List of usage examples for javax.xml.crypto.dsig.keyinfo X509Data getContent
List<?> getContent();
X509Data. From source file:be.fedict.eid.tsl.KeyInfoKeySelector.java
@Override public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { LOG.debug("select key"); List<XMLStructure> keyInfoContent = keyInfo.getContent(); for (XMLStructure keyInfoStructure : keyInfoContent) { if (false == (keyInfoStructure instanceof X509Data)) { continue; }//from w w w . java 2s.c o m X509Data x509Data = (X509Data) keyInfoStructure; List<Object> x509DataList = x509Data.getContent(); for (Object x509DataObject : x509DataList) { if (false == (x509DataObject instanceof X509Certificate)) { continue; } this.certificate = (X509Certificate) x509DataObject; // stop after first match return this; } } throw new KeySelectorException("No key found!"); }
From source file:be.fedict.eid.applet.service.signer.KeyInfoKeySelector.java
@SuppressWarnings("unchecked") @Override//w ww. j a va 2s .com public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { LOG.debug("select key"); if (null == keyInfo) { throw new KeySelectorException("no ds:KeyInfo present"); } List<XMLStructure> keyInfoContent = keyInfo.getContent(); this.certificate = null; for (XMLStructure keyInfoStructure : keyInfoContent) { if (false == (keyInfoStructure instanceof X509Data)) { continue; } X509Data x509Data = (X509Data) keyInfoStructure; List<Object> x509DataList = x509Data.getContent(); for (Object x509DataObject : x509DataList) { if (false == (x509DataObject instanceof X509Certificate)) { continue; } X509Certificate certificate = (X509Certificate) x509DataObject; LOG.debug("certificate: " + certificate.getSubjectX500Principal()); if (null == this.certificate) { /* * The first certificate is presumably the signer. */ this.certificate = certificate; LOG.debug("signer certificate: " + certificate.getSubjectX500Principal()); } } if (null != this.certificate) { return this; } } throw new KeySelectorException("No key found!"); }
From source file:org.openehealth.coms.cc.web_frontend.consentcreator.service.DocumentFactory.java
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { Iterator ki = keyInfo.getContent().iterator(); while (ki.hasNext()) { XMLStructure info = (XMLStructure) ki.next(); if (!(info instanceof X509Data)) continue; X509Data x509Data = (X509Data) info; Iterator xi = x509Data.getContent().iterator(); while (xi.hasNext()) { Object o = xi.next(); if (!(o instanceof X509Certificate)) continue; final PublicKey key = ((X509Certificate) o).getPublicKey(); // Make sure the algorithm is compatible // with the method. if (algEquals(method.getAlgorithm(), key.getAlgorithm())) { return new KeySelectorResult() { public Key getKey() { return key; }/*from w w w . jav a2s .c om*/ }; } } } Logger.getLogger(this.getClass()).error("No Key found"); throw new KeySelectorException("No key found!"); }
From source file:org.roda.common.certification.ODFSignatureUtils.java
private static void verifyCertificates(Path input, Node signatureNode) throws MarshalException, XMLSignatureException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException { XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM"); DOMValidateContext domValidateContext = new DOMValidateContext(new KeyInfoKeySelector(), signatureNode); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); xmlSignature.getSignatureValue().validate(domValidateContext); // xmlSignature.validate(domValidateContext); KeyInfo keyInfo = xmlSignature.getKeyInfo(); Iterator<?> it = keyInfo.getContent().iterator(); List<X509Certificate> certs = new ArrayList<X509Certificate>(); List<CRL> crls = new ArrayList<CRL>(); while (it.hasNext()) { XMLStructure content = (XMLStructure) it.next(); if (content instanceof X509Data) { X509Data certdata = (X509Data) content; Object[] entries = certdata.getContent().toArray(); for (int i = 0; i < entries.length; i++) { if (entries[i] instanceof X509CRL) { X509CRL crl = (X509CRL) entries[i]; crls.add(crl);/*from w w w . j a v a2 s .c o m*/ } if (entries[i] instanceof X509Certificate) { X509Certificate cert = (X509Certificate) entries[i]; cert.checkValidity(); certs.add(cert); } } } } for (CRL c : crls) { for (X509Certificate cert : certs) { if (c.isRevoked(cert)) throw new CertificateRevokedException(null, null, null, null); } } }
From source file:org.roda.core.plugins.plugins.characterization.ODFSignatureUtils.java
private static void verifyCertificates(Node signatureNode) throws MarshalException, XMLSignatureException, NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException { XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM"); DOMValidateContext domValidateContext = new DOMValidateContext(new KeyInfoKeySelector(), signatureNode); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); xmlSignature.getSignatureValue().validate(domValidateContext); // xmlSignature.validate(domValidateContext); KeyInfo keyInfo = xmlSignature.getKeyInfo(); Iterator<?> it = keyInfo.getContent().iterator(); List<X509Certificate> certs = new ArrayList<>(); List<CRL> crls = new ArrayList<>(); while (it.hasNext()) { XMLStructure content = (XMLStructure) it.next(); if (content instanceof X509Data) { X509Data certdata = (X509Data) content; Object[] entries = certdata.getContent().toArray(); for (int i = 0; i < entries.length; i++) { if (entries[i] instanceof X509CRL) { X509CRL crl = (X509CRL) entries[i]; crls.add(crl);/* w w w.java2 s. co m*/ } if (entries[i] instanceof X509Certificate) { X509Certificate cert = (X509Certificate) entries[i]; cert.checkValidity(); certs.add(cert); } } } } for (CRL c : crls) { for (X509Certificate cert : certs) { if (c.isRevoked(cert)) throw new CertificateRevokedException(null, null, null, null); } } }