public void deleteRevokedCertificates()

in taverna-credential-manager-impl/src/main/java/org/apache/taverna/security/credentialmanager/impl/CredentialManagerImpl.java [230:286]

• 41 lines of code
• 9 McCabe index (conditional complexity)

	public void deleteRevokedCertificates(){
		
		if (truststore != null){
			// Delete the old revoked or unnecessary BioCatalogue,
			// BiodiversityCatalogue and heater's certificates, if present
			
			if (certificatesRevokedIndicatorFile == null){
				certificatesRevokedIndicatorFile = new File(credentialManagerDirectory, CERTIFICATES_REVOKED_INDICATOR_FILE_NAME);
			}
			
			if (!certificatesRevokedIndicatorFile.exists()) {
				
				List<URL> certURLsToDelete = new ArrayList<>();
				Class<?> c = CredentialManager.class;
				//certURLsToDelete.add(c.getResource("/trusted-certificates/www.biocatalogue.org-revoked.pem"));
				//certURLsToDelete.add(c.getResource("/trusted-certificates/www.biodiversitycatalogue.org-revoked.pem"));
				//certURLsToDelete.add(c.getResource("/trusted-certificates/heater.cs.man.ac.uk-not-needed.pem"));

				for (URL certURLToDelete : certURLsToDelete){
					try (InputStream certStreamToDelete = certURLToDelete.openStream()) {					
						// We know there will be only one cert in the chain
						CertificateFactory cf = CertificateFactory
								.getInstance("X.509");
						Certificate certToDelete = cf.generateCertificates(certStreamToDelete).toArray(new Certificate[0])[0];
						String aliasToDelete = truststore
								.getCertificateAlias(certToDelete);						
						if (aliasToDelete != null) {
							truststore.deleteEntry(aliasToDelete);
							logger.warn("Deleting revoked/unnecessary certificate "
									+ aliasToDelete);
						}
					} catch (Exception ex) {
						logger.info("Can't delete revoked certificate " + certURLToDelete, ex);
					}
				}
				
				// Touch the file
				try {
					FileUtils
							.touch(certificatesRevokedIndicatorFile);
				} catch (IOException ioex) {
					// Hmmm, ignore this?
					logger.error("Failed to touch " + certificatesRevokedIndicatorFile.getAbsolutePath(), ioex);
				}
			}
			
			//Save changes
			try{
				FileOutputStream fos = new FileOutputStream(truststoreFile);
				truststore.store(fos, masterPassword.toCharArray());
			}
			catch(Exception ex){
				String exMessage = "Failed to save Truststore after deleting revoked certificates.";
				logger.error(exMessage, ex);
			}
		}
	}