Hi,
This week I worked on certificate verification and pushed that on gerrit. See [1].
Specifically, I worked on validating certificate chain and how to check revocation status of certificates in certificate chain. The code that I submitted, performs two types of revocation status checks.
- CRL (Certification Revocation List)
- OCSP (Open Certificate Status Protocol)
Revocation status checks are used to know whether certificate is revoked after getting signed by root CA. Both are necessary to check and are recommended by Oracle. If any one of the links are not available with certificate, certificate would be considered invalid or not trusted. For the list of trusted certificates, I am using truststore provided with JAVA as default truststore.
For a try, I made a CSR (Certificate Signing Request), made it signed using Thawte Trial Certificate and played with VerifySignature class using this signed cerificate.
I am also working on context menu and UI for performing signature.
Option for performing signature will be there in context menu of Package Explorer. I wanted to know how to provide option for performing signature only for Script files. We can use
tag, but what should be the parameters? I have done following which simply shows Perform Signature as context menu on any file.