public class X509CRLSelector extends Object implements CRLSelector
CRLSelector
for selecting X509CRL
s that match the specified criteria.
When constructed, all criteria are set to default values that will match any
X509CRL
.
Constructor and Description |
---|
X509CRLSelector()
Creates a new
X509CertSelector . |
Modifier and Type | Method and Description |
---|---|
void |
addIssuer(X500Principal issuer)
Adds an issuer to the criterion for the issuer distinguished names.
|
void |
addIssuerName(byte[] iss_name)
Adds an issuer to the criterion for the issuer distinguished names.
|
void |
addIssuerName(String iss_name)
Do not use:, use
addIssuer(X500Principal) or
addIssuerName(byte[]) instead. |
Object |
clone()
Clones this
X509CRL instance. |
X509Certificate |
getCertificateChecking()
Returns the certificate hint to find CRLs.
|
Date |
getDateAndTime()
Returns the criterion for the CRL update period.
|
Collection<Object> |
getIssuerNames()
Returns the criterion for the issuer distinguished names.
|
Collection<X500Principal> |
getIssuers()
Returns the criterion for the issuer distinguished names.
|
BigInteger |
getMaxCRL()
Returns the criterion for the maximum CRL number.
|
BigInteger |
getMinCRL()
Returns the criterion for the minimum CRL number.
|
boolean |
match(CRL crl)
Returns whether the specified CRL matches all the criteria collected in
this instance.
|
void |
setCertificateChecking(X509Certificate cert)
Sets a certificate hint to find CRLs.
|
void |
setDateAndTime(Date dateAndTime)
Sets the criterion for the CRL update period.
|
void |
setIssuerNames(Collection<?> names)
Do not use: use
setIssuers(Collection) or one of
addIssuerName(java.lang.String) instead. |
void |
setIssuers(Collection<X500Principal> issuers)
Sets the criterion for the issuer distinguished names.
|
void |
setMaxCRLNumber(BigInteger maxCRL)
Sets the criterion for the maximum CRL number.
|
void |
setMinCRLNumber(BigInteger minCRL)
Sets the criterion for the minimum CRL number.
|
String |
toString()
Returns a string representation of this
X509CRLSelector instance. |
public void setIssuers(Collection<X500Principal> issuers)
The CRL issuer must match at least one of the specified distinguished names.
issuers
- the list of issuer distinguished names to match, or null
if any issuer distinguished name will do.public void setIssuerNames(Collection<?> names) throws IOException
setIssuers(Collection)
or one of
addIssuerName(java.lang.String)
instead. Sets the criterion for the issuer
distinguished names.
The CRL issuer must match at least one of the specified distinguished names.
The specified parameter names
is a collection with an entry for
each name to be included in the criterion. The name is specified as a
String
or a byte array specifying the name (in RFC 2253 or ASN.1
DER encoded form)
names
- the list of issuer distinguished names to match, or null
if any issuer distinguished name will do.IOException
- if parsing fails.public void addIssuer(X500Principal issuer)
The CRL issuer must match at least one of the specified distinguished names.
issuer
- the issuer to add to the criterionpublic void addIssuerName(String iss_name) throws IOException
addIssuer(X500Principal)
or
addIssuerName(byte[])
instead. It can fail to match some CRLs
because of a loss of encoding information in a RFC 2253 string.
Adds an issuer to the criterion for the issuer distinguished names. The CRK issuer must match at least one of the specified distinguished names.
iss_name
- the RFC 2253 encoded name.IOException
- if parsing fails.public void addIssuerName(byte[] iss_name) throws IOException
The CRL issuer must match at least one of the specified distinguished names.
iss_name
- the issuer to add to the criterion in ASN.1 DER encoded form.IOException
- if parsing fails.public void setMinCRLNumber(BigInteger minCRL)
The CRL must have a number extension with a value greater than or equal to the specified parameter.
minCRL
- the minimum CRL number or null to not check the minimum CRL
numberpublic void setMaxCRLNumber(BigInteger maxCRL)
The CRL must have a number extension with a value less than or equal to the specified parameter.
maxCRL
- the maximum CRL number or null to not check the maximum CRL
number.public void setDateAndTime(Date dateAndTime)
The CRL's thisUpdate
value must be equal or before the specified
date and the nextUpdate
value must be after the specified date.
dateAndTime
- the date to search for valid CRL's or null
to not
check the date.public void setCertificateChecking(X509Certificate cert)
cert
- the certificate hint or null
.public Collection<X500Principal> getIssuers()
The CRL issuer must match at least one of the distinguished names.
null
if any issuer distinguished name will do.public Collection<Object> getIssuerNames()
The CRL issuer must match at least one of the distinguished names.
null
if any issuer distinguished name
will do. The elements may be strings or ASN.1 DER
encoded byte arrays.public BigInteger getMinCRL()
The CRL must have a number extension with a value greater than or equal to the returned value.
null
if the minimum CRL number
is not to be checked.public BigInteger getMaxCRL()
The CRL must have a number extension with a value less than or equal to the returned value.
public Date getDateAndTime()
The CRL's thisUpdate
value must be equal or before the returned
date and the nextUpdate
value must be after the returned date.
null
if the date is
not checked.public X509Certificate getCertificateChecking()
null
if none set.public String toString()
X509CRLSelector
instance.public boolean match(CRL crl)
match
in interface CRLSelector
crl
- the CRL to check.true
if the CRL matches all the criteria, otherwise
false
.public Object clone()
X509CRL
instance.clone
in interface CRLSelector
clone
in class Object