@Test public void retrieveRevocationInfo() throws IOException { try (InputStream fis = CRLParserTest.class.getResourceAsStream("/LTGRCA.crl"); BufferedInputStream is = new BufferedInputStream(fis)) { BigInteger serialNumber = new BigInteger("5203"); X509CRLEntry entry = parser.retrieveRevocationInfo(fis, serialNumber); assertNotNull(entry); assertNotNull(entry.getRevocationDate()); assertNotNull(entry.getRevocationReason()); assertNotNull(entry.getSerialNumber()); assertEquals(serialNumber, entry.getSerialNumber()); } }
@Test public void retrieveRevocationInfoMediumLastEntry() throws IOException { try (InputStream fis = CRLParserTest.class.getResourceAsStream("/http___crl.globalsign.com_gs_gspersonalsign2sha2g2.crl")) { BigInteger serialNumber = new BigInteger("288350169419475868349393264025423631520"); X509CRLEntry entry = parser.retrieveRevocationInfo(fis, serialNumber); assertNotNull(entry); assertNotNull(entry.getRevocationDate()); assertNull(entry.getRevocationReason()); assertNotNull(entry.getSerialNumber()); assertEquals(serialNumber, entry.getSerialNumber()); } }
@Test public void retrieveRevocationInfoMedium() throws IOException { try (InputStream fis = CRLParserTest.class.getResourceAsStream("/http___crl.globalsign.com_gs_gspersonalsign2sha2g2.crl")) { BigInteger serialNumber = new BigInteger("288350169419475868349393253038503091234"); X509CRLEntry entry = parser.retrieveRevocationInfo(fis, serialNumber); assertNotNull(entry); assertNotNull(entry.getRevocationDate()); assertNull(entry.getRevocationReason()); assertNotNull(entry.getSerialNumber()); assertEquals(serialNumber, entry.getSerialNumber()); } }
@Test public void retrieveRevocation() throws Exception { try (InputStream is = AbstractTestCRLUtils.class.getResourceAsStream("/http___crl.globalsign.com_gs_gspersonalsign2sha2g2.crl"); InputStream isCer = AbstractTestCRLUtils.class.getResourceAsStream("/citizen_ca.cer")) { CertificateToken certificateToken = loadCert(isCer); CRLValidity validity = CRLUtils.isValidCRL(is, certificateToken); BigInteger serialNumber = new BigInteger("288350169419475868349393253038503091234"); X509CRLEntry entry = CRLUtils.getRevocationInfo(validity, serialNumber); assertNotNull(entry); assertNotNull(entry.getRevocationDate()); assertNull(entry.getRevocationReason()); assertNotNull(entry.getSerialNumber()); assertEquals(serialNumber, entry.getSerialNumber()); serialNumber = new BigInteger("288350169419475868349393264025423631520"); entry = CRLUtils.getRevocationInfo(validity, serialNumber); assertNotNull(entry); assertNotNull(entry.getRevocationDate()); assertNull(entry.getRevocationReason()); assertNotNull(entry.getSerialNumber()); assertEquals(serialNumber, entry.getSerialNumber()); serialNumber = new BigInteger("111111111111111111111111111"); entry = CRLUtils.getRevocationInfo(validity, serialNumber); assertNull(entry); } }
/** * @param certificateToken * the {@code CertificateToken} which is managed by this CRL. */ private void setRevocationStatus(final CertificateToken certificateToken) { final X500Principal issuerToken = certificateToken.getIssuerX500Principal(); CertificateToken crlSigner = crlValidity.getIssuerToken(); X500Principal crlSignerSubject = null; if (crlSigner != null) { crlSignerSubject = crlSigner.getSubjectX500Principal(); } if (!DSSUtils.x500PrincipalAreEquals(issuerToken, crlSignerSubject)) { if (!crlValidity.isSignatureIntact()) { throw new DSSException(crlValidity.getSignatureInvalidityReason()); } throw new DSSException("The CRLToken is not signed by the same issuer as the CertificateToken to be verified!"); } final BigInteger serialNumber = certificateToken.getSerialNumber(); X509CRLEntry crlEntry = CRLUtils.getRevocationInfo(crlValidity, serialNumber); status = null == crlEntry; if (!status) { revocationDate = crlEntry.getRevocationDate(); CRLReason revocationReason = crlEntry.getRevocationReason(); if (revocationReason != null) { reason = CRLReasonEnum.fromInt(revocationReason.ordinal()); } } }