|
again, use: Std. Ed.
v1.4.2
InputStream inStream = new
FileInputStream("fileName-of-crl");
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
X509CRL crl =
(X509CRL)cf.generateCRL(inStream);
inStream.close();
crl.verify(yourCertificate or
publicKey here)
----- Original Message -----
Sent: Thursday, April 06, 2006 11:41
AM
Subject: Re: Need lots of help -
Validating Signed XML files
If you could download this
files and try to help me to open them would be perfect i'm running out of
ideas for solving this matter.
the
revocation list that i'm using is
:http://icp-brasil.certisign.com.br/repositorio/lcr/ACCertiSignV3/LatestCRL.crl
Anyhelp will more then
welcome.
Cláudio Engelsdorff Avila
://Consultor de Sistemas
://Fone/Fax: +55 51 2101 6918
://Celular: +55 51 9303
2988
TRACE SISTEMAS
www.tracesistemas.com.br
www.tracegp.com.br
| Cláudio Engelsdorff
Avila <[EMAIL PROTECTED]>
06/04/2006 10:51
|
|
For that rovacation lists the URL is
"http://icp-brasil.certisign.com.br/repositorio/index.htm".
Sorry i thought that i had
pasted that link here too.
Thanks in advance
| "Martin Labarthe Dubois"
<[EMAIL PROTECTED]>
06/04/2006 10:39
|
|
To
| <[email protected]>
|
|
cc
|
|
|
Subject
| Re: Need lots of help -
Validating Signed XML files |
|
I only found the certificate
chains there,
but not
the revocation lists.
----- Original Message
-----
From: Cláudio Engelsdorff Avila
To:
[email protected]
Sent: Thursday, April 06, 2006 10:17 AM
Subject: Re:
Need lots of help - Validating Signed XML files
Yeah it helped for me to see that i'm on the
right path.
But i'm stil having some problems trying to open revocation
lists and so forth.
I got my chain and revocations lists from this URL "http://www.certisign.com.br/suporte/downloads.jsp#icp".
If someone could enlighten
me.
Thanks in advance.
www.tracesistemas.com.br
www.tracegp.com.br
| Milan Tomic
<[EMAIL PROTECTED]>
05/04/2006 04:36
|
|
Take a look at this
article:
http://java.sun.com/j2se/1.4.2/docs/guide/security/certpath/CertPathProgGuide.html
Hope
it helps,
Milan
--- Cl�udio Engelsdorff Avila
<[EMAIL PROTECTED]> wrote:
> I'm developing an
application that signs and validate xml files using the
> apache xml
security library.
>
> To sign a file is easy, but the validation
part is becoming a real problem
> for me.
>
> I've been
able to validate te signature itself, and its expiration dates,
> but i
need more than just that. I need to validate the certification chain
>
and rcl files as well.
> To be honest I could find some examples to
validate the chain, but I don't
> understand how the certification
chain really works.
>
> If you guys could give me some steps to
follow would be very nice. My
> deadline is coming and i still have
some pieces to put together.
>
>
> My goals are:
> -
Assure that the certicate used was an end user certificate and not from
> a certification authority; (Didn't find nothing about this kind of
> validation)
> - Adopt rules defined by RFC 3280 for RCL and
chain of trust
> (certification chain); (Completely lost on this
one)
> - Verify if the revogation and chain lists are up to date;
(Didn't get
> that far on my research)
> - Validate the key type
used accept only keys type A; (I didn't find
> anything about this
types only when you pucharse your key you choose this
> kind of things,
at least here on brazil.)
>
>
>
> Thanks in
advance.
__________________________________________________
Do
You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection
around
http://mail.yahoo.com
|
