📄 x509ldapcertstorespi.java
字号:
if (xselector.getCertificate() != null) { subject = xselector.getCertificate() .getSubjectX500Principal().getName("RFC1779"); serial = xselector.getCertificate().getSerialNumber() .toString(); } else { if (xselector.getSubjectAsBytes() != null) { subject = new X500Principal(xselector .getSubjectAsBytes()).getName("RFC1779"); } else { subject = xselector.getSubjectAsString(); } } String attrValue = parseDN(subject, subjectAttributeName); set.addAll(search(attrName, "*" + attrValue + "*", attrs)); if (serial != null && params.getSearchForSerialNumberIn() != null) { attrValue = serial; attrName = params.getSearchForSerialNumberIn(); set.addAll(search(attrName, "*" + attrValue + "*", attrs)); } } else { set.addAll(search(attrName, "*", attrs)); } } catch (IOException e) { throw new CertStoreException("exception processing selector: " + e); } return set; } private Set getEndCertificates(X509CertSelector xselector) throws CertStoreException { String[] attrs = {params.getUserCertificateAttribute()}; String attrName = params.getLdapUserCertificateAttributeName(); String subjectAttributeName = params.getUserCertificateSubjectAttributeName(); Set set = certSubjectSerialSearch(xselector, attrs, attrName, subjectAttributeName); return set; } private Set getCACertificates(X509CertSelector xselector) throws CertStoreException { String[] attrs = {params.getCACertificateAttribute()}; String attrName = params.getLdapCACertificateAttributeName(); String subjectAttributeName = params .getCACertificateSubjectAttributeName(); Set set = certSubjectSerialSearch(xselector, attrs, attrName, subjectAttributeName); if (set.isEmpty()) { set.addAll(search(null, "*", attrs)); } return set; } private Set getCrossCertificates(X509CertSelector xselector) throws CertStoreException { String[] attrs = {params.getCrossCertificateAttribute()}; String attrName = params.getLdapCrossCertificateAttributeName(); String subjectAttributeName = params .getCrossCertificateSubjectAttributeName(); Set set = certSubjectSerialSearch(xselector, attrs, attrName, subjectAttributeName); if (set.isEmpty()) { set.addAll(search(null, "*", attrs)); } return set; } public Collection engineGetCRLs(CRLSelector selector) throws CertStoreException { String[] attrs = {params.getCertificateRevocationListAttribute()}; if (!(selector instanceof X509CRLSelector)) { throw new CertStoreException("selector is not a X509CRLSelector"); } X509CRLSelector xselector = (X509CRLSelector)selector; Set crlSet = new HashSet(); String attrName = params.getLdapCertificateRevocationListAttributeName(); Set set = new HashSet(); if (xselector.getIssuerNames() != null) { for (Iterator it = xselector.getIssuerNames().iterator(); it .hasNext();) { Object o = it.next(); String attrValue = null; if (o instanceof String) { String issuerAttributeName = params .getCertificateRevocationListIssuerAttributeName(); attrValue = parseDN((String)o, issuerAttributeName); } else { String issuerAttributeName = params .getCertificateRevocationListIssuerAttributeName(); attrValue = parseDN(new X500Principal((byte[])o) .getName("RFC1779"), issuerAttributeName); } set.addAll(search(attrName, "*" + attrValue + "*", attrs)); } } else { set.addAll(search(attrName, "*", attrs)); } set.addAll(search(null, "*", attrs)); Iterator it = set.iterator(); try { CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC"); while (it.hasNext()) { CRL crl = cf.generateCRL(new ByteArrayInputStream((byte[])it .next())); if (xselector.match(crl)) { crlSet.add(crl); } } } catch (Exception e) { throw new CertStoreException( "CRL cannot be constructed from LDAP result " + e); } return crlSet; } /** * Returns a Set of byte arrays with the certificate or CRL encodings. * * @param attributeName The attribute name to look for in the LDAP. * @param attributeValue The value the attribute name must have. * @param attrs The attributes in the LDAP which hold the certificate, * certificate pair or CRL in a found entry. * @return Set of byte arrays with the certificate encodings. */ private Set search(String attributeName, String attributeValue, String[] attrs) throws CertStoreException { String filter = attributeName + "=" + attributeValue; if (attributeName == null) { filter = null; } DirContext ctx = null; Set set = new HashSet(); try { ctx = connectLDAP(); SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); constraints.setCountLimit(0); for (int i = 0; i < attrs.length; i++) { String temp[] = new String[1]; temp[0] = attrs[i]; constraints.setReturningAttributes(temp); String filter2 = "(&(" + filter + ")(" + temp[0] + "=*))"; if (filter == null) { filter2 = "(" + temp[0] + "=*)"; } NamingEnumeration results = ctx.search(params.getBaseDN(), filter2, constraints); while (results.hasMoreElements()) { SearchResult sr = (SearchResult)results.next(); // should only be one attribute in the attribute set with // one // attribute value as byte array NamingEnumeration enumeration = ((Attribute)(sr .getAttributes().getAll().next())).getAll(); while (enumeration.hasMore()) { Object o = enumeration.next(); set.add(o); } } } } catch (Exception e) { throw new CertStoreException( "Error getting results from LDAP directory " + e); } finally { try { if (null != ctx) { ctx.close(); } } catch (Exception e) { } } return set; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -