Examples of java.security.cert.CRLException

java.security.cert.CRLException
CRL (Certificate Revocation List) Exception. @author Hemma Prafullchandra

            // decode CertificateList structure
            this.crl = (CertificateList) CertificateList.ASN1.decode(in);
            this.tbsCertList = crl.getTbsCertList();
            this.extensions = tbsCertList.getCrlExtensions();
        } catch (IOException e) {
            throw new CRLException(e);
        }
    }

View Full Code Here


            return bOut.toByteArray();
        }
        catch (IOException e)
        {
            throw new CRLException(e.toString());
        }
    }

View Full Code Here

        InvalidKeyException, NoSuchProviderException,
        SignatureException
    {
        if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature()))
        {
            throw new CRLException("Signature algorithm on CertifcateList does not match TBSCertList.");
        }


        Signature sig = Signature.getInstance(getSigAlgName(), sigProvider);


        sig.initVerify(key);

View Full Code Here


            return bOut.toByteArray();
        }
        catch (IOException e)
        {
            throw new CRLException(e.toString());
        }
    }

View Full Code Here

     * method documentation for more info
     */
    public CRL engineGenerateCRL(InputStream inStream)
            throws CRLException {
        if (inStream == null) {
            throw new CRLException(Messages.getString("security.153")); //$NON-NLS-1$
        }
        try {
            if (!inStream.markSupported()) {
                // Create the mark supporting wrapper
                // Mark is needed to recognize the format 
                // of provided encoding form (ASN.1 or PEM)
                inStream = new RestoringInputStream(inStream);
            }
            inStream.mark(1);
            // check whether the provided crl is in PEM encoded form
            if (inStream.read() == '-') {
                // decode PEM, retrieve CRL
                return getCRL(decodePEM(inStream, FREE_BOUND_SUFFIX));
            } else {
                inStream.reset();
                // retrieve CRL
                return getCRL(inStream);
            }
        } catch (IOException e) {
            throw new CRLException(e);
        }
    }

View Full Code Here

     * method documentation for more info
     */
    public Collection<? extends CRL> engineGenerateCRLs(InputStream inStream)
            throws CRLException {
        if (inStream == null) {
            throw new CRLException(Messages.getString("security.153")); //$NON-NLS-1$
        }
        ArrayList result = new ArrayList();
        try {
            if (!inStream.markSupported()) {
                inStream = new RestoringInputStream(inStream);
            }
            // if it is PEM encoded form this array will contain the encoding
            // so ((it is PEM) <-> (encoding != null))
            byte[] encoding = null;
            // The following by SEQUENCE ASN.1 tag, used for
            // recognizing the data format 
            // (is it PKCS7 ContentInfo structure, X.509 CRL, or
            // unsupported encoding)
            int second_asn1_tag = -1;
            inStream.mark(1);
            int ch;
            while ((ch = inStream.read()) != -1) {
                // check if it is PEM encoded form
                if (ch == '-') { // beginning of PEM encoding ('-' char)
                    // decode PEM chunk and store its content (ASN.1 encoding)
                    encoding = decodePEM(inStream, FREE_BOUND_SUFFIX);
                } else if (ch == 0x30) { // beginning of ASN.1 sequence (0x30)
                    encoding = null;
                    inStream.reset();
                    // prepare for data format determination
                    inStream.mark(CRL_CACHE_SEED_LENGTH);
                } else { // unsupported data
                    if (result.size() == 0) {
                        throw new CRLException(
                                Messages.getString("security.15F")); //$NON-NLS-1$
                    } else {
                        // it can be trailing user data,
                        // so keep it in the stream
                        inStream.reset();
                        return result;
                    }
                }
                // Check the data format
                BerInputStream in = (encoding == null)
                                        ? new BerInputStream(inStream)
                                        : new BerInputStream(encoding);
                // read the next ASN.1 tag
                second_asn1_tag = in.next();
                if (encoding == null) {
                    // keep whole structure in the stream
                    inStream.reset();
                }
                // check if it is a TBSCertList structure
                if (second_asn1_tag != ASN1Constants.TAG_C_SEQUENCE) {
                    if (result.size() == 0) {
                        // there were not read X.509 CRLs, so 
                        // break the cycle and check 
                        // whether it is PKCS7 structure
                        break;
                    } else {
                        // it can be trailing user data,
                        // so return what we already read
                        return result;
                    }
                } else {
                    if (encoding == null) {
                        result.add(getCRL(inStream));
                    } else {
                        result.add(getCRL(encoding));
                    }
                }
                inStream.mark(1);
            }
            if (result.size() != 0) {
                // the stream was read out
                return result;
            } else if (ch == -1) {
                throw new CRLException(
                        Messages.getString("security.155")); //$NON-NLS-1$
            }
            // else: check if it is PKCS7
            if (second_asn1_tag == ASN1Constants.TAG_OID) {
                // it is PKCS7 ContentInfo structure, so decode it
                ContentInfo info = (ContentInfo) 
                    ((encoding != null)
                        ? ContentInfo.ASN1.decode(encoding)
                        : ContentInfo.ASN1.decode(inStream));
                // retrieve SignedData
                SignedData data = info.getSignedData();
                if (data == null) {
                    throw new CRLException(
                            Messages.getString("security.154")); //$NON-NLS-1$
                }
                List crls = data.getCRLs();
                if (crls != null) {
                    for (int i = 0; i < crls.size(); i++) {
                        result.add(new X509CRLImpl(
                            (CertificateList) crls.get(i)));
                    }
                }
                return result;
            }
            // else: Unknown data format
            throw new CRLException(
                        Messages.getString("security.15F")); //$NON-NLS-1$
        } catch (IOException e) {
            throw new CRLException(e);
        }
    }

