Java 类java.security.cert.CRLException 实例源码
项目:openjdk-jdk10
文件:X509CRLImpl.java
/**
* Verifies that this CRL was signed using the
* private key that corresponds to the given public key,
* and that the signature verification was computed by
* the given provider. Note that the specified Provider object
* does not have to be registered in the provider list.
*
* @param key the PublicKey used to carry out the verification.
* @param sigProvider the signature provider.
*
* @exception NoSuchAlgorithmException on unsupported signature
* algorithms.
* @exception InvalidKeyException on incorrect key.
* @exception SignatureException on signature errors.
* @exception CRLException on encoding errors.
*/
public synchronized void verify(PublicKey key, Provider sigProvider)
throws CRLException, NoSuchAlgorithmException, InvalidKeyException,
SignatureException {
if (signedCRL == null) {
throw new CRLException("Uninitialized CRL");
}
Signature sigVerf = null;
if (sigProvider == null) {
sigVerf = Signature.getInstance(sigAlgId.getName());
} else {
sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
}
sigVerf.initVerify(key);
if (tbsCertList == null) {
throw new CRLException("Uninitialized CRL");
}
sigVerf.update(tbsCertList, 0, tbsCertList.length);
if (!sigVerf.verify(signature)) {
throw new SignatureException("Signature does not match.");
}
verifiedPublicKey = key;
}
项目:openjdk-jdk10
文件:CRLExtensions.java
private void parseExtension(Extension ext) throws CRLException {
try {
Class<?> extClass = OIDMap.getClass(ext.getExtensionId());
if (extClass == null) { // Unsupported extension
if (ext.isCritical())
unsupportedCritExt = true;
if (map.put(ext.getExtensionId().toString(), ext) != null)
throw new CRLException("Duplicate extensions not allowed");
return;
}
Constructor<?> cons = extClass.getConstructor(PARAMS);
Object[] passed = new Object[] {Boolean.valueOf(ext.isCritical()),
ext.getExtensionValue()};
CertAttrSet<?> crlExt = (CertAttrSet<?>)cons.newInstance(passed);
if (map.put(crlExt.getName(), (Extension)crlExt) != null) {
throw new CRLException("Duplicate extensions not allowed");
}
} catch (InvocationTargetException invk) {
throw new CRLException(invk.getTargetException().getMessage());
} catch (Exception e) {
throw new CRLException(e.toString());
}
}
项目:cas-5.1.0
文件:LdaptiveResourceCRLFetcher.java
/**
* Downloads a CRL from given LDAP url.
*
* @param r the resource that is the ldap url.
* @return the x 509 cRL
* @throws IOException the exception thrown if resources cant be fetched
* @throws CRLException the exception thrown if resources cant be fetched
* @throws CertificateException if connection to ldap fails, or attribute to get the revocation list is unavailable
*/
protected X509CRL fetchCRLFromLdap(final Object r) throws CertificateException, IOException, CRLException {
try {
final String ldapURL = r.toString();
LOGGER.debug("Fetching CRL from ldap [{}]", ldapURL);
final Response<SearchResult> result = performLdapSearch(ldapURL);
if (result.getResultCode() == ResultCode.SUCCESS) {
final LdapEntry entry = result.getResult().getEntry();
final LdapAttribute attribute = entry.getAttribute(this.certificateAttribute);
if (attribute.isBinary()) {
LOGGER.debug("Located entry [{}]. Retrieving first attribute [{}]", entry, attribute);
return fetchX509CRLFromAttribute(attribute);
}
LOGGER.warn("Found certificate attribute [{}] but it is not marked as a binary attribute", this.certificateAttribute);
}
LOGGER.debug("Failed to execute the search [{}]", result);
throw new CertificateException("Failed to establish a connection ldap and search.");
} catch (final LdapException e) {
LOGGER.error(e.getMessage(), e);
throw new CertificateException(e.getMessage());
}
}
项目:lazycat
文件:JSSESocketFactory.java
/**
* Return the initialization parameters for the TrustManager. Currently,
* only the default <code>PKIX</code> is supported.
*
* @param algorithm
* The algorithm to get parameters for.
* @param crlf
* The path to the CRL file.
* @param trustStore
* The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore) throws Exception {
CertPathParameters params = null;
if ("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
Collection<? extends CRL> crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
String trustLength = endpoint.getTrustMaxCertLength();
if (trustLength != null) {
try {
xparams.setMaxPathLength(Integer.parseInt(trustLength));
} catch (Exception ex) {
log.warn("Bad maxCertLength: " + trustLength);
}
}
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: " + algorithm);
}
return params;
}
项目:ipack
文件:X509V2CRLGenerator.java
/**
* Add the CRLEntry objects contained in a previous CRL.
*
* @param other the X509CRL to source the other entries from.
*/
public void addCRL(X509CRL other)
throws CRLException
{
Set revocations = other.getRevokedCertificates();
if (revocations != null)
{
Iterator it = revocations.iterator();
while (it.hasNext())
{
X509CRLEntry entry = (X509CRLEntry)it.next();
ASN1InputStream aIn = new ASN1InputStream(entry.getEncoded());
try
{
tbsGen.addCRLEntry(ASN1Sequence.getInstance(aIn.readObject()));
}
catch (IOException e)
{
throw new CRLException("exception processing encoding of CRL: " + e.toString());
}
}
}
}
项目:ipack
文件:X509V2CRLGenerator.java
/**
* generate an X509 CRL, based on the current issuer and subject,
* using the passed in provider for the signing.
*/
public X509CRL generate(
PrivateKey key,
String provider,
SecureRandom random)
throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
{
TBSCertList tbsCrl = generateCertList();
byte[] signature;
try
{
signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCrl);
}
catch (IOException e)
{
throw new ExtCRLException("cannot generate CRL encoding", e);
}
return generateJcaObject(tbsCrl, signature);
}
项目:openjdk-jdk10
文件:X509CRLEntryImpl.java
@Override
public int compareTo(X509CRLEntryImpl that) {
int compSerial = getSerialNumber().compareTo(that.getSerialNumber());
if (compSerial != 0) {
return compSerial;
}
try {
byte[] thisEncoded = this.getEncoded0();
byte[] thatEncoded = that.getEncoded0();
for (int i=0; i<thisEncoded.length && i<thatEncoded.length; i++) {
int a = thisEncoded[i] & 0xff;
int b = thatEncoded[i] & 0xff;
if (a != b) return a-b;
}
return thisEncoded.length -thatEncoded.length;
} catch (CRLException ce) {
return -1;
}
}
项目:ipack
文件:JcaCertStoreBuilder.java
private CollectionCertStoreParameters convertHolders(JcaX509CertificateConverter certificateConverter, JcaX509CRLConverter crlConverter)
throws CertificateException, CRLException
{
List jcaObjs = new ArrayList(certs.size() + crls.size());
for (Iterator it = certs.iterator(); it.hasNext();)
{
jcaObjs.add(certificateConverter.getCertificate((X509CertificateHolder)it.next()));
}
for (Iterator it = crls.iterator(); it.hasNext();)
{
jcaObjs.add(crlConverter.getCRL((X509CRLHolder)it.next()));
}
return new CollectionCertStoreParameters(jcaObjs);
}
项目:ipack
文件:X509CRLObject.java
public X509CRLObject(
CertificateList c)
throws CRLException
{
this.c = c;
try
{
this.sigAlgName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
if (c.getSignatureAlgorithm().getParameters() != null)
{
this.sigAlgParams = ((ASN1Encodable)c.getSignatureAlgorithm().getParameters()).toASN1Primitive().getEncoded(ASN1Encoding.DER);
}
else
{
this.sigAlgParams = null;
}
this.isIndirect = isIndirectCRL(this);
}
catch (Exception e)
{
throw new CRLException("CRL contents invalid: " + e);
}
}
项目:ipack
文件:X509CRLObject.java
public void verify(PublicKey key, String sigProvider)
throws CRLException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException
{
if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature()))
{
throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
}
Signature sig;
if (sigProvider != null)
{
sig = Signature.getInstance(getSigAlgName(), sigProvider);
}
else
{
sig = Signature.getInstance(getSigAlgName());
}
sig.initVerify(key);
sig.update(this.getTBSCertList());
if (!sig.verify(this.getSignature()))
{
throw new SignatureException("CRL does not verify with supplied public key.");
}
}
项目:ipack
文件:X509CRLParser.java
private CRL readDERCRL(
InputStream in)
throws IOException, CRLException
{
ASN1InputStream dIn = new ASN1InputStream(in);
ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
if (seq.size() > 1
&& seq.getObjectAt(0) instanceof DERObjectIdentifier)
{
if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
{
sData = new SignedData(ASN1Sequence.getInstance(
(ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs();
return getCRL();
}
}
return new X509CRLObject(CertificateList.getInstance(seq));
}
项目:ipack
文件:CertificateFactory.java
private CRL readDERCRL(
ASN1InputStream aIn)
throws IOException, CRLException
{
ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
if (seq.size() > 1
&& seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
{
if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
{
sCrlData = SignedData.getInstance(ASN1Sequence.getInstance(
(ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs();
return getCRL();
}
}
return createCRL(
CertificateList.getInstance(seq));
}
项目:openjdk-jdk10
文件:X509CRLImpl.java
/**
* Verifies that this CRL was signed using the
* private key that corresponds to the given public key,
* and that the signature verification was computed by
* the given provider.
