diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java | 128 |
1 files changed, 0 insertions, 128 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java deleted file mode 100644 index c8463ef..0000000 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java +++ /dev/null @@ -1,128 +0,0 @@ -package org.bouncycastle.jce.provider; - -import java.util.Collection; -import java.util.Collections; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Set; - -import org.bouncycastle.jce.X509LDAPCertStoreParameters; -import org.bouncycastle.util.Selector; -import org.bouncycastle.util.StoreException; -import org.bouncycastle.x509.X509CertPairStoreSelector; -import org.bouncycastle.x509.X509CertStoreSelector; -import org.bouncycastle.x509.X509CertificatePair; -import org.bouncycastle.x509.X509StoreParameters; -import org.bouncycastle.x509.X509StoreSpi; -import org.bouncycastle.x509.util.LDAPStoreHelper; - -/** - * A SPI implementation of Bouncy Castle <code>X509Store</code> for getting - * certificates form a LDAP directory. - * - * @see org.bouncycastle.x509.X509Store - */ -public class X509StoreLDAPCerts - extends X509StoreSpi -{ - - private LDAPStoreHelper helper; - - public X509StoreLDAPCerts() - { - } - - /** - * Initializes this LDAP cert store implementation. - * - * @param params <code>X509LDAPCertStoreParameters</code>. - * @throws IllegalArgumentException if <code>params</code> is not an instance of - * <code>X509LDAPCertStoreParameters</code>. - */ - public void engineInit(X509StoreParameters params) - { - if (!(params instanceof X509LDAPCertStoreParameters)) - { - throw new IllegalArgumentException( - "Initialization parameters must be an instance of " - + X509LDAPCertStoreParameters.class.getName() + "."); - } - helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)params); - } - - /** - * Returns a collection of matching certificates from the LDAP location. - * <p> - * The selector must be a of type <code>X509CertStoreSelector</code>. If - * it is not an empty collection is returned. - * </p><p> - * The implementation searches only for CA certificates, if the method - * {@link java.security.cert.X509CertSelector#getBasicConstraints()} is - * greater or equal to 0. If it is -2 only end certificates are searched. - * </p><p> - * The subject and the serial number for end certificates should be - * reasonable criterias for a selector. - * </p> - * @param selector The selector to use for finding. - * @return A collection with the matches. - * @throws StoreException if an exception occurs while searching. - */ - public Collection engineGetMatches(Selector selector) throws StoreException - { - if (!(selector instanceof X509CertStoreSelector)) - { - return Collections.EMPTY_SET; - } - X509CertStoreSelector xselector = (X509CertStoreSelector)selector; - Set set = new HashSet(); - // test if only CA certificates should be selected - if (xselector.getBasicConstraints() > 0) - { - set.addAll(helper.getCACertificates(xselector)); - set.addAll(getCertificatesFromCrossCertificatePairs(xselector)); - } - // only end certificates should be selected - else if (xselector.getBasicConstraints() == -2) - { - set.addAll(helper.getUserCertificates(xselector)); - } - // nothing specified - else - { - set.addAll(helper.getUserCertificates(xselector)); - set.addAll(helper.getCACertificates(xselector)); - set.addAll(getCertificatesFromCrossCertificatePairs(xselector)); - } - return set; - } - - private Collection getCertificatesFromCrossCertificatePairs( - X509CertStoreSelector xselector) throws StoreException - { - Set set = new HashSet(); - X509CertPairStoreSelector ps = new X509CertPairStoreSelector(); - - ps.setForwardSelector(xselector); - ps.setReverseSelector(new X509CertStoreSelector()); - - Set crossCerts = new HashSet(helper.getCrossCertificatePairs(ps)); - Set forward = new HashSet(); - Set reverse = new HashSet(); - Iterator it = crossCerts.iterator(); - while (it.hasNext()) - { - X509CertificatePair pair = (X509CertificatePair)it.next(); - if (pair.getForward() != null) - { - forward.add(pair.getForward()); - } - if (pair.getReverse() != null) - { - reverse.add(pair.getReverse()); - } - } - set.addAll(forward); - set.addAll(reverse); - return set; - } -} |