View Full Code Here

     * (in the case of cache miss).
     */
    private static CRL getCRL(byte[] encoding) 
                                            throws CRLException, IOException {
        if (encoding.length < CRL_CACHE_SEED_LENGTH) {
            throw new CRLException(
                    Messages.getString("security.152")); //$NON-NLS-1$
        }
        synchronized (CRL_CACHE) {
            long hash = CRL_CACHE.getHash(encoding);
            if (CRL_CACHE.contains(hash)) {

View Full Code Here

            inStream.mark(CRL_CACHE_SEED_LENGTH);
            byte[] buff = readBytes(inStream, CRL_CACHE_SEED_LENGTH);
            // read the prefix of the encoding
            inStream.reset();
            if (buff == null) {
                throw new CRLException(
                        Messages.getString("security.152")); //$NON-NLS-1$
            }
            long hash = CRL_CACHE.getHash(buff);
            if (CRL_CACHE.contains(hash)) {
                byte[] encoding = new byte[BerInputStream.getLength(buff)];
                if (encoding.length < CRL_CACHE_SEED_LENGTH) {
                    throw new CRLException(
                        Messages.getString("security.15B4")); //$NON-NLS-1$
                }
                inStream.read(encoding);
                CRL res = (CRL) CRL_CACHE.get(hash, encoding);
                if (res != null) {

View Full Code Here

                }
            }


            params = xparams;
        } else {
            throw new CRLException("CRLs not supported for type: "+algorithm);
        }
        return params;
    }

View Full Code Here

                }
            }


            params = xparams;
        } else {
            throw new CRLException("CRLs not supported for type: "+algorithm);
        }
        return params;
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of java.security.cert.CRLException

gnu.java.security.x509.X509CRL

gnu.java.security.x509.X509CRLEntry

org.apache.geronimo.crypto.jce.provider.X509CRLEntryObject

org.apache.geronimo.crypto.jce.provider.X509CRLObject

org.apache.geronimo.util.jce.provider.X509CRLEntryObject

org.apache.geronimo.util.jce.provider.X509CRLObject

org.apache.harmony.jretools.keytool.CertReader

org.apache.harmony.jretools.keytool.CRLManager

org.apache.harmony.security.provider.cert.X509CertFactoryImpl

org.apache.harmony.security.provider.cert.X509CRLImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.