< prev index next >
src/java.base/share/classes/sun/security/x509/X509CRLImpl.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 27,57 ****
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.math.BigInteger;
- import java.security.Principal;
- import java.security.PublicKey;
- import java.security.PrivateKey;
- import java.security.Provider;
- import java.security.Signature;
- import java.security.NoSuchAlgorithmException;
- import java.security.InvalidKeyException;
- import java.security.NoSuchProviderException;
- import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.cert.X509CRLEntry;
import java.security.cert.CRLException;
import java.util.*;
import javax.security.auth.x500.X500Principal;
import sun.security.provider.X509Factory;
import sun.security.util.*;
- import sun.security.util.HexDumpEncoder;
/**
* <p>
* An implementation for X509 CRL (Certificate Revocation List).
* <p>
--- 27,48 ----
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.Certificate;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.cert.X509CRLEntry;
import java.security.cert.CRLException;
+ import java.security.*;
import java.util.*;
import javax.security.auth.x500.X500Principal;
import sun.security.provider.X509Factory;
import sun.security.util.*;
/**
* <p>
* An implementation for X509 CRL (Certificate Revocation List).
* <p>
*** 382,393 ****
--- 373,395 ----
if (sigProvider.length() == 0) {
sigVerf = Signature.getInstance(sigAlgId.getName());
} else {
sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
}
+
sigVerf.initVerify(key);
+ // set parameters after Signature.initSign/initVerify call,
+ // so the deferred provider selection happens when key is set
+ try {
+ SignatureUtil.specialSetParameter(sigVerf, getSigAlgParams());
+ } catch (ProviderException e) {
+ throw new CRLException(e.getMessage(), e.getCause());
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new CRLException(e);
+ }
+
if (tbsCertList == null) {
throw new CRLException("Uninitialized CRL");
}
sigVerf.update(tbsCertList, 0, tbsCertList.length);
*** 426,437 ****
--- 428,450 ----
if (sigProvider == null) {
sigVerf = Signature.getInstance(sigAlgId.getName());
} else {
sigVerf = Signature.getInstance(sigAlgId.getName(), sigProvider);
}
+
sigVerf.initVerify(key);
+ // set parameters after Signature.initSign/initVerify call,
+ // so the deferred provider selection happens when key is set
+ try {
+ SignatureUtil.specialSetParameter(sigVerf, getSigAlgParams());
+ } catch (ProviderException e) {
+ throw new CRLException(e.getMessage(), e.getCause());
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new CRLException(e);
+ }
+
if (tbsCertList == null) {
throw new CRLException("Uninitialized CRL");
}
sigVerf.update(tbsCertList, 0, tbsCertList.length);
< prev index next >