*
* @param key the PublicKey used to carry out the verification.
* @param sigProvider the name of the signature provider.
*
* @exception NoSuchAlgorithmException on unsupported signature
* algorithms.
* @exception InvalidKeyException on incorrect key.
* @exception NoSuchProviderException on incorrect provider.
* @exception SignatureException on signature errors.
* @exception CRLException on encoding errors.
*/
public synchronized void verify(PublicKey key, String sigProvider)
throws CRLException, NoSuchAlgorithmException, InvalidKeyException,
NoSuchProviderException, SignatureException {
if (sigProvider == null) {
sigProvider = "";
}
if ((verifiedPublicKey != null) && verifiedPublicKey.equals(key)) {
// this CRL has already been successfully verified using
// this public key. Make sure providers match, too.
if (sigProvider.equals(verifiedProvider)) {
return;
}
}
if (signedCRL == null) {
throw new CRLException("Uninitialized CRL");
}
Signature sigVerf = null;
if (sigProvider.length() == 0) {
sigVerf = Signature.getInstance(sigAlgId.getName());
} else {
sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
}
sigVerf.initVerify(key);
if (tbsCertList == null) {
throw new CRLException("Uninitialized CRL");
}
sigVerf.update(tbsCertList, 0, tbsCertList.length);
if (!sigVerf.verify(signature)) {
throw new SignatureException("Signature does not match.");
}
verifiedPublicKey = key;
verifiedProvider = sigProvider;
}
项目:BiglyBT
文件:PrincipalUtil.java
/**
* return the issuer of the given CRL as an X509PrincipalObject.
*/
public static X509Principal getIssuerX509Principal(
X509CRL crl)
throws CRLException
{
try
{
ByteArrayInputStream bIn = new ByteArrayInputStream(
crl.getTBSCertList());
ASN1InputStream aIn = new ASN1InputStream(bIn);
TBSCertList tbsCertList = new TBSCertList(
(ASN1Sequence)aIn.readObject());
return new X509Principal(tbsCertList.getIssuer());
}
catch (IOException e)
{
throw new CRLException(e.toString());
}
}
项目:lams
文件:X509Util.java
/**
* Decodes CRLS in DER or PKCS#7 format. If in PKCS#7 format only the CRLs are decode, the rest of the content is
* ignored.
*
* @param crls encoded CRLs
*
* @return decoded CRLs
*
* @throws CRLException thrown if the CRLs can not be decoded
*
* @since 1.2
*/
public static Collection<X509CRL> decodeCRLs(File crls) throws CRLException{
if(!crls.exists()){
throw new CRLException("CRL file " + crls.getAbsolutePath() + " does not exist");
}
if(!crls.canRead()){
throw new CRLException("CRL file " + crls.getAbsolutePath() + " is not readable");
}
try{
return decodeCRLs(DatatypeHelper.fileToByteArray(crls));
}catch(IOException e){
throw new CRLException("Error reading CRL file " + crls.getAbsolutePath(), e);
}
}
项目:lams
文件:KeyInfoHelper.java
/**
* Get a list of the Java {@link java.security.cert.X509CRL}s within the given {@link KeyInfo}.
