本文整理了Java中org.bouncycastle.util.Store
类的一些代码示例,展示了Store
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Store
类的具体详情如下:
包路径:org.bouncycastle.util.Store
类名称:Store
[英]A generic interface describing a simple store of objects.
[中]描述简单对象存储的通用接口。
代码示例来源:origin: org.apache.poi/poi-ooxml
Collection<X509CertificateHolder> certificates = timeStampToken.getCertificates().getMatches(null);
代码示例来源:origin: apache/pdfbox
/**
* Processes a signer store and goes through the signers certificate-chain. Adds the found data
* to the certInfo. Handles only the first signer, although multiple would be possible, but is
* not yet practicable.
*
* @param certificatesStore To get the certificate information from. Certificates will be saved
* in certificatesMap.
* @param signedData data from which to get the SignerInformation
* @param certInfo where to add certificate information
* @return Signer Information of the processed certificatesStore for further usage.
* @throws IOException on data-processing error
* @throws CertificateProccessingException on a specific error with a certificate
*/
private SignerInformation processSignerStore(Store<X509CertificateHolder> certificatesStore,
CMSSignedData signedData, CertSignatureInformation certInfo)
throws IOException, CertificateProccessingException
{
Collection<SignerInformation> signers = signedData.getSignerInfos().getSigners();
SignerInformation signerInformation = signers.iterator().next();
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> matches = certificatesStore
.getMatches((Selector<X509CertificateHolder>) signerInformation.getSID());
X509Certificate certificate = getCertFromHolder(matches.iterator().next());
Collection<X509CertificateHolder> allCerts = certificatesStore.getMatches(null);
addAllCerts(allCerts);
traverseChain(certificate, certInfo, MAX_CERTIFICATE_CHAIN_DEPTH);
return signerInformation;
}
代码示例来源:origin: apache/pdfbox
private void verifyCertificateChain(Store<X509CertificateHolder> certificatesStore,
X509Certificate certFromSignedData, Date signDate)
throws CertificateVerificationException, CertificateException
{
// Verify certificate chain (new since 10/2018)
// Please post bad PDF files that succeed and
// good PDF files that fail in
// https://issues.apache.org/jira/browse/PDFBOX-3017
Collection<X509CertificateHolder> certificateHolders = certificatesStore.getMatches(null);
Set<X509Certificate> additionalCerts = new HashSet<>();
JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter();
for (X509CertificateHolder certHolder : certificateHolders)
{
X509Certificate certificate = certificateConverter.getCertificate(certHolder);
if (!certificate.equals(certFromSignedData))
{
additionalCerts.add(certificate);
}
}
CertificateVerifier.verifyCertificate(certFromSignedData, additionalCerts, true, signDate);
}
代码示例来源:origin: apache/pdfbox
private void validateTimestampToken(TimeStampToken timeStampToken)
throws TSPException, CertificateException, OperatorCreationException, IOException
{
// https://stackoverflow.com/questions/42114742/
Collection<X509CertificateHolder> tstMatches =
timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
X509CertificateHolder holder = tstMatches.iterator().next();
X509Certificate tstCert = new JcaX509CertificateConverter().getCertificate(holder);
SignerInformationVerifier siv = new JcaSimpleSignerInfoVerifierBuilder().setProvider(SecurityProvider.getProvider()).build(tstCert);
timeStampToken.validate(siv);
System.out.println("TimeStampToken validated");
}
代码示例来源:origin: hsiafan/apk-parser
/**
* get certificate info
*/
@SuppressWarnings("unchecked")
public List<CertificateMeta> parse() throws CertificateException {
CMSSignedData cmsSignedData;
try {
cmsSignedData = new CMSSignedData(data);
} catch (CMSException e) {
throw new CertificateException(e);
}
Store<X509CertificateHolder> certStore = cmsSignedData.getCertificates();
SignerInformationStore signerInfos = cmsSignedData.getSignerInfos();
Collection<SignerInformation> signers = signerInfos.getSigners();
List<X509Certificate> certificates = new ArrayList<>();
for (SignerInformation signer : signers) {
Collection<X509CertificateHolder> matches = certStore.getMatches(signer.getSID());
for (X509CertificateHolder holder : matches) {
certificates.add(new JcaX509CertificateConverter().setProvider(provider).getCertificate(holder));
}
}
return CertificateMetas.from(certificates);
}
代码示例来源:origin: apache/pdfbox
@SuppressWarnings("unchecked")
Collection<X509CertificateHolder> matches =
certificatesStore.getMatches((Selector<X509CertificateHolder>) signerInformation.getSID());
X509CertificateHolder certificateHolder = matches.iterator().next();
X509Certificate certFromSignedData = new JcaX509CertificateConverter().getCertificate(certificateHolder);
X509CertificateHolder tstCertHolder = (X509CertificateHolder) timeStampToken.getCertificates().getMatches(null).iterator().next();
X509Certificate certFromTimeStamp = new JcaX509CertificateConverter().getCertificate(tstCertHolder);
certificateHolderSet.addAll(certificatesStore.getMatches(null));
certificateHolderSet.addAll(timeStampToken.getCertificates().getMatches(null));
verifyCertificateChain(new CollectionStore<>(certificateHolderSet),
certFromTimeStamp,
代码示例来源:origin: org.xwiki.commons/xwiki-commons-crypto-pkix
@SuppressWarnings("unchecked")
private static Collection<X509CertificateHolder> getCertificates(Store store)
{
return store.getMatches(null);
}
代码示例来源:origin: org.xwiki.commons/xwiki-commons-crypto-pkix
/**
* Get the first certificate matching the provided selector.
*
* @param selector the selector.
* @return a certificate holder.
