IT. Expert System.

All Implemented Interfaces:

X509Extension

public class X509CRLImpl
extends X509CRL

See Also:

CertificateList, X509CRL

• Constructor Summary

  Constructors

  Constructor and Description
  X509CRLImpl(byte[] encoding) Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via array of bytes.
  X509CRLImpl(CertificateList crl) Creates X.509 CRL by wrapping of the specified CertificateList object.
  X509CRLImpl(InputStream in) Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via input stream.

• Method Summary

  Methods

  Modifier and Type	Method and Description
  Set	getCriticalExtensionOIDs() Returns the set of OIDs of the extension(s) marked as CRITICAL, that this implementation manages.
  byte[]	getEncoded() Returns this CRL in ASN.1 DER encoded form.
  byte[]	getExtensionValue(String oid) Returns the extension value as DER-encoded OCTET string for the specified OID.
  Principal	getIssuerDN() Do not use, use X509CRL.getIssuerX500Principal() instead.
  X500Principal	getIssuerX500Principal() Returns the issuer distinguished name of this CRL.
  Date	getNextUpdate() Returns the nextUpdate value of this CRL.
  Set	getNonCriticalExtensionOIDs() Returns the set of OIDs of the extension(s) marked as NON-CRITICAL, that this implementation manages.
  X509CRLEntry	getRevokedCertificate(BigInteger serialNumber) Method searches for CRL entry with specified serial number.
  X509CRLEntry	getRevokedCertificate(X509Certificate certificate) Searches for certificate in CRL.
  Set<? extends X509CRLEntry>	getRevokedCertificates() Returns the set of revoked certificates.
  String	getSigAlgName() Returns the name of the signature algorithm.
  String	getSigAlgOID() Returns the OID of the signature algorithm.
  byte[]	getSigAlgParams() Returns the parameters of the signature algorithm in DER encoded form.
  byte[]	getSignature() Returns the signature bytes of this CRL.
  byte[]	getTBSCertList() Returns the tbsCertList information of this CRL in DER encoded form.
  Date	getThisUpdate() Returns the thisUpdate value of this CRL.
  int	getVersion() Returns the version number of this CRL.
  boolean	hasUnsupportedCriticalExtension() Returns whether this instance has an extension marked as CRITICAL that it cannot support.
  boolean	isRevoked(Certificate cert) Returns whether the specified certificate is revoked by this CRL.
  String	toString() Returns the string representation of this instance.
  void	verify(PublicKey key) Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.
  void	verify(PublicKey key, String sigProvider) Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.

  • Methods inherited from class java.security.cert.X509CRL

    equals, hashCode

  • Methods inherited from class java.security.cert.CRL

    getType

  • Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

• Constructor Detail

  • X509CRLImpl

    public X509CRLImpl(CertificateList crl)

    Creates X.509 CRL by wrapping of the specified CertificateList object.

  • X509CRLImpl

    public X509CRLImpl(InputStream in)
                throws CRLException

    Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via input stream.

    Throws:

    CRLException - if decoding errors occur.

  • X509CRLImpl

    public X509CRLImpl(byte[] encoding)
                throws IOException

    Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via array of bytes.

    Throws:

    IOException - if decoding errors occur.

• Method Detail

  • getEncoded

    public byte[] getEncoded()
                      throws CRLException

    Description copied from class: X509CRL
    Returns this CRL in ASN.1 DER encoded form.

    Specified by:

    getEncoded in class X509CRL

    Returns:

    this CRL in ASN.1 DER encoded form.

    Throws:

    CRLException - if encoding fails.

    See Also:

    method documentation for more info

  • getVersion

    public int getVersion()

    Description copied from class: X509CRL
    Returns the version number of this CRL.

    Specified by:

    getVersion in class X509CRL

    Returns:

    the version number of this CRL.