*
* @param keyInfo the {@link KeyInfo} to extract the CRL's from
*
* @return a list of Java {@link java.security.cert.X509CRL}s
*
* @throws CRLException thrown if there is a problem converting the
* CRL data into {@link java.security.cert.X509CRL}s
*/
public static List<X509CRL> getCRLs(KeyInfo keyInfo) throws CRLException {
List<X509CRL> crlList = new LinkedList<X509CRL>();
if (keyInfo == null) {
return crlList;
}
List<X509Data> x509Datas = keyInfo.getX509Datas();
for (X509Data x509Data : x509Datas) {
if (x509Data != null) {
crlList.addAll(getCRLs(x509Data));
}
}
return crlList;
}
项目:lams
文件:KeyInfoHelper.java
/**
* Get a list of the Java {@link java.security.cert.X509CRL}s within the given {@link X509Data}.
*
* @param x509Data {@link X509Data} to extract the CRLs from
*
* @return a list of Java {@link java.security.cert.X509CRL}s
*
* @throws CRLException thrown if there is a problem converting the
* CRL data into {@link java.security.cert.X509CRL}s
*/
public static List<X509CRL> getCRLs(X509Data x509Data) throws CRLException {
List<X509CRL> crlList = new LinkedList<X509CRL>();
if (x509Data == null) {
return crlList;
}
for (org.opensaml.xml.signature.X509CRL xmlCRL : x509Data.getX509CRLs()) {
if (xmlCRL != null && xmlCRL.getValue() != null) {
X509CRL newCRL = getCRL(xmlCRL);
crlList.add(newCRL);
}
}
return crlList;
}
项目:lams
文件:JSSESocketFactory.java
/**
* Return the initialization parameters for the TrustManager.
* Currently, only the default <code>PKIX</code> is supported.
*
* @param algorithm The algorithm to get parameters for.
* @param crlf The path to the CRL file.
* @param trustStore The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm,
String crlf,
KeyStore trustStore)
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore,
new X509CertSelector());
Collection crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
xparams.setMaxPathLength(listener.getSslTrustMaxCertLength());
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: "+algorithm);
}
return params;
}
项目:OpenJSharp
文件:CRLExtensions.java
private void parseExtension(Extension ext) throws CRLException {
try {
Class<?> extClass = OIDMap.getClass(ext.getExtensionId());
if (extClass == null) { // Unsupported extension
if (ext.isCritical())
unsupportedCritExt = true;
if (map.put(ext.getExtensionId().toString(), ext) != null)
throw new CRLException("Duplicate extensions not allowed");
return;
}
Constructor<?> cons = extClass.getConstructor(PARAMS);
Object[] passed = new Object[] {Boolean.valueOf(ext.isCritical()),
ext.getExtensionValue()};
CertAttrSet<?> crlExt = (CertAttrSet<?>)cons.newInstance(passed);
if (map.put(crlExt.getName(), (Extension)crlExt) != null) {
throw new CRLException("Duplicate extensions not allowed");
}
} catch (InvocationTargetException invk) {
throw new CRLException(invk.getTargetException().getMessage());
} catch (Exception e) {
throw new CRLException(e.toString());
}
}
项目:openjdk-jdk10
文件:CertUtils.java
/**
* Get a DER-encoded X.509 CRL from a file.
*
* @param crlFilePath path to file containing DER-encoded CRL
* @return the X509CRL
* @throws CertificateException if the crl type is not supported
* @throws CRLException if the crl cannot be parsed
* @throws IOException if the file cannot be opened
*/
public static X509CRL getCRLFromFile(String crlFilePath)
throws CertificateException, CRLException, IOException {
File crlFile = new File(System.getProperty("test.src", "."),
crlFilePath);
try (FileInputStream fis = new FileInputStream(crlFile)) {
return (X509CRL)
CertificateFactory.getInstance("X.509").generateCRL(fis);
}
}
项目:springboot-shiro-cas-mybatis
文件:MockX509CRL.java
/**
* @see java.security.cert.X509CRL#verify(java.security.PublicKey, java.lang.String)
*/
@Override
public void verify(final PublicKey key, final String sigProvider) throws CRLException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
SignatureException {
// Do nothing to indicate valid signature
}
项目:jdk8u-jdk
文件:X509CRLImpl.java
/**
* Unmarshals an X.509 CRL from an DER value.
