt.next();

 if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)))
 {
   verified++;
 } 
}

代码示例来源:origin: open-eid/SiVa

private boolean isSignatureValid(TimeStampToken timeStampToken) {
  try {
    JcaSimpleSignerInfoVerifierBuilder sigVerifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
    Collection certCollection = timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
    Iterator certIt = certCollection.iterator();
    X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
    Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
    SignerInformationVerifier signerInfoVerifier = sigVerifierBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey());
    return timeStampToken.isSignatureValid(signerInfoVerifier);
  } catch (Exception e) {
    throw new MalformedDocumentException(e);
  }
}

代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on

try
  certs.addAll(certStore.getMatches(certSelect));

代码示例来源:origin: eu.eu-emi.security/canl

try
  certs.addAll(certStore.getMatches(certSelect));

相关文章

Store类方法