Examples of java.security.cert.X509CRL.verify()

java.security.cert.X509CRL.verify()
Verifies that this CRL was signed using the private key that corresponds to the given public key. @param key the PublicKey used to carry out the verification. @exception NoSuchAlgorithmException on unsupported signaturealgorithms. @exception InvalidKeyException on incorrect key. @exception NoSuchProviderException if there's no default provider. @exception SignatureException on signature errors. @exception CRLException on encoding errors.

        X509Certificate jceIssuer = (X509Certificate)
            jceFac.generateCertificate(new ByteArrayInputStream(certData));


        X509CRL jceCRL = (X509CRL)jceFac.generateCRL(new ByteArrayInputStream(crlData));


        jceCRL.verify(jceIssuer.getPublicKey());




        // verify CRL with BC provider
        CertificateFactory bcFac = CertificateFactory.getInstance("X.509", "BC");

View Full Code Here


        X509CRL bcCRL = (X509CRL)bcFac.generateCRL(new ByteArrayInputStream(crlData));


        jceCRL.verify(bcIssuer.getPublicKey());


        bcCRL.verify(bcIssuer.getPublicKey());
    }


    private void testCertPathEncAvailableTest()
        throws Exception
    {

View Full Code Here

        for (Iterator it = deltacrls.iterator(); it.hasNext();)
        {
            X509CRL crl = (X509CRL)it.next();
            try
            {
                crl.verify(key);
                return crl;
            }
            catch (Exception e)
            {
                lastException = e;

View Full Code Here

        try
        {
            for (Iterator it = deltacrls.iterator(); it.hasNext();)
            {
                X509CRL crl = (X509CRL)it.next();
                crl.verify(key);
                return crl;
            }
        }
        catch (Exception e)
        {

View Full Code Here

            X509CRL crl = (X509CRL) factory.generateCRL(bais);
            assertNotNull("Factory returned null on correct data", crl);


            if (publicKey != null) {
                // verify the signatures
                crl.verify(publicKey);
            }
        }


        for (int i=0; i<bad_content.length; i++) {
            bais = new ByteArrayInputStream(

View Full Code Here

      // Read the supplied CRL and verify that it is issued by the specified CA
      final X509CRL x509crl = (X509CRL) CertTools.getCertificateFactory().generateCRL(new FileInputStream (crl_file));
          if (!x509crl.getIssuerX500Principal().getName().equals(cacert.getSubjectX500Principal().getName())){
            throw new IOException ("CRL wasn't issued by this CA");
          }
          x509crl.verify(cacert.getPublicKey());
          int crl_no = CrlExtensions.getCrlNumber(x509crl).intValue();
          getLogger().info("Processing CRL #" + crl_no);
          int miss_count = 0;  // Number of certs not already in database
          int revoked = 0;  // Number of certs activly revoked by this algorithm
          int already_revoked = 0;  // Number of certs already revoked in database and ignored in non-strict mode

View Full Code Here

                // check the returned CRL
                if ( !StringUtils.equals(this.sessionData.certchain[1].getSubjectDN().getName(), retCrl.getIssuerDN().getName()) ) {
                  StressTest.this.performanceTest.getLog().error("CRL issuerDN should be "+this.sessionData.certchain[1].getSubjectDN().getName()+" but was: "+retCrl.getIssuerDN().getName());
                  return false;
                }
                retCrl.verify(this.sessionData.certchain[1].getPublicKey());
                return true;
              }
              // We got a reply with a requested certificate 
              final Collection<?> certs = certstore.getCertificates(null);
              //System.out.println("Got certificate reply with certchain of length: "+certs.size());

View Full Code Here

                final X509CRL retCrl = it.next();
                log.info("Got CRL with DN: " + retCrl.getIssuerDN().getName());


                // check the returned CRL
                assertEquals(cacert.getSubjectDN().getName(), retCrl.getIssuerDN().getName());
                retCrl.verify(cacert.getPublicKey());
            } else {
                // We got a reply with a requested certificate
                final Collection<X509Certificate> certs = (Collection<X509Certificate>) certstore.getCertificates(null);
                // EJBCA returns the issued cert and the CA cert (cisco vpn
                // client requires that the ca cert is included)

View Full Code Here

//                    fos.write(retCrl.getEncoded());
//                    fos.close();
//                } catch (Exception e) {}
                // check the returned CRL
                assertEquals(cacert.getSubjectDN().getName(), retCrl.getIssuerDN().getName());
                retCrl.verify(cacert.getPublicKey());
            } else {
                // We got a reply with a requested certificate 
                Collection certs = certstore.getCertificates(null);
                log.info("Got certificate reply with certchain of length: "+certs.size());
                // EJBCA returns the issued cert and the CA cert (cisco vpn client requires that the ca cert is included)

View Full Code Here

      }


        X509CRL crl;
        crl = crlgen.generate(getCAToken().getPrivateKey(SecConst.CAKEYPURPOSE_CRLSIGN),getCAToken().getProvider());
        // Verify before sending back
        crl.verify(getCAToken().getPublicKey(SecConst.CAKEYPURPOSE_CRLSIGN));


        return crl;        
    }    


    /** Generate a list of Distribution points.

View Full Code Here

0 1 2

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.