@Override public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { for (Object o : keyInfo.getContent()) { if (o instanceof X509Data) { for (Object o2 : ((X509Data) o).getContent()) { if (o2 instanceof X509Certificate) { final X509Certificate cert = (X509Certificate) o2; return new KeySelectorResult() { public Key getKey() { return cert.getPublicKey(); } }; } } } } return null; }
@Test() public void select_x509Data_empty() throws Exception { // given KeyInfo keyinfo = mock(KeyInfo.class); ArrayList<XMLStructure> list = new ArrayList<XMLStructure>(); X509Data x509Data = mock(X509Data.class); list.add(x509Data); doReturn(list).when(keyinfo).getContent(); doReturn(new ArrayList<Object>()).when(x509Data).getContent(); // when try { selector.select(keyinfo, null, null, null); fail(); } catch (KeySelectorException e) { assertTrue(e.getMessage().contains("No X509Data element found.")); } }
@Test() public void select_x509Data_noCertificate() throws Exception { // given KeyInfo keyinfo = mock(KeyInfo.class); ArrayList<XMLStructure> list = new ArrayList<XMLStructure>(); X509Data x509Data = mock(X509Data.class); list.add(x509Data); doReturn(list).when(keyinfo).getContent(); ArrayList<Object> x509DataContent = new ArrayList<Object>(); x509DataContent.add(new String()); doReturn(x509DataContent).when(x509Data).getContent(); // when try { selector.select(keyinfo, null, null, null); fail(); } catch (KeySelectorException e) { assertTrue(e.getMessage().contains("No X509Data element found.")); } }
@Test() public void select_publicKey_exception() throws Exception { // given selector = spy(new X509KeySelector(keystore)); KeyInfo keyinfo = mock(KeyInfo.class); ArrayList<XMLStructure> list = new ArrayList<XMLStructure>(); X509Data x509Data = mock(X509Data.class); list.add(x509Data); doReturn(list).when(keyinfo).getContent(); ArrayList<Object> x509DataContent = new ArrayList<Object>(); x509DataContent.add(mock(X509Certificate.class)); doReturn(x509DataContent).when(x509Data).getContent(); doThrow(new KeyStoreException("key exception")).when(selector) .getPublicKeyFromKeystore(any(X509Certificate.class), any(SignatureMethod.class)); // when try { selector.select(keyinfo, null, null, null); fail(); } catch (KeySelectorException e) { assertTrue(e.getCause().getMessage().contains("key exception")); } }
public static void marshal(XmlWriter xwriter, X509Data x509Data, String dsPrefix, XMLCryptoContext context) throws MarshalException { xwriter.writeStartElement(dsPrefix, "X509Data", XMLSignature.XMLNS); @SuppressWarnings("unchecked") List<Object> content = x509Data.getContent(); // append children and preserve order for (int i = 0, size = content.size(); i < size; i++) { Object object = content.get(i); if (object instanceof X509Certificate) { marshalCert(xwriter, (X509Certificate) object,dsPrefix); } else if (object instanceof XMLStructure) { xwriter.marshalStructure((XMLStructure) object, dsPrefix, context); } else if (object instanceof byte[]) { marshalSKI(xwriter, (byte[]) object, dsPrefix); } else if (object instanceof String) { marshalSubjectName(xwriter, (String) object, dsPrefix); } else if (object instanceof X509CRL) { marshalCRL(xwriter, (X509CRL) object, dsPrefix); } } xwriter.writeEndElement(); // "X509Data" }
private static void loadCertificates(XMLSignatureFactory signatureFactory) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, NoSuchProviderException, CertificateException, IOException, CertificadoException { Certificado certificado = configuracoesNfe.getCertificado(); KeyStore.PrivateKeyEntry pkEntry = null; KeyStore keyStore = CertificadoService.getKeyStore(certificado); pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(certificado.getNome(), new KeyStore.PasswordProtection(certificado.getSenha().toCharArray())); privateKey = pkEntry.getPrivateKey(); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); List<X509Certificate> x509Content = new ArrayList<X509Certificate>(); x509Content.add(CertificadoService.getCertificate(certificado, keyStore)); X509Data x509Data = keyInfoFactory.newX509Data(x509Content); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data)); }
