当前位置: 首页>>代码示例>>Java>>正文


Java CRLException类代码示例

本文整理汇总了Java中java.security.cert.CRLException的典型用法代码示例。如果您正苦于以下问题:Java CRLException类的具体用法?Java CRLException怎么用?Java CRLException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


CRLException类属于java.security.cert包,在下文中一共展示了CRLException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: verify

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * Verifies that this CRL was signed using the
 * private key that corresponds to the given public key,
 * and that the signature verification was computed by
 * the given provider. Note that the specified Provider object
 * does not have to be registered in the provider list.
 *
 * @param key the PublicKey used to carry out the verification.
 * @param sigProvider the signature provider.
 *
 * @exception NoSuchAlgorithmException on unsupported signature
 * algorithms.
 * @exception InvalidKeyException on incorrect key.
 * @exception SignatureException on signature errors.
 * @exception CRLException on encoding errors.
 */
public synchronized void verify(PublicKey key, Provider sigProvider)
        throws CRLException, NoSuchAlgorithmException, InvalidKeyException,
        SignatureException {

    if (signedCRL == null) {
        throw new CRLException("Uninitialized CRL");
    }
    Signature sigVerf = null;
    if (sigProvider == null) {
        sigVerf = Signature.getInstance(sigAlgId.getName());
    } else {
        sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
    }
    sigVerf.initVerify(key);

    if (tbsCertList == null) {
        throw new CRLException("Uninitialized CRL");
    }

    sigVerf.update(tbsCertList, 0, tbsCertList.length);

    if (!sigVerf.verify(signature)) {
        throw new SignatureException("Signature does not match.");
    }
    verifiedPublicKey = key;
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:43,代码来源:X509CRLImpl.java

示例2: parseExtension

import java.security.cert.CRLException; //导入依赖的package包/类
private void parseExtension(Extension ext) throws CRLException {
    try {
        Class<?> extClass = OIDMap.getClass(ext.getExtensionId());
        if (extClass == null) {   // Unsupported extension
            if (ext.isCritical())
                unsupportedCritExt = true;
            if (map.put(ext.getExtensionId().toString(), ext) != null)
                throw new CRLException("Duplicate extensions not allowed");
            return;
        }
        Constructor<?> cons = extClass.getConstructor(PARAMS);
        Object[] passed = new Object[] {Boolean.valueOf(ext.isCritical()),
                                        ext.getExtensionValue()};
        CertAttrSet<?> crlExt = (CertAttrSet<?>)cons.newInstance(passed);
        if (map.put(crlExt.getName(), (Extension)crlExt) != null) {
            throw new CRLException("Duplicate extensions not allowed");
        }
    } catch (InvocationTargetException invk) {
        throw new CRLException(invk.getTargetException().getMessage());
    } catch (Exception e) {
        throw new CRLException(e.toString());
    }
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:24,代码来源:CRLExtensions.java

示例3: fetchCRLFromLdap

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * Downloads a CRL from given LDAP url.
 *
 * @param r the resource that is the ldap url.
 * @return the x 509 cRL
 * @throws IOException          the exception thrown if resources cant be fetched
 * @throws CRLException         the exception thrown if resources cant be fetched
 * @throws CertificateException if connection to ldap fails, or attribute to get the revocation list is unavailable
 */
protected X509CRL fetchCRLFromLdap(final Object r) throws CertificateException, IOException, CRLException {
    try {
        final String ldapURL = r.toString();
        LOGGER.debug("Fetching CRL from ldap [{}]", ldapURL);

        final Response<SearchResult> result = performLdapSearch(ldapURL);
        if (result.getResultCode() == ResultCode.SUCCESS) {
            final LdapEntry entry = result.getResult().getEntry();
            final LdapAttribute attribute = entry.getAttribute(this.certificateAttribute);

            if (attribute.isBinary()) {
                LOGGER.debug("Located entry [{}]. Retrieving first attribute [{}]", entry, attribute);
                return fetchX509CRLFromAttribute(attribute);
            }
            LOGGER.warn("Found certificate attribute [{}] but it is not marked as a binary attribute", this.certificateAttribute);
        }

        LOGGER.debug("Failed to execute the search [{}]", result);
        throw new CertificateException("Failed to establish a connection ldap and search.");

    } catch (final LdapException e) {
        LOGGER.error(e.getMessage(), e);
        throw new CertificateException(e.getMessage());
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:35,代码来源:LdaptiveResourceCRLFetcher.java

