@Override protected Object getDecodedObject(BerInputStream in) throws IOException { Object[] values = (Object[]) in.content; return new TBSCertList( (values[0] == null) ? 1 : ASN1Integer.toIntValue(values[0])+1, (AlgorithmIdentifier) values[1], (Name) values[2], (Date) values[3], (Date) values[4], (List<RevokedCertificate>) values[5], (Extensions) values[6], in.getEncoded() ); }
@Override public String toString() { StringBuilder result = new StringBuilder(); tbsCertList.dumpValue(result); result.append("\nSignature Value:\n"); result.append(Array.toString(signatureValue, "")); return result.toString(); }
/** * Creates X.509 CRL by wrapping of the specified CertificateList object. */ public X509CRLImpl(CertificateList crl) { this.crl = crl; this.tbsCertList = crl.getTbsCertList(); this.extensions = tbsCertList.getCrlExtensions(); }
/** * @see java.security.cert.X509CRL#getTBSCertList() * method documentation for more info */ public byte[] getTBSCertList() throws CRLException { if (tbsCertListEncoding == null) { tbsCertListEncoding = tbsCertList.getEncoded(); } byte[] result = new byte[tbsCertListEncoding.length]; System.arraycopy(tbsCertListEncoding, 0, result, 0, tbsCertListEncoding.length); return result; }
/** * @see java.security.cert.X509CRL#getSigAlgParams() * method documentation for more info */ public byte[] getSigAlgParams() { if (nullSigAlgParams) { return null; } if (sigAlgParams == null) { sigAlgParams = tbsCertList.getSignature().getParameters(); if (sigAlgParams == null) { nullSigAlgParams = true; return null; } } return sigAlgParams; }
/** * @see java.security.cert.X509CRL#getIssuerDN() * method documentation for more info */ public Principal getIssuerDN() { if (issuer == null) { issuer = tbsCertList.getIssuer().getX500Principal(); } return issuer; }
/** * @see java.security.cert.X509CRL#getNextUpdate() * method documentation for more info */ public Date getNextUpdate() { return tbsCertList.getNextUpdate(); }
/** * @see java.security.cert.X509CRL#getVersion() * method documentation for more info */ public int getVersion() { return tbsCertList.getVersion(); }
/** * @see java.security.cert.X509CRL#getThisUpdate() * method documentation for more info */ public Date getThisUpdate() { return tbsCertList.getThisUpdate(); }
private void retrieveEntries() { entriesRetrieved = true; List rcerts = tbsCertList.getRevokedCertificates(); if (rcerts == null) { return; } entriesSize = rcerts.size(); entries = new ArrayList(entriesSize); // null means that revoked certificate issuer is the same as CRL issuer X500Principal rcertIssuer = null; for (int i=0; i<entriesSize; i++) { TBSCertList.RevokedCertificate rcert = (TBSCertList.RevokedCertificate) rcerts.get(i); X500Principal iss = rcert.getIssuer(); if (iss != null) { // certificate issuer differs from CRL issuer // and CRL is indirect. rcertIssuer = iss; isIndirectCRL = true; // remember how many leading revoked certificates in the // list are issued by the same issuer as issuer of CRL // (these certificates are first in the list) nonIndirectEntriesSize = i; } entries.add(new X509CRLEntryImpl(rcert, rcertIssuer)); } }
/** * @see java.security.cert.X509CRL#verify(PublicKey key) * method documentation for more info */ public void verify(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = Signature.getInstance(getSigAlgName()); signature.initVerify(key); byte[] tbsEncoding = tbsCertList.getEncoded(); signature.update(tbsEncoding, 0, tbsEncoding.length); if (!signature.verify(crl.getSignatureValue())) { throw new SignatureException("Signature was not verified"); } }
/** * @see java.security.cert.X509CRL#getSigAlgName() * method documentation for more info */ public String getSigAlgName() { if (sigAlgOID == null) { sigAlgOID = tbsCertList.getSignature().getAlgorithm(); sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); if (sigAlgName == null) { sigAlgName = sigAlgOID; } } return sigAlgName; }
/** * @see java.security.cert.X509CRL#getIssuerX500Principal() * method documentation for more info */ public X500Principal getIssuerX500Principal() { if (issuer == null) { issuer = tbsCertList.getIssuer().getX500Principal(); } return issuer; }
/** * @see java.security.cert.X509CRL#getNextUpdate() * method documentation for more info */ public Date getNextUpdate() { return tbsCertList.getNextUpdate(); }
/** * @see java.security.cert.X509CRL#getVersion() * method documentation for more info */ public int getVersion() { return tbsCertList.getVersion(); }
/** * @see java.security.cert.X509CRL#getThisUpdate() * method documentation for more info */ public Date getThisUpdate() { return tbsCertList.getThisUpdate(); }
private void retrieveEntries() { entriesRetrieved = true; List rcerts = tbsCertList.getRevokedCertificates(); if (rcerts == null) { return; } entriesSize = rcerts.size(); entries = new ArrayList(entriesSize); // null means that revoked certificate issuer is the same as CRL issuer X500Principal rcertIssuer = null; for (int i=0; i<entriesSize; i++) { TBSCertList.RevokedCertificate rcert = (TBSCertList.RevokedCertificate) rcerts.get(i); X500Principal iss = rcert.getIssuer(); if (iss != null) { // certificate issuer differs from CRL issuer // and CRL is indirect. rcertIssuer = iss; isIndirectCRL = true; // remember how many leading revoked certificates in the // list are issued by the same issuer as issuer of CRL // (these certificates are first in the list) nonIndirectEntriesSize = i; } entries.add(new X509CRLEntryImpl(rcert, rcertIssuer)); } }
/** * @see java.security.cert.X509CRL#verify(PublicKey key, String sigProvider) * method documentation for more info */ public void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = Signature.getInstance( getSigAlgName(), sigProvider); signature.initVerify(key); byte[] tbsEncoding = tbsCertList.getEncoded(); signature.update(tbsEncoding, 0, tbsEncoding.length); if (!signature.verify(crl.getSignatureValue())) { throw new SignatureException("Signature was not verified"); } }
/** * @see java.security.cert.X509CRL#getSigAlgOID() * method documentation for more info */ public String getSigAlgOID() { if (sigAlgOID == null) { sigAlgOID = tbsCertList.getSignature().getAlgorithm(); sigAlgName = AlgNameMapper.map2AlgName(sigAlgOID); if (sigAlgName == null) { sigAlgName = sigAlgOID; } } return sigAlgOID; }
/** * @see java.security.cert.X509CRL#getIssuerX500Principal() * method documentation for more info */ public X500Principal getIssuerX500Principal() { if (issuer == null) { issuer = tbsCertList.getIssuer().getX500Principal(); } return issuer; }