private String attributeCertificateInfoFor(AttributeCertificate certificate) { VOMSAttribute attribute = VOMSACUtils.deserializeVOMSAttributes(certificate); StringBuilder sb = new StringBuilder(); sb.append(attribute.getIssuer().getName(X500Principal.RFC2253)).append('\n'); sb.append(" +--Validity: ").append(validityStatementFor(certificate)).append('\n'); Extensions extensions = certificate.getAcinfo().getExtensions(); if (extensions != null) { ASN1ObjectIdentifier[] ids = extensions.getExtensionOIDs(); if (ids != null && ids.length != 0) { sb.append(" +--Extensions:\n"); sb.append(" | |\n"); int index = 1; for (ASN1ObjectIdentifier id : ids) { boolean isLast = index == ids.length; Extension e = extensions.getExtension(id); String padding = isLast ? " | " : " | | "; sb.append(extensionInfoFor(id, e, attribute, padding)); index++; } } } String oid = certificate.getSignatureAlgorithm().getAlgorithm().getId(); sb.append(" +--Algorithm: ").append(nameForOid(oid)).append('\n'); String fqanInfo = fqanInfoFor(attribute); if(!fqanInfo.isEmpty()) { sb.append(" +--FQANs: ").append(fqanInfo).append('\n'); } return sb.toString(); }
public final void verify( PublicKey key, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = null; if (!cert.getSignatureAlgorithm().equals(cert.getAcinfo().getSignature())) { throw new CertificateException("Signature algorithm in certificate info not same as outer certificate"); } signature = Signature.getInstance(cert.getSignatureAlgorithm().getAlgorithm().getId(), provider); signature.initVerify(key); try { signature.update(cert.getAcinfo().getEncoded()); } catch (IOException e) { throw new SignatureException("Exception encoding certificate info object"); } if (!signature.verify(this.getSignature())) { throw new InvalidKeyException("Public key presented not for certificate signature"); } }