/**
* Checks certification path by IssuerX500Principal keyed in CAroot<br>
* <br>
* Risale il certification path attraverso IssuerX500Principal chiave in CAroot
*
* @return true: if certification path is valid
*/
public boolean getPathValid() {
isPathValid = true;
X509Certificate certChild = cert;
X509Certificate certParent = null;
while (!certChild.getIssuerDN().equals(certChild.getSubjectDN())) {
// finche' la CA non è autofirmata
try {
certParent = CAroot.getCACertificate(certChild.getIssuerX500Principal());
} catch (GeneralSecurityException ex) {
// la CA non è presente nella root
isPathValid = false;
return isPathValid;
}
certChild = certParent;
}
;
return isPathValid;
}
/**
* Return true if the certificate is active<br>
* <br>
* Restituisce true se il certificato è ancora attivo
*
* @return true: if the certificate is active
*/
public boolean getInUse() {
try {
cert.checkValidity();
isInUse = true;
isExpired = false;
} catch (CertificateNotYetValidException ex) {
isInUse = false;
} catch (CertificateExpiredException ex) {
isExpired = true;
}
return isInUse;
}
/**
* Return the general result<br>
* <br>
* Restituisce il risultato di tutte le verifiche
*
* @return true: if certificate is valid
*/
public boolean getPassed() {
isPathValid = this.getPathValid();
isExpired = this.getExpired();
isInUse = this.getInUse();
isRevoked = this.getRevoked();
isPassed = isPathValid && !isRevoked && !isExpired && isInUse;
System.out.println(
"************************Verifica: "
+ cert.getSubjectDN()
+ "\n Risultato getPassed: "
+ isPassed);
CRLerror = CRL.getCRLerror();
return isPassed;
}