Class X509CRLImpl
java.lang.Object
java.security.cert.CRL
java.security.cert.X509CRL
org.apache.harmony.security.provider.cert.X509CRLImpl
- All Implemented Interfaces:
X509Extension
public class X509CRLImpl extends X509CRL
This class is an implementation of X509CRL. It wraps
the instance of org.apache.harmony.security.x509.CertificateList
built on the base of provided ASN.1 DER encoded form of
CertificateList structure (as specified in RFC 3280
http://www.ietf.org/rfc/rfc3280.txt).
Implementation supports work with indirect CRLs.
- See Also:
CertificateList,X509CRL
-
Constructor Summary
Constructors Constructor Description X509CRLImpl(byte[] encoding)Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via array of bytes.X509CRLImpl(InputStream in)Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via input stream.X509CRLImpl(CertificateList crl)Creates X.509 CRL by wrapping of the specified CertificateList object. -
Method Summary
Modifier and Type Method Description SetgetCriticalExtensionOIDs()Returns the set of OIDs of the extension(s) marked as CRITICAL, that this implementation manages.byte[]getEncoded()Returns this CRL in ASN.1 DER encoded form.byte[]getExtensionValue(String oid)Returns the extension value as DER-encoded OCTET string for the specified OID.PrincipalgetIssuerDN()Do not use, useX509CRL.getIssuerX500Principal()instead.X500PrincipalgetIssuerX500Principal()Returns the issuer distinguished name of this CRL.DategetNextUpdate()Returns thenextUpdatevalue of this CRL.SetgetNonCriticalExtensionOIDs()Returns the set of OIDs of the extension(s) marked as NON-CRITICAL, that this implementation manages.X509CRLEntrygetRevokedCertificate(BigInteger serialNumber)Method searches for CRL entry with specified serial number.X509CRLEntrygetRevokedCertificate(X509Certificate certificate)Searches for certificate in CRL.Set<? extends X509CRLEntry>getRevokedCertificates()Returns the set of revoked certificates.StringgetSigAlgName()Returns the name of the signature algorithm.StringgetSigAlgOID()Returns the OID of the signature algorithm.byte[]getSigAlgParams()Returns the parameters of the signature algorithm in DER encoded form.byte[]getSignature()Returns the signature bytes of this CRL.byte[]getTBSCertList()Returns thetbsCertListinformation of this CRL in DER encoded form.DategetThisUpdate()Returns thethisUpdatevalue of this CRL.intgetVersion()Returns the version number of this CRL.booleanhasUnsupportedCriticalExtension()Returns whether this instance has an extension marked as CRITICAL that it cannot support.booleanisRevoked(Certificate cert)Returns whether the specified certificate is revoked by this CRL.StringtoString()Returns the string representation of this instance.voidverify(PublicKey key)Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.voidverify(PublicKey key, String sigProvider)Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.
-
Constructor Details
-
X509CRLImpl
Creates X.509 CRL by wrapping of the specified CertificateList object. -
X509CRLImpl
Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via input stream.- Throws:
CRLException- if decoding errors occur.
-
X509CRLImpl
Creates X.509 CRL on the base of ASN.1 DER encoded form of the CRL (CertificateList structure described in RFC 3280) provided via array of bytes.- Throws:
IOException- if decoding errors occur.
-
-
Method Details
-
getEncoded
Description copied from class:X509CRLReturns this CRL in ASN.1 DER encoded form.- Specified by:
getEncodedin classX509CRL- Returns:
- this CRL in ASN.1 DER encoded form.
- Throws:
CRLException- if encoding fails.- See Also:
method documentation for more info
-
getVersion
public int getVersion()Description copied from class:X509CRLReturns the version number of this CRL.- Specified by:
getVersionin classX509CRL- Returns:
- the version number of this CRL.
- See Also:
method documentation for more info
-
getIssuerDN
Description copied from class:X509CRLDo not use, useX509CRL.getIssuerX500Principal()instead. Returns the issuer as an implementation specific Principal object.- Specified by:
getIssuerDNin classX509CRL- Returns:
- the issuer distinguished name.
- See Also:
method documentation for more info
-
getIssuerX500Principal
Description copied from class:X509CRLReturns the issuer distinguished name of this CRL.- Overrides:
getIssuerX500Principalin classX509CRL- Returns:
- the issuer distinguished name of this CRL.
