"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "examples/src/main/java/org/apache/pdfbox/examples/signature/cert/CertificateVerifier.java" between
pdfbox-2.0.23-src.zip and pdfbox-2.0.24-src.zip

About: Apache PDFBox is a Java PDF library tool that allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents.

[ To the main pdfbox source changes report ]

CertificateVerifier.java  (pdfbox-2.0.23-src):CertificateVerifier.java  (pdfbox-2.0.24-src)
skipping to change at line 211 skipping to change at line 211
Set<X509Certificate> additionalCerts, Set<X509Certificate> additionalCerts,
Date signDate) Date signDate)
throws IOException, CertificateVerificationException, OCSPException, throws IOException, CertificateVerificationException, OCSPException,
RevokedCertificateException, GeneralSecurityException RevokedCertificateException, GeneralSecurityException
{ {
if (isSelfSigned(cert)) if (isSelfSigned(cert))
{ {
// root, we're done // root, we're done
return; return;
} }
X509Certificate issuerCert = null;
for (X509Certificate additionalCert : additionalCerts) for (X509Certificate additionalCert : additionalCerts)
{ {
try try
{ {
cert.verify(additionalCert.getPublicKey(), SecurityProvider.getP rovider().getName()); cert.verify(additionalCert.getPublicKey(), SecurityProvider.getP rovider().getName());
issuerCert = additionalCert; checkRevocationsWithIssuer(cert, additionalCert, additionalCerts
break; , signDate);
// there can be several issuers
} }
catch (GeneralSecurityException ex) catch (GeneralSecurityException ex)
{ {
// not the issuer // not the issuer
} }
} }
// issuerCert is never null here. If it hadn't been found, then there wo }
uldn't be a
// verifiedCertChain earlier.
private static void checkRevocationsWithIssuer(X509Certificate cert, X509Cer
tificate issuerCert,
Set<X509Certificate> additionalCerts, Date signDate)
throws CertificateVerificationException, IOException, RevokedCertifi
cateException,
GeneralSecurityException, OCSPException
{
// Try checking the certificate through OCSP (faster than CRL) // Try checking the certificate through OCSP (faster than CRL)
String ocspURL = extractOCSPURL(cert); String ocspURL = extractOCSPURL(cert);
if (ocspURL != null) if (ocspURL != null)
{ {
OcspHelper ocspHelper = new OcspHelper(cert, signDate, issuerCert, a dditionalCerts, ocspURL); OcspHelper ocspHelper = new OcspHelper(cert, signDate, issuerCert, a dditionalCerts, ocspURL);
try try
{ {
verifyOCSP(ocspHelper, additionalCerts); verifyOCSP(ocspHelper, additionalCerts);
} }
catch (IOException ex) catch (IOException ex)
 End of changes. 4 change blocks. 
6 lines changed or deleted 11 lines changed or added
To the Java Programs section of the pdfbox source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)