Example usage for org.bouncycastle.jce.provider RFC3280CertPathUtilities processCRLB2

List of usage examples for org.bouncycastle.jce.provider RFC3280CertPathUtilities processCRLB2

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.jce.provider.*
  5. RFC3280CertPathUtilities
  6. processCRLB2

Introduction

In this page you can find the example usage for org.bouncycastle.jce.provider RFC3280CertPathUtilities processCRLB2.

Prototype

protected static void processCRLB2(DistributionPoint dp, Object cert, X509CRL crl) throws AnnotatedException

Source Link

Document

If the complete CRL includes an issuing distribution point (IDP) CRL extension check the following:

(i) If the distribution point name is present in the IDP CRL extension and the distribution field is present in the DP, then verify that one of the names in the IDP matches one of the names in the DP.

Usage

From source file:eu.emi.security.authn.x509.helpers.pkipath.bc.RFC3280CertPathUtilitiesHelper.java

License:Open Source License

protected static void processCRLB2_2(DistributionPoint dp, Object cert, X509CRL crl)
        throws SimpleValidationErrorException {
    try {/*from  w  w  w.  j  a va 2s. c  o  m*/
        RFC3280CertPathUtilities.processCRLB2(dp, cert, crl);
    } catch (AnnotatedException e) {
        if (e.getMessage().startsWith("Issuing distribution point extension could not be decoded")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.distrPtExtError, e.getCause());
        } else if (e.getMessage().startsWith("Could not read CRL issuer")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlIssuerException, e);
        } else if (e.getMessage().startsWith(
                "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlIDPAndDPMismatch);
        } else if (e.getMessage().startsWith("Either the cRLIssuer or the distributionPoint field must")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlNoIssuerAndDP);
        } else if (e.getMessage().startsWith("Basic constraints extension could not be decoded")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlBCExtError, e.getCause());
        } else if (e.getMessage().startsWith("CA Cert CRL only contains user certificates")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlOnlyUserCert);
        } else if (e.getMessage().startsWith("End CRL only contains CA certificates")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlOnlyCaCert);
        } else if (e.getMessage().startsWith("onlyContainsAttributeCerts boolean is asserted")) {
            throw new SimpleValidationErrorException(ValidationErrorCode.crlOnlyAttrCert);
        } else {
            throw new SimpleValidationErrorException(ValidationErrorCode.unknownMsg, e);
        }
    }
}