当前位置: 首页>>代码示例>>Java>>正文


Java X509v2CRLBuilder.build方法代码示例

本文整理汇总了Java中org.bouncycastle.cert.X509v2CRLBuilder.build方法的典型用法代码示例。如果您正苦于以下问题:Java X509v2CRLBuilder.build方法的具体用法?Java X509v2CRLBuilder.build怎么用?Java X509v2CRLBuilder.build使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.bouncycastle.cert.X509v2CRLBuilder的用法示例。


在下文中一共展示了X509v2CRLBuilder.build方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generateCrl

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private X509CRL generateCrl(X509Certificate ca, PrivateKey caPrivateKey, X509Certificate... revoked) throws Exception {
    X509v2CRLBuilder builder = new X509v2CRLBuilder(
        new X500Name(ca.getSubjectDN().getName()),
        new Date()
    );

    for (X509Certificate certificate : revoked) {
        builder.addCRLEntry(certificate.getSerialNumber(), new Date(), CRLReason.privilegeWithdrawn);
    }

    JcaContentSignerBuilder contentSignerBuilder =
        new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder crlHolder = builder.build(contentSignerBuilder.build(caPrivateKey));

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    return converter.getCRL(crlHolder);
}
 
开发者ID:eclipse,项目名称:milo,代码行数:24,代码来源:CertificateValidationUtilTest.java

示例2: generateCRL

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private File generateCRL(X509Certificate cert) throws CRLException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, IOException, OperatorCreationException {
    X500Name issuer = new X500Name("CN=ca");
    Date thisUpdate = new Date();
    X509v2CRLBuilder gen = new X509v2CRLBuilder(issuer, thisUpdate);
    gen.setNextUpdate(new Date(System.currentTimeMillis() + 60000));

    if (cert != null) {
        gen.addCRLEntry(cert.getSerialNumber(), new Date(System.currentTimeMillis() - 1000), CRLReason.keyCompromise);
    }

    ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(credential.getPrivateKey());
    X509CRLHolder crl = gen.build(sigGen);

    final File crlFile = File.createTempFile("test", "test");
    crlFile.deleteOnExit();
    FileOutputStream fos = new FileOutputStream(crlFile);
    IOUtils.write(crl.getEncoded(), fos);
    fos.close();
    return crlFile;
}
 
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:21,代码来源:IntegrationTests.java

示例3: generateCRL

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private File generateCRL(X509Certificate cert) throws CRLException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, IOException, OperatorCreationException {
       X500Name issuer = new X500Name("CN=ca");
       Date thisUpdate = new Date();
       X509v2CRLBuilder gen = new X509v2CRLBuilder(issuer, thisUpdate);
	gen.setNextUpdate(new Date(System.currentTimeMillis() + 60000));

       if (cert != null) {
		gen.addCRLEntry(cert.getSerialNumber(), new Date(System.currentTimeMillis() - 1000), CRLReason.keyCompromise);
	}

       ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(cred.getPrivateKey());
	X509CRLHolder crl = gen.build(sigGen);

	final File crlFile = File.createTempFile("test", "test");
	crlFile.deleteOnExit();
	FileOutputStream fos = new FileOutputStream(crlFile);
	IOUtils.write(crl.getEncoded(), fos);
	fos.close();
	return crlFile;
}
 
开发者ID:amagdenko,项目名称:oiosaml.java,代码行数:21,代码来源:CRLCheckerTest.java

示例4: newCertificateRevocationList

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
/**
 * Creates a new certificate revocation list (CRL).  This function will
 * destroy any existing CRL file.
 *
 * @param caRevocationList
 * @param caKeystoreFile
 * @param caKeystorePassword
 * @return
 */
public static void newCertificateRevocationList(File caRevocationList, File caKeystoreFile, String caKeystorePassword) {
    try {
        // read the Fathom CA key and certificate
        KeyStore store = openKeyStore(caKeystoreFile, caKeystorePassword);
        PrivateKey caPrivateKey = (PrivateKey) store.getKey(CA_ALIAS, caKeystorePassword.toCharArray());
        X509Certificate caCert = (X509Certificate) store.getCertificate(CA_ALIAS);

        X500Name issuerDN = new X500Name(PrincipalUtil.getIssuerX509Principal(caCert).getName());
        X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(issuerDN, new Date());

        // build and sign CRL with CA private key
        ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);
        X509CRLHolder crl = crlBuilder.build(signer);