@Override public KeySelectorResult select(final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context) throws KeySelectorException { for (final Object object : keyInfo.getContent()) { final XMLStructure info = (XMLStructure) object; if (info instanceof X509Data) { final X509Data x509Data = (X509Data) info; for (final Object certificado : x509Data.getContent()) { if (certificado instanceof X509Certificate) { final X509Certificate x509Certificate = (X509Certificate) certificado; if (this.algEquals(method.getAlgorithm(), x509Certificate.getPublicKey().getAlgorithm())) { return new KeySelectorResult() { @Override public Key getKey() { return x509Certificate.getPublicKey(); } }; } } } } } throw new KeySelectorException("N\u00e3o foi localizada a chave do certificado."); }
@Override public boolean isSignatureTrusted(XMLSignature signature, String issuer) throws KeyStoreException, InvalidAlgorithmParameterException, CertificateException, NoSuchAlgorithmException { X509Certificate certificate = null; @SuppressWarnings("unchecked") List<XMLStructure> keyInfoContext = signature.getKeyInfo().getContent(); for (XMLStructure xmlStructure : keyInfoContext) { if (xmlStructure instanceof X509Data) { X509Data xd = (X509Data) xmlStructure; @SuppressWarnings("unchecked") Iterator<Object> data = xd.getContent().iterator(); while (data.hasNext()) { Object nextElement = data.next(); if (nextElement instanceof X509Certificate) { certificate = (X509Certificate) nextElement; break; } } } } return isCertificateTrusted(issuer, certificate); }
@Override public KeySelectorResult select(final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context) throws KeySelectorException { for (final Object object : keyInfo.getContent()) { final XMLStructure info = (XMLStructure) object; if (info instanceof X509Data) { final X509Data x509Data = (X509Data) info; for (final Object certificado : x509Data.getContent()) { if (certificado instanceof X509Certificate) { final X509Certificate x509Certificate = (X509Certificate) certificado; if (this.algEquals(method.getAlgorithm(), x509Certificate.getPublicKey().getAlgorithm())) { return new KeySelectorResult() { @Override public Key getKey() { return x509Certificate.getPublicKey(); } }; } } } } } throw new KeySelectorException("Nao foi localizada a chave do certificado."); }
public synchronized void sign() throws MarshalException, XMLSignatureException, KeyException { if (this.document == null) throw new RuntimeException("Can't sign a NULL document"); Reference reference = this.signatureFactory.newReference( referenceUri, this.digestMethod, this.transformList, null, null); SignedInfo signedInfo = this.signatureFactory.newSignedInfo( this.canonicalizationMethod, this.signatureMethod, Collections.singletonList(reference)); // Create the KeyInfo containing the X509Data. X509Data xd = this.keyInfoFactory.newX509Data( Collections.singletonList(this.certificateWithKey.certificate)); KeyInfo keyInfo = this.keyInfoFactory.newKeyInfo(Collections.singletonList(xd)); XMLSignature signature = this.signatureFactory.newXMLSignature( signedInfo, keyInfo); DOMSignContext signingContext = new DOMSignContext( this.certificateWithKey.privateKey, document.getDocumentElement()); signature.sign(signingContext); }
@Override public KeySelectorResult select ( final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context ) throws KeySelectorException { if ( keyInfo == null ) { throw new KeySelectorException ( "Null KeyInfo object!" ); } final SignatureMethod sm = (SignatureMethod)method; final List<?> list = keyInfo.getContent (); for ( final Object l : list ) { final XMLStructure xmlStructure = (XMLStructure)l; if ( xmlStructure instanceof X509Data ) { for ( final Object o : ( (X509Data)xmlStructure ).getContent () ) { KeySelectorResult result = null; if ( o instanceof X509Certificate ) { result = findPublicKey ( (X509Certificate)o, sm ); } if ( result != null ) { return result; } } } } throw new KeySelectorException ( "No KeyValue element found!" ); }
@Override public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) { throw new KeySelectorException("Null KeyInfo object!"); } @SuppressWarnings("unchecked") List<XMLStructure> list = keyInfo.getContent(); for (XMLStructure xmlStructure : list) { if (xmlStructure instanceof X509Data) { X509Data x509Data = (X509Data) xmlStructure; @SuppressWarnings("rawtypes") List content = x509Data.getContent(); for (int i = 0; i < content.size(); i++) { Object x509Content = content.get(i); if (x509Content instanceof X509Certificate) { X509Certificate certificate = (X509Certificate) x509Content; try { return getPublicKeyFromKeystore(certificate, (SignatureMethod) algorithmMethod); } catch (KeyStoreException e) { throw new KeySelectorException(e); } } } } } throw new KeySelectorException("No X509Data element found."); }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (!(o instanceof X509Data)) { return false; } X509Data oxd = (X509Data)o; @SuppressWarnings("unchecked") List<Object> ocontent = oxd.getContent(); int size = content.size(); if (size != ocontent.size()) { return false; } for (int i = 0; i < size; i++) { Object x = content.get(i); Object ox = ocontent.get(i); if (x instanceof byte[]) { if (!(ox instanceof byte[]) || !Arrays.equals((byte[])x, (byte[])ox)) { return false; } } else { if (!(x.equals(ox))) { return false; } } } return true; }
