blob: 8af4adeb7fe00a2aca513dec54796cecba909981 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
package org.bouncycastle.jce.provider;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.bouncycastle.jce.X509LDAPCertStoreParameters;
import org.bouncycastle.util.Selector;
import org.bouncycastle.util.StoreException;
import org.bouncycastle.x509.X509CRLStoreSelector;
import org.bouncycastle.x509.X509StoreParameters;
import org.bouncycastle.x509.X509StoreSpi;
import org.bouncycastle.x509.util.LDAPStoreHelper;
/**
* A SPI implementation of Bouncy Castle <code>X509Store</code> for getting
* certificate revocation lists from an LDAP directory.
*
* @see org.bouncycastle.x509.X509Store
*/
public class X509StoreLDAPCRLs extends X509StoreSpi
{
private LDAPStoreHelper helper;
public X509StoreLDAPCRLs()
{
}
/**
* Initializes this LDAP CRL store implementation.
*
* @param params <code>X509LDAPCertStoreParameters</code>.
* @throws IllegalArgumentException if <code>params</code> is not an instance of
* <code>X509LDAPCertStoreParameters</code>.
*/
public void engineInit(X509StoreParameters params)
{
if (!(params instanceof X509LDAPCertStoreParameters))
{
throw new IllegalArgumentException(
"Initialization parameters must be an instance of "
+ X509LDAPCertStoreParameters.class.getName() + ".");
}
helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)params);
}
/**
* Returns a collection of matching CRLs from the LDAP location.
* <p>
* The selector must be a of type <code>X509CRLStoreSelector</code>. If
* it is not an empty collection is returned.
* </p><p>
* The issuer should be a reasonable criteria for a selector.
* </p>
* @param selector The selector to use for finding.
* @return A collection with the matches.
* @throws StoreException if an exception occurs while searching.
*/
public Collection engineGetMatches(Selector selector) throws StoreException
{
if (!(selector instanceof X509CRLStoreSelector))
{
return Collections.EMPTY_SET;
}
X509CRLStoreSelector xselector = (X509CRLStoreSelector)selector;
Set set = new HashSet();
// test only delta CRLs should be selected
if (xselector.isDeltaCRLIndicatorEnabled())
{
set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
}
// nothing specified
else
{
set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
set.addAll(helper.getAttributeAuthorityRevocationLists(xselector));
set
.addAll(helper
.getAttributeCertificateRevocationLists(xselector));
set.addAll(helper.getAuthorityRevocationLists(xselector));
set.addAll(helper.getCertificateRevocationLists(xselector));
}
return set;
}
}
|