示例4: getParameters

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * Return the initialization parameters for the TrustManager. Currently,
 * only the default <code>PKIX</code> is supported.
 *
 * @param algorithm
 *            The algorithm to get parameters for.
 * @param crlf
 *            The path to the CRL file.
 * @param trustStore
 *            The configured TrustStore.
 * @return The parameters including the CRLs and TrustStore.
 */
protected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore) throws Exception {
	CertPathParameters params = null;
	if ("PKIX".equalsIgnoreCase(algorithm)) {
		PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
		Collection<? extends CRL> crls = getCRLs(crlf);
		CertStoreParameters csp = new CollectionCertStoreParameters(crls);
		CertStore store = CertStore.getInstance("Collection", csp);
		xparams.addCertStore(store);
		xparams.setRevocationEnabled(true);
		String trustLength = endpoint.getTrustMaxCertLength();
		if (trustLength != null) {
			try {
				xparams.setMaxPathLength(Integer.parseInt(trustLength));
			} catch (Exception ex) {
				log.warn("Bad maxCertLength: " + trustLength);
			}
		}

		params = xparams;
	} else {
		throw new CRLException("CRLs not supported for type: " + algorithm);
	}
	return params;
}
 
开发者ID:how2j,项目名称:lazycat,代码行数:37,代码来源:JSSESocketFactory.java

示例5: addCRL

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * Add the CRLEntry objects contained in a previous CRL.
 * 
 * @param other the X509CRL to source the other entries from. 
 */
public void addCRL(X509CRL other)
    throws CRLException
{
    Set revocations = other.getRevokedCertificates();

    if (revocations != null)
    {
        Iterator it = revocations.iterator();
        while (it.hasNext())
        {
            X509CRLEntry entry = (X509CRLEntry)it.next();

            ASN1InputStream aIn = new ASN1InputStream(entry.getEncoded());

            try
            {
                tbsGen.addCRLEntry(ASN1Sequence.getInstance(aIn.readObject()));
            }
            catch (IOException e)
            {
                throw new CRLException("exception processing encoding of CRL: " + e.toString());
            }
        }
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:31,代码来源:X509V2CRLGenerator.java

示例6: generate

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * generate an X509 CRL, based on the current issuer and subject,
 * using the passed in provider for the signing.
 */
public X509CRL generate(
    PrivateKey      key,
    String          provider,
    SecureRandom    random)
    throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
{
    TBSCertList tbsCrl = generateCertList();
    byte[] signature;

    try
    {
        signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCrl);
    }
    catch (IOException e)
    {
        throw new ExtCRLException("cannot generate CRL encoding", e);
    }

    return generateJcaObject(tbsCrl, signature);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:25,代码来源:X509V2CRLGenerator.java

示例7: compareTo

import java.security.cert.CRLException; //导入依赖的package包/类
@Override
public int compareTo(X509CRLEntryImpl that) {
    int compSerial = getSerialNumber().compareTo(that.getSerialNumber());
    if (compSerial != 0) {
        return compSerial;
    }
    try {
        byte[] thisEncoded = this.getEncoded0();
        byte[] thatEncoded = that.getEncoded0();
        for (int i=0; i<thisEncoded.length && i<thatEncoded.length; i++) {
            int a = thisEncoded[i] & 0xff;
            int b = thatEncoded[i] & 0xff;
            if (a != b) return a-b;
        }
        return thisEncoded.length -thatEncoded.length;
    } catch (CRLException ce) {
        return -1;
    }
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:20,代码来源:X509CRLEntryImpl.java

示例8: convertHolders

import java.security.cert.CRLException; //导入依赖的package包/类
private CollectionCertStoreParameters convertHolders(JcaX509CertificateConverter certificateConverter, JcaX509CRLConverter crlConverter)
    throws CertificateException, CRLException
{
    List jcaObjs = new ArrayList(certs.size() + crls.size());

    for (Iterator it = certs.iterator(); it.hasNext();)
    {
        jcaObjs.add(certificateConverter.getCertificate((X509CertificateHolder)it.next()));
    }

    for (Iterator it = crls.iterator(); it.hasNext();)
    {
        jcaObjs.add(crlConverter.getCRL((X509CRLHolder)it.next()));
    }

    return new CollectionCertStoreParameters(jcaObjs);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:18,代码来源:JcaCertStoreBuilder.java

示例9: X509CRLObject

import java.security.cert.CRLException; //导入依赖的package包/类
public X509CRLObject(
    CertificateList c)
    throws CRLException
{
    this.c = c;
    
    try
    {
        this.sigAlgName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
        
        if (c.getSignatureAlgorithm().getParameters() != null)
        {
            this.sigAlgParams = ((ASN1Encodable)c.getSignatureAlgorithm().getParameters()).toASN1Primitive().getEncoded(ASN1Encoding.DER);
        }
        else
        {
            this.sigAlgParams = null;
        }

        this.isIndirect = isIndirectCRL(this);
    }
    catch (Exception e)
    {
        throw new CRLException("CRL contents invalid: " + e);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:27,代码来源:X509CRLObject.java

