Search in sources :

Example 1 with CertException

use of com.github.zhenwei.pkix.cert.CertException in project LinLong-Java by zhenwei1108.

the class ParentCertIssuedValidation method validate.

public void validate(CertPathValidationContext context, X509CertificateHolder certificate) throws CertPathValidationException {
    if (workingIssuerName != null) {
        if (!workingIssuerName.equals(certificate.getIssuer())) {
            throw new CertPathValidationException("Certificate issue does not match parent");
        }
    }
    if (workingPublicKey != null) {
        try {
            SubjectPublicKeyInfo validatingKeyInfo;
            if (workingPublicKey.getAlgorithm().equals(workingAlgId)) {
                validatingKeyInfo = workingPublicKey;
            } else {
                validatingKeyInfo = new SubjectPublicKeyInfo(workingAlgId, workingPublicKey.parsePublicKey());
            }
            if (!certificate.isSignatureValid(contentVerifierProvider.build(validatingKeyInfo))) {
                throw new CertPathValidationException("Certificate signature not for public key in parent");
            }
        } catch (OperatorCreationException e) {
            throw new CertPathValidationException("Unable to create verifier: " + e.getMessage(), e);
        } catch (CertException e) {
            throw new CertPathValidationException("Unable to validate signature: " + e.getMessage(), e);
        } catch (IOException e) {
            throw new CertPathValidationException("Unable to build public key: " + e.getMessage(), e);
        }
    }
    workingIssuerName = certificate.getSubject();
    workingPublicKey = certificate.getSubjectPublicKeyInfo();
    if (workingAlgId != null) {
        // check for inherited parameters
        if (workingPublicKey.getAlgorithm().getAlgorithm().equals(workingAlgId.getAlgorithm())) {
            if (!isNull(workingPublicKey.getAlgorithm().getParameters())) {
                workingAlgId = workingPublicKey.getAlgorithm();
            }
        } else {
            workingAlgId = workingPublicKey.getAlgorithm();
        }
    } else {
        workingAlgId = workingPublicKey.getAlgorithm();
    }
}
Also used : CertPathValidationException(com.github.zhenwei.pkix.cert.path.CertPathValidationException) CertException(com.github.zhenwei.pkix.cert.CertException) IOException(java.io.IOException) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) SubjectPublicKeyInfo(com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)

Aggregations

SubjectPublicKeyInfo (com.github.zhenwei.core.asn1.x509.SubjectPublicKeyInfo)1 CertException (com.github.zhenwei.pkix.cert.CertException)1 CertPathValidationException (com.github.zhenwei.pkix.cert.path.CertPathValidationException)1 OperatorCreationException (com.github.zhenwei.pkix.operator.OperatorCreationException)1 IOException (java.io.IOException)1