*
* @param val a DER value holding at least one CRL
* @exception CRLException on parsing errors.
*/
public X509CRLImpl(DerValue val) throws CRLException {
try {
parse(val);
} catch (IOException e) {
signedCRL = null;
throw new CRLException("Parsing error: " + e.getMessage());
}
}
项目:springboot-shiro-cas-mybatis
文件:MockX509CRL.java
/**
* @see java.security.cert.X509CRL#verify(java.security.PublicKey, java.lang.String)
*/
@Override
public void verify(final PublicKey key, final String sigProvider) throws CRLException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
SignatureException {
// Do nothing to indicate valid signature
}
项目:openjdk-jdk10
文件:AlgorithmChecker.java
/**
* Check the signature algorithm with the specified public key.
*
* @param key the public key to verify the CRL signature
* @param crl the target CRL
* @param variant is the Validator variants of the operation. A null value
* passed will set it to Validator.GENERIC.
*/
static void check(PublicKey key, X509CRL crl, String variant)
throws CertPathValidatorException {
X509CRLImpl x509CRLImpl = null;
try {
x509CRLImpl = X509CRLImpl.toImpl(crl);
} catch (CRLException ce) {
throw new CertPathValidatorException(ce);
}
AlgorithmId algorithmId = x509CRLImpl.getSigAlgId();
check(key, algorithmId, variant);
}
项目:apache-tomcat-7.0.73-with-comment
文件:JSSESocketFactory.java
/**
* Return the initialization parameters for the TrustManager.
* Currently, only the default <code>PKIX</code> is supported.
*
* @param algorithm The algorithm to get parameters for.
* @param crlf The path to the CRL file.
* @param trustStore The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm,
String crlf,
KeyStore trustStore)
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams =
new PKIXBuilderParameters(trustStore, new X509CertSelector());
Collection<? extends CRL> crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
String trustLength = endpoint.getTrustMaxCertLength();
if(trustLength != null) {
try {
xparams.setMaxPathLength(Integer.parseInt(trustLength));
} catch(Exception ex) {
log.warn("Bad maxCertLength: "+trustLength);
}
}
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: "+algorithm);
}
return params;
}
项目:cas-5.1.0
文件:LdaptiveResourceCRLFetcher.java
@Override
public X509CRL fetch(final Resource crl) throws IOException, CRLException, CertificateException {
if (LdapUtils.isLdapConnectionUrl(crl.toString())) {
return fetchCRLFromLdap(crl);
}
return super.fetch(crl);
}
项目:cas-5.1.0
文件:LdaptiveResourceCRLFetcher.java
@Override
public X509CRL fetch(final URI crl) throws IOException, CRLException, CertificateException {
if (LdapUtils.isLdapConnectionUrl(crl)) {
return fetchCRLFromLdap(crl);
}
return super.fetch(crl);
}
项目:cas-5.1.0
文件:LdaptiveResourceCRLFetcher.java
@Override
public X509CRL fetch(final URL crl) throws IOException, CRLException, CertificateException {
if (LdapUtils.isLdapConnectionUrl(crl)) {
return fetchCRLFromLdap(crl);
}
return super.fetch(crl);
}
项目:cas-5.1.0
文件:ResourceCRLFetcher.java
@Override
public Collection<X509CRL> fetch(final Collection<Resource> crls) throws IOException, CRLException, CertificateException {
final Set<X509CRL> results = new HashSet<>();
for (final Resource r : crls) {
LOGGER.debug("Fetching CRL data from [{}]", r);
try(InputStream ins = r.getInputStream()) {
final X509CRL crl = (X509CRL) CertUtils.getCertificateFactory().generateCRL(ins);
if (crl != null) {
results.add(crl);
}
}
}
return results;
}
项目:OpenJSharp
文件:X509CRLEntryImpl.java
/**
* Encodes the revoked certificate to an output stream.
*
* @param outStrm an output stream to which the encoded revoked
* certificate is written.
* @exception CRLException on encoding errors.
