equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
203 * @return a KeySelectorResult containing the cert's public key if there |
203 * @return a KeySelectorResult containing the cert's public key if there |
204 * is a match; otherwise null |
204 * is a match; otherwise null |
205 */ |
205 */ |
206 private KeySelectorResult keyStoreSelect(CertSelector cs) |
206 private KeySelectorResult keyStoreSelect(CertSelector cs) |
207 throws KeyStoreException { |
207 throws KeyStoreException { |
208 Enumeration aliases = ks.aliases(); |
208 Enumeration<String> aliases = ks.aliases(); |
209 while (aliases.hasMoreElements()) { |
209 while (aliases.hasMoreElements()) { |
210 String alias = (String) aliases.nextElement(); |
210 String alias = aliases.nextElement(); |
211 Certificate cert = ks.getCertificate(alias); |
211 Certificate cert = ks.getCertificate(alias); |
212 if (cert != null && cs.match(cert)) { |
212 if (cert != null && cs.match(cert)) { |
213 return new SimpleKeySelectorResult(cert.getPublicKey()); |
213 return new SimpleKeySelectorResult(cert.getPublicKey()); |
214 } |
214 } |
215 } |
215 } |
299 try { |
299 try { |
300 subjectcs.setSubjectPublicKeyAlgID(algOID); |
300 subjectcs.setSubjectPublicKeyAlgID(algOID); |
301 } catch (IOException ioe) { |
301 } catch (IOException ioe) { |
302 throw new KeySelectorException(ioe); |
302 throw new KeySelectorException(ioe); |
303 } |
303 } |
304 Collection certs = new ArrayList(); |
304 Collection<X509Certificate> certs = new ArrayList<>(); |
305 |
305 |
306 Iterator xi = xd.getContent().iterator(); |
306 Iterator xi = xd.getContent().iterator(); |
307 while (xi.hasNext()) { |
307 while (xi.hasNext()) { |
308 Object o = xi.next(); |
308 Object o = xi.next(); |
309 // check X509IssuerSerial |
309 // check X509IssuerSerial |
343 encodedSki[0] = 0x04; // OCTET STRING tag value |
343 encodedSki[0] = 0x04; // OCTET STRING tag value |
344 encodedSki[1] = (byte) ski.length; // length |
344 encodedSki[1] = (byte) ski.length; // length |
345 System.arraycopy(ski, 0, encodedSki, 2, ski.length); |
345 System.arraycopy(ski, 0, encodedSki, 2, ski.length); |
346 subjectcs.setSubjectKeyIdentifier(encodedSki); |
346 subjectcs.setSubjectKeyIdentifier(encodedSki); |
347 } else if (o instanceof X509Certificate) { |
347 } else if (o instanceof X509Certificate) { |
348 certs.add((X509Certificate) o); |
348 certs.add((X509Certificate)o); |
349 // check X509CRL |
349 // check X509CRL |
350 // not supported: should use CertPath API |
350 // not supported: should use CertPath API |
351 } else { |
351 } else { |
352 // skip all other entries |
352 // skip all other entries |
353 continue; |
353 continue; |
357 if (ksr != null) { |
357 if (ksr != null) { |
358 return ksr; |
358 return ksr; |
359 } |
359 } |
360 if (!certs.isEmpty() && !trusted) { |
360 if (!certs.isEmpty() && !trusted) { |
361 // try to find public key in certs in X509Data |
361 // try to find public key in certs in X509Data |
362 Iterator i = certs.iterator(); |
362 for (X509Certificate cert : certs) { |
363 while (i.hasNext()) { |
|
364 X509Certificate cert = (X509Certificate) i.next(); |
|
365 if (subjectcs.match(cert)) { |
363 if (subjectcs.match(cert)) { |
366 return new SimpleKeySelectorResult(cert.getPublicKey()); |
364 return new SimpleKeySelectorResult(cert.getPublicKey()); |
367 } |
365 } |
368 } |
366 } |
369 } |
367 } |