- See Also:
method documentation for more info
-
getThisUpdate
Description copied from class:X509CRLReturns thethisUpdatevalue of this CRL.- Specified by:
getThisUpdatein classX509CRL- Returns:
- the
thisUpdatevalue of this CRL. - See Also:
method documentation for more info
-
getNextUpdate
Description copied from class:X509CRLReturns thenextUpdatevalue of this CRL.- Specified by:
getNextUpdatein classX509CRL- Returns:
- the
nextUpdatevalue of this CRL, ornullif none is present. - See Also:
method documentation for more info
-
getRevokedCertificate
Searches for certificate in CRL. This method supports indirect CRLs: if CRL is indirect method takes into account serial number and issuer of the certificate, if CRL issued by CA (i.e. it is not indirect) search is done only by serial number of the specified certificate.- Overrides:
getRevokedCertificatein classX509CRL- Parameters:
certificate- the certificate to search a CRL entry for.- Returns:
- the entry for the specified certificate, or
nullif not found. - See Also:
method documentation for more info
-
getRevokedCertificate
Method searches for CRL entry with specified serial number. The method will search only certificate issued by CRL's issuer.- Specified by:
getRevokedCertificatein classX509CRL- Parameters:
serialNumber- the certificate serial number to search for a CRL entry.- Returns:
- the entry for the specified certificate serial number, or
nullif not found. - See Also:
method documentation for more info
-
getRevokedCertificates
Description copied from class:X509CRLReturns the set of revoked certificates.- Specified by:
getRevokedCertificatesin classX509CRL- Returns:
- the set of revoked certificates, or
nullif no revoked certificates are in this CRL. - See Also:
method documentation for more info
-
getTBSCertList
Description copied from class:X509CRLReturns thetbsCertListinformation of this CRL in DER encoded form.- Specified by:
getTBSCertListin classX509CRL- Returns:
- the CRL information in DER encoded form.
- Throws:
CRLException- if encoding fails.- See Also:
method documentation for more info
-
getSignature
public byte[] getSignature()Description copied from class:X509CRLReturns the signature bytes of this CRL.- Specified by:
getSignaturein classX509CRL- Returns:
- the signature bytes of this CRL.
- See Also:
method documentation for more info
-
getSigAlgName
Description copied from class:X509CRLReturns the name of the signature algorithm.- Specified by:
getSigAlgNamein classX509CRL- Returns:
- the name of the signature algorithm.
- See Also:
method documentation for more info
-
getSigAlgOID
Description copied from class:X509CRLReturns the OID of the signature algorithm.- Specified by:
getSigAlgOIDin classX509CRL- Returns:
- the OID of the signature algorithm.
- See Also:
method documentation for more info
-
getSigAlgParams
public byte[] getSigAlgParams()Description copied from class:X509CRLReturns the parameters of the signature algorithm in DER encoded form.- Specified by:
getSigAlgParamsin classX509CRL- Returns:
- the parameters of the signature algorithm in DER encoded form, or
nullif not present. - See Also:
method documentation for more info
-
verify
public void verify(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureExceptionDescription copied from class:X509CRLVerifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.- Specified by:
verifyin classX509CRL- Parameters:
key- the public key to verify this CRL with.- Throws:
CRLException- if encoding or decoding fails.NoSuchAlgorithmException- if a needed algorithm is not present.InvalidKeyException- if the specified key is invalid.NoSuchProviderException- if no provider can be found.SignatureException- if errors occur on signatures.- See Also:
method documentation for more info
-
verify
public void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureExceptionDescription copied from class:X509CRLVerifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key. The signature verification engine of the specified provider will be used.- Specified by:
verifyin classX509CRL- Parameters:
key- the public key to verify this CRL with.sigProvider- the name of the provider for the signature algorithm.- Throws:
CRLException- if encoding decoding fails.NoSuchAlgorithmException- if a needed algorithm is not present.InvalidKeyException- if the specified key is invalid.NoSuchProviderException- if the specified provider cannot be found.SignatureException- if errors occur on signatures.- See Also:
method documentation for more info
-
isRevoked
Description copied from class:CRLReturns whether the specified certificate is revoked by this CRL.- Specified by:
isRevokedin classCRL- Parameters:
cert- the certificate to check.- Returns:
trueif the certificate is revoked by this CRL, otherwisefalse.- See Also:
method documentation for more info
-
toString
Description copied from class:CRLReturns the string representation of this instance.- Specified by:
toStringin classCRL- Returns:
- the string representation of this instance.
- See Also:
method documentation for more info
-
getNonCriticalExtensionOIDs
Description copied from interface:X509ExtensionReturns the set of OIDs of the extension(s) marked as NON-CRITICAL, that this implementation manages.- Returns:
- the set of extension OIDs marked as NON-CRITIAL, an empty set if
none are marked as NON-.CRITICAL, or
nullif no extensions are present. - See Also:
method documentation for more info
-
getCriticalExtensionOIDs
Description copied from interface:X509ExtensionReturns the set of OIDs of the extension(s) marked as CRITICAL, that this implementation manages.- Returns:
- the set of extension OIDs marked as CRITIAL, an empty set if none
are marked as CRITICAL, or
nullif no extensions are present. - See Also:
method documentation for more info
-
getExtensionValue
Description copied from interface:X509ExtensionReturns the extension value as DER-encoded OCTET string for the specified OID.- Parameters:
oid- the object identifier to get the extension value for.- Returns:
- the extension value as DER-encoded OCTET string, or
nullif no extension for the specified OID can be found. - See Also:
method documentation for more info
-
hasUnsupportedCriticalExtension
public boolean hasUnsupportedCriticalExtension()Description copied from interface:X509ExtensionReturns whether this instance has an extension marked as CRITICAL that it cannot support.- Returns:
trueif an unsupported CRITICAL extension is present,falseotherwise.- See Also:
method documentation for more info
-