        File tmpFile = new File(caRevocationList.getParentFile(), Long.toHexString(System.currentTimeMillis()) + ".tmp");
        FileOutputStream fos = null;
        try {
            fos = new FileOutputStream(tmpFile);
            fos.write(crl.getEncoded());
            fos.flush();
            fos.close();
            if (caRevocationList.exists()) {
                caRevocationList.delete();
            }
            tmpFile.renameTo(caRevocationList);
        } finally {
            if (fos != null) {
                fos.close();
            }
            if (tmpFile.exists()) {
                tmpFile.delete();
            }
        }
    } catch (Exception e) {
        throw new RuntimeException("Failed to create new certificate revocation list " + caRevocationList, e);
    }
}
 
开发者ID:gitblit,项目名称:fathom,代码行数:47,代码来源:X509Utils.java

示例5: newCertificateRevocationList

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
/**
 * Creates a new certificate revocation list (CRL).  This function will
 * destroy any existing CRL file.
 * 
 * @param caRevocationList
 * @param storeFile
 * @param keystorePassword
 * @return
 */
public static void newCertificateRevocationList(File caRevocationList, File caKeystoreFile, String caKeystorePassword) {
	try {
		// read the Gitblit CA key and certificate
		KeyStore store = openKeyStore(caKeystoreFile, caKeystorePassword);
		PrivateKey caPrivateKey = (PrivateKey) store.getKey(CA_ALIAS, caKeystorePassword.toCharArray());
		X509Certificate caCert = (X509Certificate) store.getCertificate(CA_ALIAS);

		X500Name issuerDN = new X500Name(PrincipalUtil.getIssuerX509Principal(caCert).getName());
		X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(issuerDN, new Date());
		
		// build and sign CRL with CA private key
		ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);
		X509CRLHolder crl = crlBuilder.build(signer);

		File tmpFile = new File(caRevocationList.getParentFile(), Long.toHexString(System.currentTimeMillis()) + ".tmp");
		FileOutputStream fos = null;
		try {
			fos = new FileOutputStream(tmpFile);
			fos.write(crl.getEncoded());
			fos.flush();
			fos.close();
			if (caRevocationList.exists()) {
				caRevocationList.delete();
			}
			tmpFile.renameTo(caRevocationList);
		} finally {
			if (fos != null) {
				fos.close();
			}
			if (tmpFile.exists()) {
				tmpFile.delete();
			}
		}
	} catch (Exception e) {
		throw new RuntimeException("Failed to create new certificate revocation list " + caRevocationList, e);
	}
}
 
开发者ID:warpfork,项目名称:gitblit,代码行数:47,代码来源:X509Utils.java

示例6: testDirect

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testDirect()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name issuer = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, new Date());

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), CRLReason.cACompromise);

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
    {
        fail("CRL signature not valid");
    }

    X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());

    if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(cRLHolder.getIssuer()))))
    {
        fail("certificate issuer incorrect");
    }

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());

    if (!crl.isRevoked(certificate))
    {
        fail("Certificate should be revoked");
    }

    // now encode the CRL and load the CRL with the JCE provider

    CertificateFactory fac = CertificateFactory.getInstance("X.509");

    X509CRL jceCRL = (X509CRL) fac.generateCRL(new ByteArrayInputStream(crl.getEncoded()));

    jceCRL.verify(certificate.getPublicKey());

    if (!jceCRL.isRevoked(certificate))
    {
        fail("This certificate should also be revoked");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:63,代码来源:CertTest.java

示例7: testIndirect

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testIndirect()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name crlIssuer = X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
    X500Name caName = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());

    builder.addExtension(Extension.issuingDistributionPoint, true, new IssuingDistributionPoint(null, true, false));

    ExtensionsGenerator extGen = new ExtensionsGenerator();

    extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
    extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
    {
        fail("CRL signature not valid");
    }

    X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());

    if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded())))))
    {
        fail("certificate issuer incorrect");
    }

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());

    if (!crl.isRevoked(certificate))
    {
        fail("Certificate should be revoked");
    }

    // now encode the CRL and load the CRL with the JCE provider

    CertificateFactory fac = CertificateFactory.getInstance("X.509");

    X509CRL jceCRL = (X509CRL) fac.generateCRL(new ByteArrayInputStream(crl.getEncoded()));

    jceCRL.verify(certificate.getPublicKey());

    if (!jceCRL.isRevoked(certificate))
    {
        fail("This certificate should also be revoked");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:71,代码来源:CertTest.java

示例8: testMalformedIndirect

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testMalformedIndirect()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name crlIssuer = X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
    X500Name caName = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());

    ExtensionsGenerator extGen = new ExtensionsGenerator();

    extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
    extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
    {
        fail("CRL signature not valid");
    }