    See Also:

    method documentation for more info

  • getIssuerDN

    public Principal getIssuerDN()

    Description copied from class: X509CRL
    Do not use, use X509CRL.getIssuerX500Principal() instead. Returns the issuer as an implementation specific Principal object.

    Specified by:

    getIssuerDN in class X509CRL

    Returns:

    the issuer distinguished name.

    See Also:

    method documentation for more info

  • getIssuerX500Principal

    public X500Principal getIssuerX500Principal()

    Description copied from class: X509CRL
    Returns the issuer distinguished name of this CRL.

    Overrides:

    getIssuerX500Principal in class X509CRL

    Returns:

    the issuer distinguished name of this CRL.

    See Also:

    method documentation for more info

  • getThisUpdate

    public Date getThisUpdate()

    Description copied from class: X509CRL
    Returns the thisUpdate value of this CRL.

    Specified by:

    getThisUpdate in class X509CRL

    Returns:

    the thisUpdate value of this CRL.

    See Also:

    method documentation for more info

  • getNextUpdate

    public Date getNextUpdate()

    Description copied from class: X509CRL
    Returns the nextUpdate value of this CRL.

    Specified by:

    getNextUpdate in class X509CRL

    Returns:

    the nextUpdate value of this CRL, or null if none is present.

    See Also:

    method documentation for more info

  • getRevokedCertificate

    public X509CRLEntry getRevokedCertificate(X509Certificate certificate)

    Searches for certificate in CRL. This method supports indirect CRLs: if CRL is indirect method takes into account serial number and issuer of the certificate, if CRL issued by CA (i.e. it is not indirect) search is done only by serial number of the specified certificate.

    Overrides:

    getRevokedCertificate in class X509CRL

    Parameters:

    certificate - the certificate to search a CRL entry for.

    Returns:

    the entry for the specified certificate, or null if not found.

    See Also:

    method documentation for more info

  • getRevokedCertificate

    public X509CRLEntry getRevokedCertificate(BigInteger serialNumber)

    Method searches for CRL entry with specified serial number. The method will search only certificate issued by CRL's issuer.

    Specified by:

    getRevokedCertificate in class X509CRL

    Parameters:

    serialNumber - the certificate serial number to search for a CRL entry.

    Returns:

    the entry for the specified certificate serial number, or null if not found.

    See Also:

    method documentation for more info

  • getRevokedCertificates

    public Set<? extends X509CRLEntry> getRevokedCertificates()

    Description copied from class: X509CRL
    Returns the set of revoked certificates.

    Specified by:

    getRevokedCertificates in class X509CRL

    Returns:

    the set of revoked certificates, or null if no revoked certificates are in this CRL.

    See Also:

    method documentation for more info

  • getTBSCertList

    public byte[] getTBSCertList()
                          throws CRLException

    Description copied from class: X509CRL
    Returns the tbsCertList information of this CRL in DER encoded form.

    Specified by:

    getTBSCertList in class X509CRL

    Returns:

    the CRL information in DER encoded form.

    Throws:

    CRLException - if encoding fails.

    See Also:

    method documentation for more info

  • getSignature

    public byte[] getSignature()

    Description copied from class: X509CRL
    Returns the signature bytes of this CRL.

    Specified by:

    getSignature in class X509CRL

    Returns:

    the signature bytes of this CRL.

    See Also:

    method documentation for more info

  • getSigAlgName

    public String getSigAlgName()

    Description copied from class: X509CRL
    Returns the name of the signature algorithm.

    Specified by:

    getSigAlgName in class X509CRL

    Returns:

    the name of the signature algorithm.

    See Also:

    method documentation for more info

  • getSigAlgOID

    public String getSigAlgOID()

    Description copied from class: X509CRL
    Returns the OID of the signature algorithm.

    Specified by:

    getSigAlgOID in class X509CRL

    Returns:

    the OID of the signature algorithm.