*/
public X509CertificateHolder getCertificate(Selector selector)
{
try {
return (X509CertificateHolder) this.store.getMatches(selector).iterator().next();
} catch (Throwable t) {
return null;
}
}
代码示例来源:origin: ebourg/jsign
@Override
protected Collection<X509CertificateHolder> getExtraCertificates(CMSSignedData token) {
return token.getCertificates().getMatches(null);
}
代码示例来源:origin: stackoverflow.com
TimeStampToken tok = response.getTimeStampToken();
Store certs = tok.getCertificates();
ArrayList<X509CertificateHolder> listCert = new ArrayList(certs.getMatches(null));
X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(listCert.get(0));
expiration = cert.getNotAfter();
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect,
List certStores)
throws AnnotatedException
{
Set certs = new HashSet();
Iterator iter = certStores.iterator();
while (iter.hasNext())
{
Object obj = iter.next();
if (obj instanceof Store)
{
Store certStore = (Store)obj;
try
{
certs.addAll(certStore.getMatches(certSelect));
}
catch (StoreException e)
{
throw new AnnotatedException(
"Problem while picking certificates from X.509 store.", e);
}
}
}
return certs;
}
}
代码示例来源:origin: org.xwiki.commons/xwiki-commons-crypto-pkix
@Override
public Collection<CertifiedPublicKey> getCertificate(PrincipalIndentifier subject)
{
AttributeCertificateHolder selector = new AttributeCertificateHolder(BcUtils.getX500Name(subject));
try {
Collection<?> matches = this.store.getMatches(selector);
Collection<CertifiedPublicKey> result = new ArrayList<CertifiedPublicKey>(matches.size());
for (Object holder : matches) {
if (holder instanceof X509CertificateHolder) {
result.add(BcUtils.convertCertificate(this.factory, (X509CertificateHolder) holder));
}
}
return (!result.isEmpty()) ? result : null;
} catch (Throwable t) {
return null;
}
}
}
代码示例来源:origin: esig/dss
/**
* This method returns the List of certificates with the same SignerId.
*
* @param signerId
* expected signerId.
* @return If no match is found then an empty list is returned.
*/
@SuppressWarnings("unchecked")
public List<CertificateToken> getBySignerId(SignerId signerId) {
Collection<CertificatePoolEntity> values = entriesByPublicKeyHash.values();
for (CertificatePoolEntity entity : values) {
List<CertificateToken> equivalentCertificates = entity.getEquivalentCertificates();
CertificateToken token = equivalentCertificates.iterator().next();
X509CertificateHolder x509CertificateHolder = DSSASN1Utils.getX509CertificateHolder(token);
Store<X509CertificateHolder> store = new CollectionStore<X509CertificateHolder>(Collections.singleton(x509CertificateHolder));
Collection<X509CertificateHolder> matches = store.getMatches(signerId);
if (!matches.isEmpty()) {
return equivalentCertificates;
}
}
return Collections.emptyList();
}
代码示例来源:origin: stackoverflow.com
Store store = signedData.getCertificates();
SignerInformationStore signers = signedData.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = store.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert))) {
ret = true;
}
}
代码示例来源:origin: arhs/sd-dss
/**
* @throws org.bouncycastle.util.StoreException
* @throws eu.europa.ec.markt.dss.exception.DSSException
*/
@SuppressWarnings("unchecked")
private ArrayList<CertificateToken> extractIdSignedDataCertificates() throws StoreException, DSSException {
final ArrayList<CertificateToken> essCertIDCerts = new ArrayList<CertificateToken>();
final Collection<X509CertificateHolder> x509CertificateHolders = (Collection<X509CertificateHolder>) cmsSignedData.getCertificates().getMatches(null);
for (final X509CertificateHolder x509CertificateHolder : x509CertificateHolders) {
final X509Certificate x509Certificate = DSSUtils.getCertificate(x509CertificateHolder);
final CertificateToken certificateToken = addCertificate(x509Certificate);
if (!essCertIDCerts.contains(certificateToken)) {
essCertIDCerts.add(certificateToken);
}
}
return essCertIDCerts;
}
}
代码示例来源:origin: stackoverflow.com
// Loading the file first
File f = new File("myFile.p7b");
byte[] buffer = new byte[(int) f.length()];
DataInputStream in = new DataInputStream(new FileInputStream(f));
in.readFully(buffer);
in.close();
//Corresponding class of signed_data is CMSSignedData
CMSSignedData signature = new CMSSignedData(buffer);
Store cs = signature.getCertificates();
SignerInformationStore signers = signature.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
//the following array will contain the content of xml document
byte[] data = null;
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
Collection certCollection = cs.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
CMSProcessable sc = signature.getSignedContent();
data = (byte[]) sc.getContent();
}
代码示例来源:origin: stackoverflow.com
CMSSignedData s = new CMSSignedData(inputStream);
Store certStore = s.getCertificates(); // This is where you access embedded certificates
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certStore.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)))
{
verified++;
}
}
代码示例来源:origin: open-eid/SiVa
private boolean isSignatureValid(TimeStampToken timeStampToken) {
try {
JcaSimpleSignerInfoVerifierBuilder sigVerifierBuilder = new JcaSimpleSignerInfoVerifierBuilder();
Collection certCollection = timeStampToken.getCertificates().getMatches(timeStampToken.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded()));
SignerInformationVerifier signerInfoVerifier = sigVerifierBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey());
return timeStampToken.isSignatureValid(signerInfoVerifier);
} catch (Exception e) {
throw new MalformedDocumentException(e);
}
}
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
try
certs.addAll(certStore.getMatches(certSelect));
代码示例来源:origin: eu.eu-emi.security/canl
try
certs.addAll(certStore.getMatches(certSelect));
内容来源于网络,如有侵权,请联系作者删除!