private static void loadCertificates(XMLSignatureFactory signatureFactory) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, NoSuchProviderException, CertificateException, IOException, CertificadoException { Certificado certificado = configuracoesCte.getCertificado(); KeyStore keyStore = CertificadoService.getKeyStore(certificado); KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(certificado.getNome(), new KeyStore.PasswordProtection(certificado.getSenha().toCharArray())); privateKey = pkEntry.getPrivateKey(); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); List<X509Certificate> x509Content = new ArrayList<X509Certificate>(); x509Content.add(CertificadoService.getCertificate(certificado, keyStore)); X509Data x509Data = keyInfoFactory.newX509Data(x509Content); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data)); }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (!(o instanceof X509Data)) { return false; } X509Data oxd = (X509Data)o; List<?> ocontent = oxd.getContent(); int size = content.size(); if (size != ocontent.size()) { return false; } for (int i = 0; i < size; i++) { Object x = content.get(i); Object ox = ocontent.get(i); if (x instanceof byte[]) { if (!(ox instanceof byte[]) || !Arrays.equals((byte[])x, (byte[])ox)) { return false; } } else { if (!(x.equals(ox))) { return false; } } } return true; }
public String assinarDocumento(final String conteudoXml) throws Exception { final KeyStore keyStore = KeyStore.getInstance("PKCS12"); try (InputStream certificadoStream = new ByteArrayInputStream(this.config.getCertificado())) { keyStore.load(certificadoStream, this.config.getCertificadoSenha().toCharArray()); } final KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStore.aliases().nextElement(), new KeyStore.PasswordProtection(this.config.getCertificadoSenha().toCharArray())); final XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM"); final List<Transform> transforms = new ArrayList<>(2); transforms.add(signatureFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); transforms.add(signatureFactory.newTransform(AssinaturaDigital.C14N_TRANSFORM_METHOD, (TransformParameterSpec) null)); final KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); final X509Data x509Data = keyInfoFactory.newX509Data(Collections.singletonList((X509Certificate) keyEntry.getCertificate())); final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data)); final DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); try (StringReader stringReader = new StringReader(conteudoXml)) { final Document document = documentBuilderFactory.newDocumentBuilder().parse(new InputSource(stringReader)); for (final String elementoAssinavel : AssinaturaDigital.ELEMENTOS_ASSINAVEIS) { final NodeList elements = document.getElementsByTagName(elementoAssinavel); for (int i = 0; i < elements.getLength(); i++) { final Element element = (Element) elements.item(i); final String id = element.getAttribute("Id"); element.setIdAttribute("Id", true); final Reference reference = signatureFactory.newReference("#" + id, signatureFactory.newDigestMethod(DigestMethod.SHA1, null), transforms, null, null); final SignedInfo signedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference)); final XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(new DOMSignContext(keyEntry.getPrivateKey(), element.getParentNode())); } } return this.converteDocumentParaXml(document); } }
private static X509Certificate extractCertificate(XMLSignature signature) { LOG.debug("Extracting certificate from XML signature..."); X509Certificate certificate = null; for (Object o1 : signature.getKeyInfo().getContent()) { XMLStructure info = (XMLStructure) o1; if (!(info instanceof X509Data)) { continue; } X509Data x509Data = (X509Data) info; for (Object o : x509Data.getContent()) { if (o instanceof X509Certificate) { certificate = (X509Certificate) o; break; } } // Do not keep on searching if the certificate has been found if (certificate != null) { break; } } LOG.debug("Certificate found in XML signature: {}", certificate); return certificate; }