    See Also:

    method documentation for more info

  • getSigAlgParams

    public byte[] getSigAlgParams()

    Description copied from class: X509CRL
    Returns the parameters of the signature algorithm in DER encoded form.

    Specified by:

    getSigAlgParams in class X509CRL

    Returns:

    the parameters of the signature algorithm in DER encoded form, or null if not present.

    See Also:

    method documentation for more info

  • verify

    public void verify(PublicKey key)
                throws CRLException,
                       NoSuchAlgorithmException,
                       InvalidKeyException,
                       NoSuchProviderException,
                       SignatureException

    Description copied from class: X509CRL
    Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.

    Specified by:

    verify in class X509CRL

    Parameters:

    key - the public key to verify this CRL with.

    Throws:

    CRLException - if encoding or decoding fails.

    NoSuchAlgorithmException - if a needed algorithm is not present.

    InvalidKeyException - if the specified key is invalid.

    NoSuchProviderException - if no provider can be found.

    SignatureException - if errors occur on signatures.

    See Also:

    method documentation for more info

  • verify

    public void verify(PublicKey key,
              String sigProvider)
                throws CRLException,
                       NoSuchAlgorithmException,
                       InvalidKeyException,
                       NoSuchProviderException,
                       SignatureException

    Description copied from class: X509CRL
    Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key. The signature verification engine of the specified provider will be used.

    Specified by:

    verify in class X509CRL

    Parameters:

    key - the public key to verify this CRL with.

    sigProvider - the name of the provider for the signature algorithm.

    Throws:

    CRLException - if encoding decoding fails.

    NoSuchAlgorithmException - if a needed algorithm is not present.

    InvalidKeyException - if the specified key is invalid.

    NoSuchProviderException - if the specified provider cannot be found.

    SignatureException - if errors occur on signatures.

    See Also:

    method documentation for more info

  • isRevoked

    public boolean isRevoked(Certificate cert)

    Description copied from class: CRL
    Returns whether the specified certificate is revoked by this CRL.

    Specified by:

    isRevoked in class CRL

    Parameters:

    cert - the certificate to check.

    Returns:

    true if the certificate is revoked by this CRL, otherwise false.

    See Also:

    method documentation for more info

  • toString

    public String toString()

    Description copied from class: CRL
    Returns the string representation of this instance.

    Specified by:

    toString in class CRL

    Returns:

    the string representation of this instance.

    See Also:

    method documentation for more info

  • getNonCriticalExtensionOIDs

    public Set getNonCriticalExtensionOIDs()

    Description copied from interface: X509Extension
    Returns the set of OIDs of the extension(s) marked as NON-CRITICAL, that this implementation manages.

    Returns:

    the set of extension OIDs marked as NON-CRITIAL, an empty set if none are marked as NON-.CRITICAL, or null if no extensions are present.

    See Also:

    method documentation for more info

  • getCriticalExtensionOIDs

    public Set getCriticalExtensionOIDs()

    Description copied from interface: X509Extension
    Returns the set of OIDs of the extension(s) marked as CRITICAL, that this implementation manages.

    Returns:

    the set of extension OIDs marked as CRITIAL, an empty set if none are marked as CRITICAL, or null if no extensions are present.

    See Also:

    method documentation for more info

  • getExtensionValue

    public byte[] getExtensionValue(String oid)

    Description copied from interface: X509Extension
    Returns the extension value as DER-encoded OCTET string for the specified OID.

    Parameters:

    oid - the object identifier to get the extension value for.

    Returns:

    the extension value as DER-encoded OCTET string, or null if no extension for the specified OID can be found.

    See Also:

    method documentation for more info

  • hasUnsupportedCriticalExtension

    public boolean hasUnsupportedCriticalExtension()

    Description copied from interface: X509Extension
    Returns whether this instance has an extension marked as CRITICAL that it cannot support.

    Returns:

    true if an unsupported CRITICAL extension is present, false otherwise.

    See Also:

    method documentation for more info