pdfbox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From til...@apache.org
Subject svn commit: r1847963 - /pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
Date Sun, 02 Dec 2018 11:09:02 GMT
Author: tilman
Date: Sun Dec  2 11:09:02 2018
New Revision: 1847963

URL: http://svn.apache.org/viewvc?rev=1847963&view=rev
Log:
PDFBOX-3017: simplify code by using return instead of break

Modified:
    pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java

Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java?rev=1847963&r1=1847962&r2=1847963&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
(original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/cert/OcspHelper.java
Sun Dec  2 11:09:02 2018
@@ -266,6 +266,7 @@ public class OcspHelper
                 try
                 {
                     ocspResponderCertificate = certificateConverter.getCertificate(certHolder);
+                    return;
                 }
                 catch (CertificateException ex)
                 {
@@ -275,30 +276,28 @@ public class OcspHelper
                 break;
             }
         }
-        if (ocspResponderCertificate == null)
+
+        // DO NOT use the certificate found in additionalCerts first. One file had a
+        // responder certificate in the PDF itself with SHA1withRSA algorithm, but
+        // the responder delivered a different (newer, more secure) certificate
+        // with SHA256withRSA (tried with QV_RCA1_RCA3_CPCPS_V4_11.pdf)
+        // https://www.quovadisglobal.com/~/media/Files/Repository/QV_RCA1_RCA3_CPCPS_V4_11.ashx
+        for (X509Certificate cert : additionalCerts)
         {
-            // DO NOT use the certificate found in additionalCerts first. One file had a
-            // responder certificate in the PDF itself with SHA1withRSA algorithm, but
-            // the responder delivered a different (newer, more secure) certificate
-            // with SHA256withRSA (tried with QV_RCA1_RCA3_CPCPS_V4_11.pdf)
-            // https://www.quovadisglobal.com/~/media/Files/Repository/QV_RCA1_RCA3_CPCPS_V4_11.ashx
-            for (X509Certificate cert : additionalCerts)
+            try
             {
-                try
-                {
-                    byte[] digest = getKeyHashFromCertHolder(new X509CertificateHolder(cert.getEncoded()));
-                    if (Arrays.equals(keyHash, digest))
-                    {
-                        ocspResponderCertificate = cert;
-                        break;
-                    }
-                }
-                catch (CertificateException ex)
+                byte[] digest = getKeyHashFromCertHolder(new X509CertificateHolder(cert.getEncoded()));
+                if (Arrays.equals(keyHash, digest))
                 {
-                    // unlikely to happen because the certificate existed as an object
-                    LOG.error(ex, ex);
+                    ocspResponderCertificate = cert;
+                    return;
                 }
             }
+            catch (CertificateException ex)
+            {
+                // unlikely to happen because the certificate existed as an object
+                LOG.error(ex, ex);
+            }
         }
     }
 
@@ -312,30 +311,28 @@ public class OcspHelper
                 try
                 {
                     ocspResponderCertificate = certificateConverter.getCertificate(certHolder);
+                    return;
                 }
                 catch (CertificateException ex)
                 {
                     // unlikely to happen because the certificate existed as an object
                     LOG.error(ex, ex);
                 }
-                break;
             }
         }
-        if (ocspResponderCertificate == null)
+
+        // DO NOT use the certificate found in additionalCerts first. One file had a
+        // responder certificate in the PDF itself with SHA1withRSA algorithm, but
+        // the responder delivered a different (newer, more secure) certificate
+        // with SHA256withRSA (tried with QV_RCA1_RCA3_CPCPS_V4_11.pdf)
+        // https://www.quovadisglobal.com/~/media/Files/Repository/QV_RCA1_RCA3_CPCPS_V4_11.ashx
+        for (X509Certificate cert : additionalCerts)
         {
-            // DO NOT use the certificate found in additionalCerts first. One file had a
-            // responder certificate in the PDF itself with SHA1withRSA algorithm, but
-            // the responder delivered a different (newer, more secure) certificate
-            // with SHA256withRSA (tried with QV_RCA1_RCA3_CPCPS_V4_11.pdf)
-            // https://www.quovadisglobal.com/~/media/Files/Repository/QV_RCA1_RCA3_CPCPS_V4_11.ashx
-            for (X509Certificate cert : additionalCerts)
+            X500Name certSubjectName = new X500Name(cert.getSubjectX500Principal().getName());
+            if (certSubjectName.equals(name))
             {
-                X500Name certSubjectName = new X500Name(cert.getSubjectX500Principal().getName());
-                if (certSubjectName.equals(name))
-                {
-                    ocspResponderCertificate = cert;
-                    break;
-                }
+                ocspResponderCertificate = cert;
+                return;
             }
         }
     }



Mime
View raw message