if (crls != null) { for (CertificateList crl : crls) { result.add(new X509CRLImpl(crl));
retrieveEntries(); if (certIssuer.equals(getIssuerX500Principal())) {
/** * @see java.security.cert.CRL#isRevoked(Certificate) * method documentation for more info */ public boolean isRevoked(Certificate cert) { if (!(cert instanceof X509Certificate)) { return false; } return getRevokedCertificate((X509Certificate) cert) != null; }
/** * @see java.security.cert.X509CRL#getRevokedCertificates() * method documentation for more info */ public Set<? extends X509CRLEntry> getRevokedCertificates() { if (!entriesRetrieved) { retrieveEntries(); } if (entries == null) { return null; } return new HashSet(entries); }
/** * @see java.security.cert.X509CRL#verify(PublicKey key) * method documentation for more info */ public void verify(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = Signature.getInstance(getSigAlgName()); signature.initVerify(key); byte[] tbsEncoding = tbsCertList.getEncoded(); signature.update(tbsEncoding, 0, tbsEncoding.length); if (!signature.verify(crl.getSignatureValue())) { throw new SignatureException("Signature was not verified"); } }
/** * Method searches for CRL entry with specified serial number. * The method will search only certificate issued by CRL's issuer. * @see java.security.cert.X509CRL#getRevokedCertificate(BigInteger) * method documentation for more info */ public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) { if (!entriesRetrieved) { retrieveEntries(); } if (entries == null) { return null; } for (int i=0; i<nonIndirectEntriesSize; i++) { X509CRLEntry entry = (X509CRLEntry) entries.get(i); if (serialNumber.equals(entry.getSerialNumber())) { return entry; } } return null; }
/** * @see java.security.cert.X509CRL#verify(PublicKey key, String sigProvider) * method documentation for more info */ public void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = Signature.getInstance( getSigAlgName(), sigProvider); signature.initVerify(key); byte[] tbsEncoding = tbsCertList.getEncoded(); signature.update(tbsEncoding, 0, tbsEncoding.length); if (!signature.verify(crl.getSignatureValue())) { throw new SignatureException("Signature was not verified"); } }
retrieveEntries(); if (certIssuer.equals(getIssuerX500Principal())) {
return res; res = new X509CRLImpl(encoding); CRL_CACHE.put(hash, encoding, res); return res; } else { X509CRL res = new X509CRLImpl(inStream); CRL_CACHE.put(hash, res.getEncoded(), res); return res;
/** * @see java.security.cert.X509CRL#getRevokedCertificates() * method documentation for more info */ public Set<? extends X509CRLEntry> getRevokedCertificates() { if (!entriesRetrieved) { retrieveEntries(); } if (entries == null) { return null; } return new HashSet(entries); }
/** * @see java.security.cert.X509CRL#verify(PublicKey key) * method documentation for more info */ public void verify(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = Signature.getInstance(getSigAlgName()); signature.initVerify(key); byte[] tbsEncoding = tbsCertList.getEncoded(); signature.update(tbsEncoding, 0, tbsEncoding.length); if (!signature.verify(crl.getSignatureValue())) { throw new SignatureException("Signature was not verified"); } }
/** * @see java.security.cert.CRL#isRevoked(Certificate) * method documentation for more info */ public boolean isRevoked(Certificate cert) { if (!(cert instanceof X509Certificate)) { return false; } return getRevokedCertificate((X509Certificate) cert) != null; }
retrieveEntries(); if (certIssuer.equals(getIssuerX500Principal())) {
/** * Returns the CRL object corresponding to the provided encoding. * Resulting object is retrieved from the cache * if it contains such correspondence * and is constructed on the base of encoding * and stored in the cache otherwise. * @throws IOException if some decoding errors occur * (in the case of cache miss). */ private static CRL getCRL(byte[] encoding) throws CRLException, IOException { if (encoding.length < CRL_CACHE_SEED_LENGTH) { throw new CRLException("encoding.length < CRL_CACHE_SEED_LENGTH"); } synchronized (CRL_CACHE) { long hash = CRL_CACHE.getHash(encoding); if (CRL_CACHE.contains(hash)) { X509CRL res = (X509CRL) CRL_CACHE.get(hash, encoding); if (res != null) { return res; } } X509CRL res = new X509CRLImpl(encoding); CRL_CACHE.put(hash, encoding, res); return res; } }
/** * @see java.security.cert.X509CRL#getRevokedCertificates() * method documentation for more info */ public Set<? extends X509CRLEntry> getRevokedCertificates() { if (!entriesRetrieved) { retrieveEntries(); } if (entries == null) { return null; } return new HashSet(entries); }
/** * @see java.security.cert.X509CRL#verify(PublicKey key, String sigProvider) * method documentation for more info */ public void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = Signature.getInstance( getSigAlgName(), sigProvider); signature.initVerify(key); byte[] tbsEncoding = tbsCertList.getEncoded(); signature.update(tbsEncoding, 0, tbsEncoding.length); if (!signature.verify(crl.getSignatureValue())) { throw new SignatureException("Signature was not verified"); } }
/** * @see java.security.cert.CRL#isRevoked(Certificate) * method documentation for more info */ public boolean isRevoked(Certificate cert) { if (!(cert instanceof X509Certificate)) { return false; } return getRevokedCertificate((X509Certificate) cert) != null; }
retrieveEntries(); if (certIssuer.equals(getIssuerX500Principal())) {
if (crls != null) { for (CertificateList crl : crls) { result.add(new X509CRLImpl(crl));
/** * @see java.security.cert.X509CRL#getRevokedCertificates() * method documentation for more info */ public Set<? extends X509CRLEntry> getRevokedCertificates() { if (!entriesRetrieved) { retrieveEntries(); } if (entries == null) { return null; } return new HashSet(entries); }