public class X509CRLImpl extends X509CRL
CertificateList
,
X509CRL
Constructor and Description |
---|
X509CRLImpl(byte[] encoding)
Creates X.509 CRL on the base of ASN.1 DER encoded form of
the CRL (CertificateList structure described in RFC 3280)
provided via array of bytes.
|
X509CRLImpl(CertificateList crl)
Creates X.509 CRL by wrapping of the specified CertificateList object.
|
X509CRLImpl(InputStream in)
Creates X.509 CRL on the base of ASN.1 DER encoded form of
the CRL (CertificateList structure described in RFC 3280)
provided via input stream.
|
Modifier and Type | Method and Description |
---|---|
Set |
getCriticalExtensionOIDs()
Returns the set of OIDs of the extension(s) marked as CRITICAL, that this
implementation manages.
|
byte[] |
getEncoded()
Returns this CRL in ASN.1 DER encoded form.
|
byte[] |
getExtensionValue(String oid)
Returns the extension value as DER-encoded OCTET string for the specified
OID.
|
Principal |
getIssuerDN()
Do not use, use
X509CRL.getIssuerX500Principal() instead. |
X500Principal |
getIssuerX500Principal()
Returns the issuer distinguished name of this CRL.
|
Date |
getNextUpdate()
Returns the
nextUpdate value of this CRL. |
Set |
getNonCriticalExtensionOIDs()
Returns the set of OIDs of the extension(s) marked as NON-CRITICAL, that
this implementation manages.
|
X509CRLEntry |
getRevokedCertificate(BigInteger serialNumber)
Method searches for CRL entry with specified serial number.
|
X509CRLEntry |
getRevokedCertificate(X509Certificate certificate)
Searches for certificate in CRL.
|
Set<? extends X509CRLEntry> |
getRevokedCertificates()
Returns the set of revoked certificates.
|
String |
getSigAlgName()
Returns the name of the signature algorithm.
|
String |
getSigAlgOID()
Returns the OID of the signature algorithm.
|
byte[] |
getSigAlgParams()
Returns the parameters of the signature algorithm in DER encoded form.
|
byte[] |
getSignature()
Returns the signature bytes of this CRL.
|
byte[] |
getTBSCertList()
Returns the
tbsCertList information of this CRL in DER encoded
form. |
Date |
getThisUpdate()
Returns the
thisUpdate value of this CRL. |
int |
getVersion()
Returns the version number of this CRL.
|
boolean |
hasUnsupportedCriticalExtension()
Returns whether this instance has an extension marked as CRITICAL that it
cannot support.
|
boolean |
isRevoked(Certificate cert)
Returns whether the specified certificate is revoked by this CRL.
|
String |
toString()
Returns the string representation of this instance.
|
void |
verify(PublicKey key)
Verifies this CRL by verifying that this CRL was signed with the
corresponding private key to the specified public key.
|
void |
verify(PublicKey key,
String sigProvider)
Verifies this CRL by verifying that this CRL was signed with the
corresponding private key to the specified public key.
|
public X509CRLImpl(CertificateList crl)
public X509CRLImpl(InputStream in) throws CRLException
CRLException
- if decoding errors occur.public X509CRLImpl(byte[] encoding) throws IOException
IOException
- if decoding errors occur.public byte[] getEncoded() throws CRLException
X509CRL
getEncoded
in class X509CRL
CRLException
- if encoding fails.method documentation for more info
public int getVersion()
X509CRL
getVersion
in class X509CRL
method documentation for more info
public Principal getIssuerDN()
X509CRL
X509CRL.getIssuerX500Principal()
instead. Returns
the issuer as an implementation specific Principal object.getIssuerDN
in class X509CRL
method documentation for more info
public X500Principal getIssuerX500Principal()
X509CRL
getIssuerX500Principal
in class X509CRL
method documentation for more info
public Date getThisUpdate()
X509CRL
thisUpdate
value of this CRL.getThisUpdate
in class X509CRL
thisUpdate
value of this CRL.method documentation for more info
public Date getNextUpdate()
X509CRL
nextUpdate
value of this CRL.getNextUpdate
in class X509CRL
nextUpdate
value of this CRL, or null
if none
is present.method documentation for more info
public X509CRLEntry getRevokedCertificate(X509Certificate certificate)
getRevokedCertificate
in class X509CRL
certificate
- the certificate to search a CRL entry for.null
if not
found.method documentation for more info
public X509CRLEntry getRevokedCertificate(BigInteger serialNumber)
getRevokedCertificate
in class X509CRL
serialNumber
- the certificate serial number to search for a CRL entry.null
if not found.method documentation for more info
public Set<? extends X509CRLEntry> getRevokedCertificates()
X509CRL
getRevokedCertificates
in class X509CRL
null
if no revoked
certificates are in this CRL.method documentation for more info
public byte[] getTBSCertList() throws CRLException
X509CRL
tbsCertList
information of this CRL in DER encoded
form.getTBSCertList
in class X509CRL
CRLException
- if encoding fails.method documentation for more info
public byte[] getSignature()
X509CRL
getSignature
in class X509CRL
method documentation for more info
public String getSigAlgName()
X509CRL
getSigAlgName
in class X509CRL
method documentation for more info
public String getSigAlgOID()
X509CRL
getSigAlgOID
in class X509CRL
method documentation for more info
public byte[] getSigAlgParams()
X509CRL
getSigAlgParams
in class X509CRL
null
if not present.method documentation for more info
public void verify(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
X509CRL
verify
in class X509CRL
key
- the public key to verify this CRL with.CRLException
- if encoding or decoding fails.NoSuchAlgorithmException
- if a needed algorithm is not present.InvalidKeyException
- if the specified key is invalid.NoSuchProviderException
- if no provider can be found.SignatureException
- if errors occur on signatures.method documentation for more info
public void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
X509CRL
verify
in class X509CRL
key
- the public key to verify this CRL with.sigProvider
- the name of the provider for the signature algorithm.CRLException
- if encoding decoding fails.NoSuchAlgorithmException
- if a needed algorithm is not present.InvalidKeyException
- if the specified key is invalid.NoSuchProviderException
- if the specified provider cannot be found.SignatureException
- if errors occur on signatures.method documentation for more info
public boolean isRevoked(Certificate cert)
CRL
isRevoked
in class CRL
cert
- the certificate to check.true
if the certificate is revoked by this CRL, otherwise
false
.method documentation for more info
public String toString()
CRL
toString
in class CRL
method documentation for more info
public Set getNonCriticalExtensionOIDs()
X509Extension
null
if no
extensions are present.method documentation for more info
public Set getCriticalExtensionOIDs()
X509Extension
null
if no extensions are
present.method documentation for more info
public byte[] getExtensionValue(String oid)
X509Extension
oid
- the object identifier to get the extension value for.null
if no extension for the specified OID can be found.method documentation for more info
public boolean hasUnsupportedCriticalExtension()
X509Extension
true
if an unsupported CRITICAL extension is present,
false
otherwise.method documentation for more info