*/
public void encode(DerOutputStream outStrm) throws CRLException {
try {
if (revokedCert == null) {
DerOutputStream tmp = new DerOutputStream();
// sequence { serialNumber, revocationDate, extensions }
serialNumber.encode(tmp);
if (revocationDate.getTime() < YR_2050) {
tmp.putUTCTime(revocationDate);
} else {
tmp.putGeneralizedTime(revocationDate);
}
if (extensions != null)
extensions.encode(tmp, isExplicit);
DerOutputStream seq = new DerOutputStream();
seq.write(DerValue.tag_Sequence, tmp);
revokedCert = seq.toByteArray();
}
outStrm.write(revokedCert);
} catch (IOException e) {
throw new CRLException("Encoding error: " + e.toString());
}
}
项目:cas-5.1.0
文件:MockX509CRL.java
/**
* @see java.security.cert.X509CRL#verify(java.security.PublicKey)
*/
@Override
public void verify(final PublicKey key) throws CRLException,
NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
SignatureException {
// Do nothing to indicate valid signature
}
项目:openjdk-jdk10
文件:X509CRLImpl.java
/**
* Unmarshals an X.509 CRL from an input stream. Only one CRL
* is expected at the end of the input stream.
*
* @param inStrm an input stream holding at least one CRL
* @exception CRLException on parsing errors.
*/
public X509CRLImpl(InputStream inStrm) throws CRLException {
try {
parse(new DerValue(inStrm));
} catch (IOException e) {
signedCRL = null;
throw new CRLException("Parsing error: " + e.getMessage());
}
}
项目:ipack
文件:X509V2CRLGenerator.java
/**
* generate an X509 certificate, based on the current issuer and subject
* using the passed in provider for the signing.
*/
public X509CRL generate(
PrivateKey key,
String provider)
throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
{
return generate(key, provider, null);
}
项目:jdk8u-jdk
文件:AlgorithmChecker.java
/**
* Check the signature algorithm with the specified public key.
*
* @param key the public key to verify the CRL signature
* @param crl the target CRL
*/
static void check(PublicKey key, X509CRL crl)
throws CertPathValidatorException {
X509CRLImpl x509CRLImpl = null;
try {
x509CRLImpl = X509CRLImpl.toImpl(crl);
} catch (CRLException ce) {
throw new CertPathValidatorException(ce);
}
AlgorithmId algorithmId = x509CRLImpl.getSigAlgId();
check(key, algorithmId);
}
项目:ipack
文件:X509CRLObject.java
public byte[] getEncoded()
throws CRLException
{
try
{
return c.getEncoded(ASN1Encoding.DER);
}
catch (IOException e)
{
throw new CRLException(e.toString());
}
}
项目:ipack
文件:X509CRLObject.java
public byte[] getTBSCertList()
throws CRLException
{
try
{
return c.getTBSCertList().getEncoded("DER");
}
catch (IOException e)
{
throw new CRLException(e.toString());
}
}
项目:openjdk-jdk10
文件:X509CRLEntryImpl.java
/**
* Unmarshals a revoked certificate from its encoded form.
*
* @param revokedCert the encoded bytes.
* @exception CRLException on parsing errors.
*/
public X509CRLEntryImpl(byte[] revokedCert) throws CRLException {
try {
parse(new DerValue(revokedCert));
} catch (IOException e) {
this.revokedCert = null;
throw new CRLException("Parsing error: " + e.toString());
}
}
项目:ipack
文件:X509CRLParser.java
private CRL readPEMCRL(
InputStream in)
throws IOException, CRLException
{
ASN1Sequence seq = PEM_PARSER.readPEMObject(in);
if (seq != null)
{
return new X509CRLObject(CertificateList.getInstance(seq));
}
return null;
}
项目:ipack
文件:CertificateFactory.java
private CRL readPEMCRL(
InputStream in)
throws IOException, CRLException
{
ASN1Sequence seq = PEM_CRL_PARSER.readPEMObject(in);
if (seq != null)
{
return createCRL(
CertificateList.getInstance(seq));
}
return null;
}
项目:ipack
文件:CertificateFactory.java
private CRL getCRL()
throws CRLException
{
if (sCrlData == null || sCrlDataObjectCount >= sCrlData.size())
{
return null;
}
return createCRL(
CertificateList.getInstance(
sCrlData.getObjectAt(sCrlDataObjectCount++)));
}