コード例 #1
0
  private Collection getCertificatesFromCrossCertificatePairs(X509CertStoreSelector xselector)
      throws StoreException {
    Set set = new HashSet();
    X509CertPairStoreSelector ps = new X509CertPairStoreSelector();

    ps.setForwardSelector(xselector);
    ps.setReverseSelector(new X509CertStoreSelector());

    Set crossCerts = new HashSet(helper.getCrossCertificatePairs(ps));
    Set forward = new HashSet();
    Set reverse = new HashSet();
    Iterator it = crossCerts.iterator();
    while (it.hasNext()) {
      X509CertificatePair pair = (X509CertificatePair) it.next();
      if (pair.getForward() != null) {
        forward.add(pair.getForward());
      }
      if (pair.getReverse() != null) {
        reverse.add(pair.getReverse());
      }
    }
    set.addAll(forward);
    set.addAll(reverse);
    return set;
  }
コード例 #2
0
 /**
  * Returns a collection of matching certificates from the LDAP location.
  *
  * <p>The selector must be a of type <code>X509CertStoreSelector</code>. If it is not an empty
  * collection is returned.
  *
  * <p>The implementation searches only for CA certificates, if the method {@link
  * java.security.cert.X509CertSelector#getBasicConstraints()} is greater or equal to 0. If it is
  * -2 only end certificates are searched.
  *
  * <p>The subject and the serial number for end certificates should be reasonable criterias for a
  * selector.
  *
  * @param selector The selector to use for finding.
  * @return A collection with the matches.
  * @throws StoreException if an exception occurs while searching.
  */
 public Collection engineGetMatches(Selector selector) throws StoreException {
   if (!(selector instanceof X509CertStoreSelector)) {
     return Collections.EMPTY_SET;
   }
   X509CertStoreSelector xselector = (X509CertStoreSelector) selector;
   Set set = new HashSet();
   // test if only CA certificates should be selected
   if (xselector.getBasicConstraints() > 0) {
     set.addAll(helper.getCACertificates(xselector));
     set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
   }
   // only end certificates should be selected
   else if (xselector.getBasicConstraints() == -2) {
     set.addAll(helper.getUserCertificates(xselector));
   }
   // nothing specified
   else {
     set.addAll(helper.getUserCertificates(xselector));
     set.addAll(helper.getCACertificates(xselector));
     set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
   }
   return set;
 }