/** * @see java.security.cert.CertificateFactorySpi#engineGenerateCRL(InputStream) * method documentation for more info */ public CRL engineGenerateCRL(InputStream inStream) throws CRLException { if (inStream == null) { throw new CRLException("inStream == null"); } try { if (!inStream.markSupported()) { // Create the mark supporting wrapper // Mark is needed to recognize the format // of provided encoding form (ASN.1 or PEM) inStream = new RestoringInputStream(inStream); } inStream.mark(1); // check whether the provided crl is in PEM encoded form if (inStream.read() == '-') { // decode PEM, retrieve CRL return getCRL(decodePEM(inStream, FREE_BOUND_SUFFIX)); } else { inStream.reset(); // retrieve CRL return getCRL(inStream); } } catch (IOException e) { throw new CRLException(e); } }
/** * Creates X.509 CRL on the base of ASN.1 DER encoded form of * the CRL (CertificateList structure described in RFC 3280) * provided via input stream. * @throws CRLException if decoding errors occur. */ public X509CRLImpl(InputStream in) throws CRLException { try { // decode CertificateList structure this.crl = (CertificateList) CertificateList.ASN1.decode(in); this.tbsCertList = crl.getTbsCertList(); this.extensions = tbsCertList.getCrlExtensions(); } catch (IOException e) { throw new CRLException(e); } }
throws CRLException { if (inStream == null) { throw new CRLException("inStream == null"); } else { // unsupported data if (result.size() == 0) { throw new CRLException("Unsupported encoding"); } else { throw new CRLException("There is no data in the stream"); throw new CRLException("Invalid PKCS7 data provided"); throw new CRLException("Unsupported encoding"); } catch (IOException e) { throw new CRLException(e);
throw new CRLException("InputStream doesn't contain enough data"); byte[] encoding = new byte[BerInputStream.getLength(buff)]; if (encoding.length < CRL_CACHE_SEED_LENGTH) { throw new CRLException("Bad CRL encoding");
/** * Returns the CRL object corresponding to the provided encoding. * Resulting object is retrieved from the cache * if it contains such correspondence * and is constructed on the base of encoding * and stored in the cache otherwise. * @throws IOException if some decoding errors occur * (in the case of cache miss). */ private static CRL getCRL(byte[] encoding) throws CRLException, IOException { if (encoding.length < CRL_CACHE_SEED_LENGTH) { throw new CRLException("encoding.length < CRL_CACHE_SEED_LENGTH"); } synchronized (CRL_CACHE) { long hash = CRL_CACHE.getHash(encoding); if (CRL_CACHE.contains(hash)) { X509CRL res = (X509CRL) CRL_CACHE.get(hash, encoding); if (res != null) { return res; } } X509CRL res = new X509CRLImpl(encoding); CRL_CACHE.put(hash, encoding, res); return res; } }
/** * Get the Java public key from a X.509 certificate file. * Throws if the certificate is invalid (e.g. expired). * * This DOES check for revocation. * * @return non-null, throws on all errors including certificate invalid * @since 0.9.24 moved from SU3File private method */ public static PublicKey loadKey(File kd) throws IOException, GeneralSecurityException { X509Certificate cert = loadCert(kd); if (isRevoked(cert)) throw new CRLException("Certificate is revoked"); return cert.getPublicKey(); }
X509Certificate cert = CertUtil.loadCert(kd); if (CertUtil.isRevoked(cert)) throw new CRLException("Certificate is revoked"); if (!SystemVersion.isAndroid()) {
throw new CRLException("CRLs not supported for type: " + algorithm);
public byte[] getEncoded() throws CRLException { try { return c.getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new CRLException(e.toString()); } }
@Override public Collection<? extends CRL> engineGenerateCRLs(InputStream inStream) throws CRLException { if (inStream == null) { return Collections.emptyList(); } try { return crlParser.generateItems(inStream); } catch (ParsingException e) { throw new CRLException(e); } }
public byte[] getEncoded() throws CRLException { try { return c.getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new CRLException(e.toString()); } }
@Override public void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { X509CRL crl = this.crl; if (crl != null) { crl.verify(key, sigProvider); } else { throw new CRLException("No CRL loaded, nothing to verify."); } }
public byte[] getEncoded() throws CRLException { try { return c.getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new CRLException(e.toString()); } }
public byte[] getEncoded() throws CRLException { try { return c.getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new CRLException(e.toString()); } }
public byte[] getTBSCertList() throws CRLException { try { return c.getTBSCertList().getEncoded("DER"); } catch (IOException e) { throw new CRLException(e.toString()); } }
public byte[] getTBSCertList() throws CRLException { try { return c.getTBSCertList().getEncoded("DER"); } catch (IOException e) { throw new CRLException(e.toString()); } }
public byte[] getTBSCertList() throws CRLException { try { return c.getTBSCertList().getEncoded("DER"); } catch (IOException e) { throw new CRLException(e.toString()); } }
public byte[] getTBSCertList() throws CRLException { try { return c.getTBSCertList().getEncoded("DER"); } catch (IOException e) { throw new CRLException(e.toString()); } }
public static X509CRL parseCrl(InputStream crlStream) throws CertificateException, CRLException { Args.notNull(crlStream, "crlStream"); X509CRL crl = (X509CRL) getCertFactory().generateCRL(crlStream); if (crl == null) { throw new CRLException("the given one is not a valid X.509 CRL"); } return crl; }
public static X509CRL parseCrl(InputStream crlStream) throws CertificateException, CRLException { requireNonNull("crlStream", crlStream); X509CRL crl = (X509CRL) getCertFactory().generateCRL(crlStream); if (crl == null) { throw new CRLException("the given one is not a valid X.509 CRL"); } return crl; }