/** * Attempts to find a key that satisfies the specified constraints. it's the * first public key contained in X509 certificate that match the authorized * signature methods. * * @param keyInfo KeyInfo of the document * @param context Crypto context * @param method Algorithm * @param purpose Purpose * @return A key that satisfies the constraints * @throws KeySelectorException Thrown when no keys are found in the document */ @SuppressWarnings("rawtypes") @Override public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { for (Object o1 : keyInfo.getContent()) { XMLStructure info = (XMLStructure) o1; if (!(info instanceof X509Data)) { continue; } X509Data x509Data = (X509Data) info; for (Object o : x509Data.getContent()) { if (!(o instanceof X509Certificate)) { continue; } final PublicKey publicKey = ((X509Certificate) o).getPublicKey(); return () -> publicKey; } } throw new KeySelectorException("No key found!"); }
private KeyInfo createKeyInfo(KeyInfoFactory kif) throws Exception { X509Certificate[] chain = getCertificateChain(); if (chain == null) { return null; } X509Data x509D = kif.newX509Data(Arrays.asList(chain)); return kif.newKeyInfo(Collections.singletonList(x509D), "_" + UUID.randomUUID().toString()); }
@Override public KeySelectorResult select(final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) { throw new KeySelectorException("null KeyInfo"); } List<?> list = keyInfo.getContent(); for (int i = 0; i < list.size(); i++) { XMLStructure xmlStructure = (XMLStructure) list.get(i); PublicKey pk = null; if (xmlStructure instanceof KeyValue) { try { pk = ((KeyValue)xmlStructure).getPublicKey(); } catch (KeyException ke) { throw new KeySelectorException(ke); } } else if (xmlStructure instanceof X509Data) { List<sun.security.x509.X509CertImpl> certs = ((X509Data)xmlStructure).getContent(); pk = certs.get(0).getPublicKey(); } else { log.error(xmlStructure + " not supported"); continue; } return new SimpleKeySelectorResult(pk); } throw new KeySelectorException("No supported KeyValue element found"); }
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { @SuppressWarnings("rawtypes") Iterator ki = keyInfo.getContent().iterator(); while (ki.hasNext()) { XMLStructure info = (XMLStructure) ki.next(); if (!(info instanceof X509Data)) continue; X509Data x509Data = (X509Data) info; @SuppressWarnings("rawtypes") Iterator xi = x509Data.getContent().iterator(); while (xi.hasNext()) { Object o = xi.next(); if (!(o instanceof X509Certificate)) continue; final PublicKey key = ((X509Certificate)o).getPublicKey(); // Make sure the algorithm is compatible // with the method. if (algEquals(method.getAlgorithm(), key.getAlgorithm())) { return new KeySelectorResult() { public Key getKey() { return key; } }; } } } throw new KeySelectorException("No key found!"); }
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) throw new KeySelectorException("Null KeyInfo"); List<?> list = keyInfo.getContent(); PublicKey pk = null; for (int i = 0; i < list.size(); i++) { XMLStructure xmlStructure = (XMLStructure) list.get(i); if (xmlStructure instanceof KeyValue) { try { pk = ((KeyValue)xmlStructure).getPublicKey(); } catch(KeyException ke) { throw new KeySelectorException(ke.getMessage()); } break; } else if (xmlStructure instanceof X509Data) { X509Data x509data = (X509Data)xmlStructure; List<?> x509datalist = x509data.getContent(); for (int j = 0; j < x509datalist.size(); j++) { if (x509datalist.get(j) instanceof X509Certificate) { X509Certificate cert = (X509Certificate)x509datalist.get(j); pk = cert.getPublicKey(); break; } } } } if (pk != null) { final PublicKey retpk = pk; logger.debug("PublicKey from XML=" + pk); return new KeySelectorResult() {public Key getKey(){return retpk;}}; } throw new KeySelectorException("Missing KeyValue"); }
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { Iterator ki = keyInfo.getContent().iterator(); while (ki.hasNext()) { XMLStructure info = (XMLStructure) ki.next(); if (!(info instanceof X509Data)) continue; X509Data x509Data = (X509Data) info; Iterator xi = x509Data.getContent().iterator(); while (xi.hasNext()) { Object o = xi.next(); if (!(o instanceof X509Certificate)) continue; final PublicKey key = ((X509Certificate) o).getPublicKey(); // Make sure the algorithm is compatible // with the method. if (algEquals(method.getAlgorithm(), key.getAlgorithm())) { return new KeySelectorResult() { public Key getKey() { return key; } }; } } } throw new KeySelectorException("No key found!"); }
