private void checkRevoked(X509Certificate[] x509Certificates) throws CertificateException { for (X509Certificate cert : x509Certificates) { for (CRL crl : crls) { if (crl.isRevoked(cert)) { throw new CertificateException("Certificate revoked"); } } } } @Override
private void checkRevoked(X509Certificate[] x509Certificates) throws CertificateException { for (X509Certificate cert : x509Certificates) { for (CRL crl : crls) { if (crl.isRevoked(cert)) { throw new CertificateException("Certificate revoked"); } } } } @Override
/** * Is the certificate revoked? * * @since 0.9.25 */ public static boolean isRevoked(CertStore store, Certificate cert) { try { for (CRL crl : store.getCRLs(null)) { if (crl.isRevoked(cert)) return true; } } catch (GeneralSecurityException gse) {} return false; }
private void checkCRL(X509Certificate[] chain) throws CertificateException { String crl = option.getCrl(); crl = custom.getFullPath(crl); File file = new File(crl); if (!file.exists()) { return; } CRL[] crls = KeyStoreUtil.createCRL(crl); X509Certificate owner = CertificateUtil.findOwner(chain); for (CRL c : crls) { if (c.isRevoked(owner)) { LOG.error("certificate revoked"); throw new CertificateException("certificate revoked"); } } }
private boolean isRevoked(Certificate certificate) { for (Iterator iter = m_manager.getCRLs().iterator(); iter.hasNext();) { if (((CRL) iter.next()).isRevoked(certificate)) { return true; } } return false; }
/** * Verifies a single certificate. * * @param cert the certificate to verify * @param crls the certificate revocation list or <CODE>null</CODE> * @param calendar the date, shall not be null * @return a <CODE>String</CODE> with the error description or <CODE>null</CODE> * if no error */ public static String verifyCertificate(X509Certificate cert, Collection<CRL> crls, Calendar calendar) { if (SignUtils.hasUnsupportedCriticalExtension(cert)) return "Has unsupported critical extension"; try { cert.checkValidity(calendar.getTime()); } catch (Exception e) { return e.getMessage(); } if (crls != null) { for (CRL crl : crls) { if (crl.isRevoked(cert)) return "Certificate revoked"; } } return null; }
/** * Verifies a single certificate. * * @param cert the certificate to verify * @param crls the certificate revocation list or <CODE>null</CODE> * @param calendar the date, shall not be null * @return a <CODE>String</CODE> with the error description or <CODE>null</CODE> * if no error */ public static String verifyCertificate(X509Certificate cert, Collection<CRL> crls, Calendar calendar) { if (SignUtils.hasUnsupportedCriticalExtension(cert)) return "Has unsupported critical extension"; try { cert.checkValidity(calendar.getTime()); } catch (Exception e) { return e.getMessage(); } if (crls != null) { for (CRL crl : crls) { if (crl.isRevoked(cert)) return "Certificate revoked"; } } return null; }
if(crl.isRevoked(certificate))
/** * Verifies a single certificate. * @param cert the certificate to verify * @param crls the certificate revocation list or <CODE>null</CODE> * @param calendar the date or <CODE>null</CODE> for the current date * @return a <CODE>String</CODE> with the error description or <CODE>null</CODE> * if no error */ public static String verifyCertificate(X509Certificate cert, Collection crls, Calendar calendar) { if (calendar == null) calendar = new GregorianCalendar(); if (cert.hasUnsupportedCriticalExtension()) return "Has unsupported critical extension"; try { cert.checkValidity(calendar.getTime()); } catch (Exception e) { return e.getMessage(); } if (crls != null) { for (Iterator it = crls.iterator(); it.hasNext();) { if (((CRL)it.next()).isRevoked(cert)) return "Certificate revoked"; } } return null; }
/** * Verifies a single certificate. * @param cert the certificate to verify * @param crls the certificate revocation list or <CODE>null</CODE> * @param calendar the date or <CODE>null</CODE> for the current date * @return a <CODE>String</CODE> with the error description or <CODE>null</CODE> * if no error */ public static String verifyCertificate(final X509Certificate cert, final Collection crls, Calendar calendar) { if (calendar == null) { calendar = new GregorianCalendar(); } if (cert.hasUnsupportedCriticalExtension()) { return "Has unsupported critical extension"; } try { cert.checkValidity(calendar.getTime()); } catch (final Exception e) { return e.getMessage(); } if (crls != null) { for (final Iterator it = crls.iterator(); it.hasNext();) { if (((CRL)it.next()).isRevoked(cert)) { return "Certificate revoked"; } } } return null; }
if (((CRL) it.next()).isRevoked(cert)) return "Certificate revoked";
private void checkCRL(X509Certificate[] chain) throws CertificateException { String crl = option.getCrl(); crl = custom.getFullPath(crl); File file = new File(crl); if (!file.exists()) { return; } CRL[] crls = KeyStoreUtil.createCRL(crl); X509Certificate owner = CertificateUtil.findOwner(chain); for (CRL c : crls) { if (c.isRevoked(owner)) { LOG.error("certificate revoked"); throw new CertificateException("certificate revoked"); } } }
private void checkCRL(X509Certificate[] chain) throws CertificateException { String crl = option.getCrl(); crl = custom.getFullPath(crl); File file = new File(crl); if (!file.exists()) { return; } CRL[] crls = KeyStoreUtil.createCRL(crl); X509Certificate owner = CertificateUtil.findOwner(chain); for (CRL c : crls) { if (c.isRevoked(owner)) { LOG.error("certificate revoked"); throw new CertificateException("certificate revoked"); } } }
if (aCRL.isRevoked (aCert)) return "Certificate is revoked according to " + aCRL.toString ();
Collection<CRL> crlList = crlManager.getCRLCollection(certs); for (CRL currentCRL : crlList) { if (currentCRL.isRevoked(entityCert)) { log.info("certificate " + entityCert.toString() + " is revoked on CRL list: " + currentCRL.toString());
if (crl.isRevoked(cert)) return "Certificate revoked";
if (crl.isRevoked(cert)) return "Certificate revoked";
Collection<CRL> crlList = crlCriteria.getCrlManager().getCRLCollection(certs); for (CRL currentCRL : crlList) { if (currentCRL.isRevoked(cert)) { getLogger().debug("X509CRLEvaluationCriteria criteria for credential " + credential.getEntityId() + " not met. Certificate " +