    X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());

    if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(cRLHolder.getIssuer()))))
    {
        fail("certificate issuer incorrect");
    }

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());

    if (crl.isRevoked(certificate))
    {
        throw new Exception("Certificate should not be revoked");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:56,代码来源:CertTest.java

示例9: testDirect

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testDirect()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name issuer = X500Name.getInstance(PrincipalUtil.getIssuerX509Principal(certificate).getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, new Date());

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), CRLReason.cACompromise);

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());

    if (!crl.isRevoked(certificate))
    {
        fail("Certificate should be revoked");
    }

    // now encode the CRL and load the CRL with the JCE provider

    CertificateFactory fac = CertificateFactory.getInstance("X.509");

    X509CRL jceCRL = (X509CRL) fac.generateCRL(new ByteArrayInputStream(crl.getEncoded()));

    jceCRL.verify(certificate.getPublicKey());

    if (!jceCRL.isRevoked(certificate))
    {
        fail("This certificate should also be revoked");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:51,代码来源:CertTest.java

示例10: testIndirect

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testIndirect()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name crlIssuer = X500Name.getInstance(PrincipalUtil.getSubjectX509Principal(certificate).getEncoded());
    X500Name caName = X500Name.getInstance(PrincipalUtil.getIssuerX509Principal(certificate).getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());

    builder.addExtension(Extension.issuingDistributionPoint, true, new IssuingDistributionPoint(null, true, false));

    ExtensionsGenerator extGen = new ExtensionsGenerator();

    extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
    extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());

    if (!crl.isRevoked(certificate))
    {
        fail("Certificate should be revoked");
    }

    // now encode the CRL and load the CRL with the JCE provider

    CertificateFactory fac = CertificateFactory.getInstance("X.509");

    X509CRL jceCRL = (X509CRL) fac.generateCRL(new ByteArrayInputStream(crl.getEncoded()));

    jceCRL.verify(certificate.getPublicKey());

    if (!jceCRL.isRevoked(certificate))
    {
        fail("This certificate should also be revoked");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:59,代码来源:CertTest.java

示例11: testMalformedIndirect

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testMalformedIndirect()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name crlIssuer = X500Name.getInstance(PrincipalUtil.getSubjectX509Principal(certificate).getEncoded());
    X500Name caName = X500Name.getInstance(PrincipalUtil.getIssuerX509Principal(certificate).getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());

    ExtensionsGenerator extGen = new ExtensionsGenerator();

    extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
    extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());

    if (crl.isRevoked(certificate))
    {
        throw new Exception("Certificate should not be revoked");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:44,代码来源:CertTest.java

示例12: testIndirect2

import org.bouncycastle.cert.X509v2CRLBuilder; //导入方法依赖的package包/类
private void testIndirect2()
    throws Exception
{
    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");

    ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);

    keyStore.load(input, "test".toCharArray());

    X509Certificate certificate = (X509Certificate) keyStore.getCertificate("ca");
    PrivateKey privateKey = (PrivateKey) keyStore.getKey("ca", null);

    X500Name crlIssuer = X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
    X500Name caName = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());

    X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());

    builder.addExtension(Extension.issuingDistributionPoint, true, new IssuingDistributionPoint(null, true, false));

    builder.addCRLEntry(BigInteger.valueOf(100), new Date(), CRLReason.cACompromise);
    builder.addCRLEntry(BigInteger.valueOf(120), new Date(), CRLReason.cACompromise);

    ExtensionsGenerator extGen = new ExtensionsGenerator();

    extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
    extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));

    builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());

    builder.addCRLEntry(BigInteger.valueOf(130), new Date(), CRLReason.cACompromise);

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");

    contentSignerBuilder.setProvider("BC");

    X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));

    if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
    {
        fail("CRL signature not valid");
    }

    X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());

    if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(caName))))
    {
        fail("certificate issuer incorrect");
    }

    cRLEntryHolder = cRLHolder.getRevokedCertificate(BigInteger.valueOf(130));

    if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(caName))))
    {
        fail("certificate issuer incorrect");
    }

    cRLEntryHolder = cRLHolder.getRevokedCertificate(BigInteger.valueOf(100));

    if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(cRLHolder.getIssuer()))))
    {
        fail("certificate issuer incorrect");
    }

    JcaX509CRLConverter converter = new JcaX509CRLConverter();

    converter.setProvider("BC");

    X509CRL crl = converter.getCRL(cRLHolder);

    crl.verify(certificate.getPublicKey());
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:72,代码来源:CertTest.java


注:本文中的org.bouncycastle.cert.X509v2CRLBuilder.build方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。