package at.gv.egovernment.moa.spss.util; import java.io.BufferedInputStream; import java.io.File; import java.io.FileFilter; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.security.Security; import java.security.cert.CertificateException; import java.util.Arrays; import java.util.Iterator; import java.util.List; import iaik.pkcs.PKCS7CertList; import iaik.pkcs.PKCSParsingException; import iaik.security.provider.IAIK; import iaik.utils.Util; import iaik.x509.X509Certificate; import iaik.xml.crypto.EccProviderAdapter; // Copyright (C) 2011 IAIK // http://jce.iaik.at // // Copyright (C) 2011 Stiftung Secure Information and // Communication Technologies SIC // http://www.sic.st // // All rights reserved. // // This source is provided for inspection purposes and recompilation only, // unless specified differently in a contract with IAIK. This source has to // be kept in strict confidence and must not be disclosed to any third party // under any circumstances. Redistribution in source and binary forms, with // or without modification, are permitted in any case! // // THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE // ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE // FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL // DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS // OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) // HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT // LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY // OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF // SUCH DAMAGE. // // public class CertificateReader { /** * Filter for reading certificate files from a directory. * The filter accepts a file if its name ends with * ".cer", ".der", ".crt" * or ".pem". * * @author Harald Bratko * @author Konrad Lanz */ static class CertificateFileFilter implements FileFilter { /** * Accepts a file if it is not a directory and its name ends with * ".cer", ".der", ".crt" or ".pem". * * @see java.io.FileFilter#accept(java.io.File) */ public boolean accept(File file) { String name = file.getName(); if (name.endsWith(".der") || name.endsWith(".cer") || name.endsWith(".crt") || name.endsWith(".pem")) { return true; } else { return false; } } } /** * Reads the certificates from the given directory and * returns the certificates as sorted list (end user certificate first). * @param directory * @return * @throws IOException * @throws FileNotFoundException * @throws CertificateException * @throws Exception */ public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ File file = new File(directory); File[] certificateFiles = file.listFiles(new CertificateFileFilter()); int l = certificateFiles.length; X509Certificate[] certs = new X509Certificate[l]; for (int i=0; i readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ return Arrays.asList(readCertificatesIntoArray(directory)); } public static void main(String[] args) { try { IAIK.addAsJDK14Provider(); //IAIK.addAsProvider(); //Security.addProvider(new IAIK()); // install ECC provider Security.addProvider(EccProviderAdapter.getEccProvider()); String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; List l = readCertificates(dir); Iterator it = l.iterator(); while (it.hasNext()) { System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); } } catch (Exception e) { e.printStackTrace(); System.exit(1); } } public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { PKCS7CertList p7certList = new PKCS7CertList( new BufferedInputStream( new FileInputStream( path ) ) ); return p7certList.getCertificateList(); } }