示例#1
0
  public void encodeInfo(OutputStream out) throws CRLException {
    try {
      DerOutputStream tmp = new DerOutputStream();
      DerOutputStream rCerts = new DerOutputStream();
      DerOutputStream seq = new DerOutputStream();

      if (version != 0) {

        tmp.putInteger(version);
      }
      infoSigAlgId.encode(tmp);
      if ((version == 0) && (issuer.toString() == null)) {
        throw new CRLException("Null Issuer DN not allowed in v1 CRL");
      }
      issuer.encode(tmp);

      if (thisUpdate.getTime() < YR_2050) {
        tmp.putUTCTime(thisUpdate);
      } else {
        tmp.putGeneralizedTime(thisUpdate);
      }

      if (nextUpdate != null) {
        if (nextUpdate.getTime() < YR_2050) {
          tmp.putUTCTime(nextUpdate);
        } else {
          tmp.putGeneralizedTime(nextUpdate);
        }
      }

      if (!revokedList.isEmpty()) {
        for (X509CRLEntry entry : revokedList) {
          ((X509CRLEntryImpl) entry).encode(rCerts);
        }
        tmp.write(DerValue.tag_Sequence, rCerts);
      }

      if (extensions != null) {
        extensions.encode(tmp, isExplicit);
      }

      seq.write(DerValue.tag_Sequence, tmp);

      tbsCertList = seq.toByteArray();
      out.write(tbsCertList);
    } catch (IOException e) {
      throw new CRLException("Encoding error: " + e.getMessage());
    }
  }
示例#2
0
  public void sign(PrivateKey key, String algorithm, String provider)
      throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException,
          SignatureException {
    try {
      if (readOnly) {
        throw new CRLException("cannot over-write existing CRL");
      }
      Signature sigEngine = null;
      if ((provider == null) || (provider.length() == 0)) {
        sigEngine = Signature.getInstance(algorithm);
      } else {
        sigEngine = Signature.getInstance(algorithm, provider);
      }

      sigEngine.initSign(key);

      sigAlgId = AlgorithmId.get(sigEngine.getAlgorithm());
      infoSigAlgId = sigAlgId;

      DerOutputStream out = new DerOutputStream();
      DerOutputStream tmp = new DerOutputStream();

      encodeInfo(tmp);

      sigAlgId.encode(tmp);

      sigEngine.update(tbsCertList, 0, tbsCertList.length);
      signature = sigEngine.sign();
      tmp.putBitString(signature);

      out.write(DerValue.tag_Sequence, tmp);
      signedCRL = out.toByteArray();
      readOnly = true;

    } catch (IOException e) {
      throw new CRLException("Error while encoding data: " + e.getMessage());
    }
  }