/** * Checks the validity of the certificate, and calls the next * verifier in the chain, if any. * @param signCert the certificate that needs to be checked * @param issuerCert its issuer * @param signDate the date the certificate needs to be valid * @return a list of <code>VerificationOK</code> objects. * The list will be empty if the certificate couldn't be verified. * @throws GeneralSecurityException * @throws IOException */ public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException { // Check if the certificate is valid on the signDate if (signDate != null) signCert.checkValidity(signDate); // Check if the signature is valid if (issuerCert != null) { signCert.verify(issuerCert.getPublicKey()); } // Also in case, the certificate is self-signed else { signCert.verify(signCert.getPublicKey()); } List<VerificationOK> result = new ArrayList<VerificationOK>(); if (verifier != null) result.addAll(verifier.verify(signCert, issuerCert, signDate)); return result; } }
/** * Checks the validity of the certificate, and calls the next * verifier in the chain, if any. * @param signCert the certificate that needs to be checked * @param issuerCert its issuer * @param signDate the date the certificate needs to be valid * @return a list of <code>VerificationOK</code> objects. * The list will be empty if the certificate couldn't be verified. * @throws GeneralSecurityException * @throws IOException */ public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException { // Check if the certificate is valid on the signDate if (signDate != null) signCert.checkValidity(signDate); // Check if the signature is valid if (issuerCert != null) { signCert.verify(issuerCert.getPublicKey()); } // Also in case, the certificate is self-signed else { signCert.verify(signCert.getPublicKey()); } List<VerificationOK> result = new ArrayList<VerificationOK>(); if (verifier != null) result.addAll(verifier.verify(signCert, issuerCert, signDate)); return result; } }
return super.verify(signCert, issuerCert, signDate); try { List<VerificationOK> result = new ArrayList<VerificationOK>(); LOGGER.info("Certificate verified against root store"); result.add(new VerificationOK(signCert, this.getClass(), "Certificate verified against root store.")); result.addAll(super.verify(signCert, issuerCert, signDate)); return result; } catch (GeneralSecurityException e) { result.addAll(super.verify(signCert, issuerCert, signDate)); return result; } catch (GeneralSecurityException e) { return super.verify(signCert, issuerCert, signDate);
return super.verify(signCert, issuerCert, signDate); try { List<VerificationOK> result = new ArrayList<VerificationOK>(); LOGGER.info("Certificate verified against root store"); result.add(new VerificationOK(signCert, this.getClass(), "Certificate verified against root store.")); result.addAll(super.verify(signCert, issuerCert, signDate)); return result; } catch (GeneralSecurityException e) { result.addAll(super.verify(signCert, issuerCert, signDate)); return result; } catch (GeneralSecurityException e) { return super.verify(signCert, issuerCert, signDate);
result.add(new VerificationOK(signCert, this.getClass(), "Valid OCSPs Found: " + validOCSPsFound + (online ? " (online)" : ""))); if (verifier != null) result.addAll(verifier.verify(signCert, issuerCert, signDate));
result.addAll(verifier.verify(signCert, issuerCert, signDate));
result.addAll(verifier.verify(signCert, issuerCert, signDate));
result.add(new VerificationOK(signCert, this.getClass(), "Valid OCSPs Found: " + validOCSPsFound + (online ? " (online)" : ""))); if (verifier != null) result.addAll(verifier.verify(signCert, issuerCert, signDate));