示例10: verify

import java.security.cert.CRLException; //导入依赖的package包/类
public void verify(PublicKey key, String sigProvider)
    throws CRLException, NoSuchAlgorithmException,
        InvalidKeyException, NoSuchProviderException, SignatureException
{
    if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature()))
    {
        throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
    }

    Signature sig;

    if (sigProvider != null)
    {
        sig = Signature.getInstance(getSigAlgName(), sigProvider);
    }
    else
    {
        sig = Signature.getInstance(getSigAlgName());
    }

    sig.initVerify(key);
    sig.update(this.getTBSCertList());

    if (!sig.verify(this.getSignature()))
    {
        throw new SignatureException("CRL does not verify with supplied public key.");
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:29,代码来源:X509CRLObject.java

示例11: readDERCRL

import java.security.cert.CRLException; //导入依赖的package包/类
private CRL readDERCRL(
    InputStream in)
    throws IOException, CRLException
{
    ASN1InputStream dIn = new ASN1InputStream(in);
    ASN1Sequence seq = (ASN1Sequence)dIn.readObject();

    if (seq.size() > 1
            && seq.getObjectAt(0) instanceof DERObjectIdentifier)
    {
        if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
        {
            sData = new SignedData(ASN1Sequence.getInstance(
                            (ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs();

            return getCRL();
        }
    }

    return new X509CRLObject(CertificateList.getInstance(seq));
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:22,代码来源:X509CRLParser.java

示例12: readDERCRL

import java.security.cert.CRLException; //导入依赖的package包/类
private CRL readDERCRL(
    ASN1InputStream aIn)
    throws IOException, CRLException
{
    ASN1Sequence seq = (ASN1Sequence)aIn.readObject();

    if (seq.size() > 1
            && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
    {
        if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
        {
            sCrlData = SignedData.getInstance(ASN1Sequence.getInstance(
                (ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs();

            return getCRL();
        }
    }

    return createCRL(
                 CertificateList.getInstance(seq));
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:22,代码来源:CertificateFactory.java

示例13: getIssuerX509Principal

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * return the issuer of the given CRL as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
	X509CRL crl)
	throws CRLException
{
	try
	{
		ByteArrayInputStream    bIn = new ByteArrayInputStream(
			crl.getTBSCertList());
		ASN1InputStream         aIn = new ASN1InputStream(bIn);
		TBSCertList tbsCertList = new TBSCertList(
										(ASN1Sequence)aIn.readObject());

		return new X509Principal(tbsCertList.getIssuer());
	}
	catch (IOException e)
	{
		throw new CRLException(e.toString());
	}
}
 
开发者ID:BiglySoftware,项目名称:BiglyBT,代码行数:23,代码来源:PrincipalUtil.java

示例14: decodeCRLs

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * Decodes CRLS in DER or PKCS#7 format. If in PKCS#7 format only the CRLs are decode, the rest of the content is
 * ignored.
 * 
 * @param crls encoded CRLs
 * 
 * @return decoded CRLs
 * 
 * @throws CRLException thrown if the CRLs can not be decoded
 * 
 * @since 1.2
 */
public static Collection<X509CRL> decodeCRLs(File crls) throws CRLException{
    if(!crls.exists()){
        throw new CRLException("CRL file " + crls.getAbsolutePath() + " does not exist");
    }
    
    if(!crls.canRead()){
        throw new CRLException("CRL file " + crls.getAbsolutePath() + " is not readable");
    }
    
    try{
        return decodeCRLs(DatatypeHelper.fileToByteArray(crls));
    }catch(IOException e){
        throw new CRLException("Error reading CRL file " + crls.getAbsolutePath(), e);
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:28,代码来源:X509Util.java

示例15: getCRLs

import java.security.cert.CRLException; //导入依赖的package包/类
/**
 * Get a list of the Java {@link java.security.cert.X509CRL}s within the given {@link KeyInfo}.
 * 
 * @param keyInfo the {@link KeyInfo} to extract the CRL's from
 * 
 * @return a list of Java {@link java.security.cert.X509CRL}s
 * 
 * @throws CRLException thrown if there is a problem converting the 
 *          CRL data into {@link java.security.cert.X509CRL}s
 */
public static List<X509CRL> getCRLs(KeyInfo keyInfo) throws CRLException {
    List<X509CRL> crlList = new LinkedList<X509CRL>();

    if (keyInfo == null) {
        return crlList;
    }

    List<X509Data> x509Datas = keyInfo.getX509Datas();
    for (X509Data x509Data : x509Datas) {
        if (x509Data != null) {
            crlList.addAll(getCRLs(x509Data));
        }
    }

    return crlList;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:27,代码来源:KeyInfoHelper.java


注:本文中的java.security.cert.CRLException类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。