List of usage examples for java.security.cert CollectionCertStoreParameters CollectionCertStoreParameters
public CollectionCertStoreParameters()
From source file:Main.java
/** * Creates <code>List</code> of <code>CollectionCertStores</code> * * @return The list created/*from ww w . j av a2s . c o m*/ * * @throws InvalidAlgorithmParameterException * @throws NoSuchAlgorithmException */ public static List<CertStore> getCollectionCertStoresList() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException { CertStore cs = CertStore.getInstance("Collection", new CollectionCertStoreParameters()); ArrayList<CertStore> l = new ArrayList<CertStore>(); if (!l.add(cs)) { throw new RuntimeException("Could not create cert stores list"); } return l; }
From source file:org.signserver.module.xades.signer.XAdESSignerUnitTest.java
/** * Internal method to perform a signing operation. * * @param token Crypto token to use/*from w w w. ja va 2 s . co m*/ * @param config Signer configuration to use for the test * @param toSign The XML document to sign * @param useCertCredential Generate credential for the request from the mocked signer certificate * @param username Username to generate a username/password credential in the request context, if null, no credential is passed * @return Verification result * @throws Exception */ private XAdESVerificationResult getVerificationResult(final MockedCryptoToken token, final WorkerConfig config, String toSign, final boolean useCertCredential, final String username) throws Exception { XAdESSigner instance = new MockedXAdESSigner(token); instance.init(4711, config, null, null); final RequestContext requestContext = new RequestContext(); requestContext.put(RequestContext.TRANSACTION_ID, "0000-100-1"); if (useCertCredential) { final CertificateClientCredential cred = new CertificateClientCredential("CN=foo", "123456789abc"); requestContext.put(RequestContext.CLIENT_CREDENTIAL, cred); } else if (username != null) { final UsernamePasswordClientCredential cred = new UsernamePasswordClientCredential(username, "foobar"); requestContext.put(RequestContext.CLIENT_CREDENTIAL, cred); } GenericSignRequest request = new GenericSignRequest(100, toSign.getBytes("UTF-8")); GenericSignResponse response = (GenericSignResponse) instance.processData(request, requestContext); byte[] data = response.getProcessedData(); final String signedXml = new String(data); LOG.debug("signedXml: " + signedXml); // Validation: setup CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters()); KeyStore trustAnchors = KeyStore.getInstance("JKS"); trustAnchors.load(null, "foo123".toCharArray()); List<Certificate> chain = token.getCertificateChain(ICryptoToken.PURPOSE_SIGN); System.out.println("trust anchor: " + chain.get(chain.size() - 1)); trustAnchors.setCertificateEntry("rootcert", chain.get(chain.size() - 1)); // Simply assume last cert in chain is the trust anchor CertificateValidationProvider certValidator = new PKIXCertificateValidationProvider(trustAnchors, false, certStore); XadesVerificationProfile p = new XadesVerificationProfile(certValidator); XadesVerifier verifier = p.newVerifier(); // Validation: parse final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); final DocumentBuilder builder = factory.newDocumentBuilder(); final Document doc = builder.parse(new ByteArrayInputStream(data)); Element node = doc.getDocumentElement(); XAdESVerificationResult r = verifier.verify(node, new SignatureSpecificVerificationOptions()); return r; }