CRL Verification in Java

Question

I have a CRL and a self-signed certificate that acts as a CA Certificate. I need to verify that the same CA has issued both the CRL and the root certificate in Java. The way I thought of was this:

X500Principal rootCertIssuer = rootCertificate.getIssuerX500Principal();
X500Principal crlIssuer = crl.getIssuerX500Principal();
    if(rootCertIssuer.getName().equals(crlIssuer.getName()))
    System.out.println("Issuer same!");
else
    System.out.println("Issuer different!");

This does not seem right, because in case Country/State information is missing in one of either the CRL or the root certificate, equals() will return a false. How do I proceed? Or, opposed to what I think, is this approach right?

Thank you!

Answer 1

As it was mentioned by @frasertweedale, certificate issuer and CRL issuer not necessarily need to be the same. Though, there is no much reason to delegate CRL issuance to another authority and not all systems support that. For example, Windows chain validation code only supports CRLs issued by (signed by) the same CA that issued the cert covered by the CRL.

In general, validation logic consist of two parts and looks like this:

1. Read CDP (CRL Distribution Points) extension of the certificate (non-root) and loop over CRLDistributionPoints sequence. If there is an entry with presented cRLIssuer structure, then CRL referenced by this distribution point is signed by an entity specified in the cRLIssuer field. If cRLIssuer field is not presented, then certificate and CRL are signed by the same CA and CRL location is specified in the distributionPointName field.
2. Download (or use other means to download the CRL) CRL (and CRL issuer certificate if necessary) and start CRL validation routine.

CRL validation against issuer is performed in two steps:

1. first, you need to make binary (not string) comparison of Issuer filed in CRL and Subject field of CRL issuer certificate. If comparison fails, CRL is invalid.
2. use CRL issuer certificate's public key to validate CRL signature. If signature verification fails, CRL is invalid.

more information about CRL Distribution Points extension composition and processing rules: RFC 5280 §4.2.1.13

Answer 2

If the Issuer Distinguished Names are different on the CA certificate and the CRL, then they MUST be regarded as having been issued by different issuers. If bits of the Issuer DN "go missing" when producing a CRL or any other signed object, well, that is a violation of X.509 and a bug.

Note that a CA may delegate CRL signing to a subordinate CRL issuer, so a general CRL validation function must handle this case, as well as direct CRL issuance.

Answer 3

Just noting that since Java8 there is a way of verifying certificate chains including CRL checks, see here: Java SSL Certificate Revocation Checking.

If you use a self-signed certificates, you indeed need to make sure that your key/trust stores of involved parties are populated properly (default cacerts).

I think, string comparison of issues names is a pretty weak approach.