public <T extends Node> T sign(T node) { checkNotNull(node); checkArgument(node instanceof Document || node instanceof Element); try { Element element = node instanceof Document ? ((Document) node).getDocumentElement() : (Element) node; DOMSignContext dsc = new DOMSignContext(privateKey, element); XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM"); List<Transform> transformList = new LinkedList<>(); transformList.add(signatureFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); transformList.add(signatureFactory.newTransform(C14N_TRANSFORM_METHOD, (TransformParameterSpec) null)); Node child = findFirstElementChild(element); ((Element) child).setIdAttribute("Id", true); String id = child.getAttributes().getNamedItem("Id").getNodeValue(); String uri = String.format("#%s", id); Reference reference = signatureFactory.newReference(uri, signatureFactory.newDigestMethod(DigestMethod.SHA1, null), transformList, null, null); SignedInfo signedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), signatureFactory .newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference)); KeyInfoFactory kif = signatureFactory.getKeyInfoFactory(); X509Data x509Data = kif.newX509Data(Collections.singletonList(certificateChain[0])); KeyInfo keyInfo = kif.newKeyInfo(Collections.singletonList(x509Data)); XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, keyInfo); xmlSignature.sign(dsc); return node; } catch (Exception ex) { throw new IllegalArgumentException("Erro ao assinar XML.", ex); } }
@Override public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { @SuppressWarnings("unchecked") Iterator<XMLStructure> ki = keyInfo.getContent().iterator(); while (ki.hasNext()) { XMLStructure info = ki.next(); if (info instanceof X509Data) { X509Data x509Data = (X509Data) info; @SuppressWarnings("unchecked") Iterator<Object> xi = x509Data.getContent().iterator(); while (xi.hasNext()) { Object o = xi.next(); if (!(o instanceof X509Certificate)) continue; final PublicKey key = ((X509Certificate) o).getPublicKey(); if (algEquals(method.getAlgorithm(), key.getAlgorithm())) { return new KeySelectorResult() { @Override public Key getKey() { return key; } }; } } } } throw new KeySelectorException("No KeyValue element found!"); }
public KeySelectorResult select( KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context ) throws KeySelectorException { Iterator ki = keyInfo.getContent().iterator(); while ( ki.hasNext() ) { XMLStructure info = (XMLStructure) ki.next(); if ( !( info instanceof X509Data ) ) { continue; } X509Data x509Data = (X509Data) info; Iterator xi = x509Data.getContent().iterator(); while ( xi.hasNext() ) { Object o = xi.next(); if ( !( o instanceof X509Certificate ) ) { continue; } final PublicKey key = ( (X509Certificate) o ).getPublicKey(); // Make sure the algorithm is compatible // with the method. if ( algEquals( method.getAlgorithm(), key.getAlgorithm() ) ) { return new KeySelectorResult() { public Key getKey() { return key; } }; } } } throw new KeySelectorException( "No key found!" ); }
public boolean equals(Object o) { if (this == o) { return true; } if (!(o instanceof X509Data)) { return false; } X509Data oxd = (X509Data) o; List ocontent = oxd.getContent(); int size = content.size(); if (size != ocontent.size()) { return false; } for (int i = 0; i < size; i++) { Object x = content.get(i); Object ox = ocontent.get(i); if (x instanceof byte[]) { if (!(ox instanceof byte[]) || !Arrays.equals((byte[]) x, (byte[]) ox)) { return false; } } else { if (!(x.equals(ox))) { return false; } } } return true; }
@Override @Nonnull public KeySelectorResult select (@Nonnull final KeyInfo aKeyInfo, final KeySelector.Purpose aPurpose, @Nonnull final AlgorithmMethod aMethod, final XMLCryptoContext aContext) throws KeySelectorException { for (final Object aKeyInfoElement : aKeyInfo.getContent ()) { final XMLStructure aXMLStructure = (XMLStructure) aKeyInfoElement; if (aXMLStructure instanceof X509Data) { // We found a certificate final X509Data x509Data = (X509Data) aXMLStructure; for (final Object aX509Element : x509Data.getContent ()) { if (aX509Element instanceof X509Certificate) { final X509Certificate aCert = (X509Certificate) aX509Element; final PublicKey aPublicKey = aCert.getPublicKey (); // Make sure the algorithm is compatible // with the method. if (algorithmEquals (aMethod.getAlgorithm (), aPublicKey.getAlgorithm ())) return new ConstantKeySelectorResult (aPublicKey); } } } } throw new KeySelectorException ("No key found!"); }
