Package org.bouncycastle.jce.provider

Class X509CRLObject

java.lang.Object
java.security.cert.CRL
java.security.cert.X509CRL
org.bouncycastle.jce.provider.X509CRLObject
All Implemented Interfaces:
X509Extension
public class X509CRLObject
extends X509CRL
The following extensions are listed in RFC 2459 as relevant to CRLs Authority Key Identifier Issuer Alternative Name CRL Number Delta CRL Indicator (critical) Issuing Distribution Point (critical)

  • Constructor Details

  • Method Details

    • hasUnsupportedCriticalExtension

      public boolean hasUnsupportedCriticalExtension()
      Will return true if any extensions are present and marked as critical as we currently dont handle any extensions!
      Returns:
      true if an unsupported CRITICAL extension is present, false otherwise.

    • getCriticalExtensionOIDs

      public Set getCriticalExtensionOIDs()
      Description copied from interface: X509Extension
      Returns the set of OIDs of the extension(s) marked as CRITICAL, that this implementation manages.
      Returns:
      the set of extension OIDs marked as CRITIAL, an empty set if none are marked as CRITICAL, or null if no extensions are present.

    • getNonCriticalExtensionOIDs

      public Set getNonCriticalExtensionOIDs()
      Description copied from interface: X509Extension
      Returns the set of OIDs of the extension(s) marked as NON-CRITICAL, that this implementation manages.
      Returns:
      the set of extension OIDs marked as NON-CRITIAL, an empty set if none are marked as NON-.CRITICAL, or null if no extensions are present.

    • getExtensionValue

      public byte[] getExtensionValue​(String oid)
      Description copied from interface: X509Extension
      Returns the extension value as DER-encoded OCTET string for the specified OID.
      Parameters:
      oid - the object identifier to get the extension value for.
      Returns:
      the extension value as DER-encoded OCTET string, or null if no extension for the specified OID can be found.

    • getEncoded

      public byte[] getEncoded() throws CRLException
      Description copied from class: X509CRL
      Returns this CRL in ASN.1 DER encoded form.
      Specified by:
      getEncoded in class X509CRL
      Returns:
      this CRL in ASN.1 DER encoded form.
      Throws:
      CRLException - if encoding fails.

    • verify

      public void verify​(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
      Description copied from class: X509CRL
      Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.
      Specified by:
      verify in class X509CRL
      Parameters:
      key - the public key to verify this CRL with.
      Throws:
      CRLException - if encoding or decoding fails.
      NoSuchAlgorithmException - if a needed algorithm is not present.
      InvalidKeyException - if the specified key is invalid.
      NoSuchProviderException - if no provider can be found.
      SignatureException - if errors occur on signatures.

    • verify

      public void verify​(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
      Description copied from class: X509CRL
      Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key. The signature verification engine of the specified provider will be used.
      Specified by:
      verify in class X509CRL
      Parameters:
      key - the public key to verify this CRL with.
      sigProvider - the name of the provider for the signature algorithm.
      Throws:
      CRLException - if encoding decoding fails.
      NoSuchAlgorithmException - if a needed algorithm is not present.
      InvalidKeyException - if the specified key is invalid.
      NoSuchProviderException - if the specified provider cannot be found.
      SignatureException - if errors occur on signatures.

    • getVersion

      public int getVersion()
      Description copied from class: X509CRL
      Returns the version number of this CRL.
      Specified by:
      getVersion in class X509CRL
      Returns:
      the version number of this CRL.

    • getIssuerDN

      public Principal getIssuerDN()
      Description copied from class: X509CRL
      Do not use, use X509CRL.getIssuerX500Principal() instead. Returns the issuer as an implementation specific Principal object.
      Specified by:
      getIssuerDN in class X509CRL
      Returns:
      the issuer distinguished name.

    • getIssuerX500Principal

      public X500Principal getIssuerX500Principal()
      Description copied from class: X509CRL
      Returns the issuer distinguished name of this CRL.
      Overrides:
      getIssuerX500Principal in class X509CRL
      Returns:
      the issuer distinguished name of this CRL.

    • getThisUpdate

      public Date getThisUpdate()
      Description copied from class: X509CRL
      Returns the thisUpdate value of this CRL.
      Specified by:
      getThisUpdate in class X509CRL
      Returns:
      the thisUpdate value of this CRL.

    • getNextUpdate

      public Date getNextUpdate()
      Description copied from class: X509CRL
      Returns the nextUpdate value of this CRL.
      Specified by:
      getNextUpdate in class X509CRL
      Returns:
      the nextUpdate value of this CRL, or null if none is present.

    • getRevokedCertificate

      public X509CRLEntry getRevokedCertificate​(BigInteger serialNumber)
      Description copied from class: X509CRL
      Returns the CRL entry with the specified certificate serial number.
      Specified by:
      getRevokedCertificate in class X509CRL
      Parameters:
      serialNumber - the certificate serial number to search for a CRL entry.
      Returns:
      the entry for the specified certificate serial number, or null if not found.

    • getRevokedCertificates

      public Set getRevokedCertificates()
      Description copied from class: X509CRL
      Returns the set of revoked certificates.
      Specified by:
      getRevokedCertificates in class X509CRL
      Returns:
      the set of revoked certificates, or null if no revoked certificates are in this CRL.

    • getTBSCertList

      public byte[] getTBSCertList() throws CRLException
      Description copied from class: X509CRL
      Returns the tbsCertList information of this CRL in DER encoded form.
      Specified by:
      getTBSCertList in class X509CRL
      Returns:
      the CRL information in DER encoded form.
      Throws:
      CRLException - if encoding fails.

    • getSignature

      public byte[] getSignature()
      Description copied from class: X509CRL
      Returns the signature bytes of this CRL.
      Specified by:
      getSignature in class X509CRL
      Returns:
      the signature bytes of this CRL.

    • getSigAlgName

      public String getSigAlgName()
      Description copied from class: X509CRL
      Returns the name of the signature algorithm.
      Specified by:
      getSigAlgName in class X509CRL
      Returns:
      the name of the signature algorithm.

    • getSigAlgOID

      public String getSigAlgOID()
      Description copied from class: X509CRL
      Returns the OID of the signature algorithm.
      Specified by:
      getSigAlgOID in class X509CRL
      Returns:
      the OID of the signature algorithm.

    • getSigAlgParams

      public byte[] getSigAlgParams()
      Description copied from class: X509CRL
      Returns the parameters of the signature algorithm in DER encoded form.
      Specified by:
      getSigAlgParams in class X509CRL
      Returns:
      the parameters of the signature algorithm in DER encoded form, or null if not present.

    • toString

      public String toString()
      Returns a string representation of this CRL.
      Specified by:
      toString in class CRL
      Returns:
      a string representation of this CRL.

    • isRevoked

      public boolean isRevoked​(Certificate cert)
      Checks whether the given certificate is on this CRL.
      Specified by:
      isRevoked in class CRL
      Parameters:
      cert - the certificate to check for.
      Returns:
      true if the given certificate is on this CRL, false otherwise.