Package java.security.cert

Class X509CRL

java.lang.Object

java.security.cert.CRL

java.security.cert.X509CRL

All Implemented Interfaces:

X509Extension

Direct Known Subclasses:

OpenSSLX509CRL, X509CRLObject

public abstract class X509CRL
extends CRL
implements X509Extension

Abstract base class for X.509 certificate revocation lists (CRL).

More information regarding CRL can be found in RFC 2459, "Internet X.509 Public Key Infrastructure Certificate and CRL Profile" at http://www.ietf.org/rfc/rfc2459.txt .

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	X509CRL()	Creates a new X509CRL instance.

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object other)	Returns whether the specified object equals to this instance.
abstract byte[]	getEncoded()	Returns this CRL in ASN.1 DER encoded form.
abstract Principal	getIssuerDN()	Do not use, use getIssuerX500Principal() instead.
X500Principal	getIssuerX500Principal()	Returns the issuer distinguished name of this CRL.
abstract Date	getNextUpdate()	Returns the nextUpdate value of this CRL.
abstract X509CRLEntry	getRevokedCertificate(BigInteger serialNumber)	Returns the CRL entry with the specified certificate serial number.
X509CRLEntry	getRevokedCertificate(X509Certificate certificate)	Returns the CRL entry for the specified certificate.
abstract Set<? extends X509CRLEntry>	getRevokedCertificates()	Returns the set of revoked certificates.
abstract String	getSigAlgName()	Returns the name of the signature algorithm.
abstract String	getSigAlgOID()	Returns the OID of the signature algorithm.
abstract byte[]	getSigAlgParams()	Returns the parameters of the signature algorithm in DER encoded form.
abstract byte[]	getSignature()	Returns the signature bytes of this CRL.
abstract byte[]	getTBSCertList()	Returns the tbsCertList information of this CRL in DER encoded form.
abstract Date	getThisUpdate()	Returns the thisUpdate value of this CRL.
abstract int	getVersion()	Returns the version number of this CRL.
int	hashCode()	Returns the hashcode of this CRL instance.
abstract void	verify(PublicKey key)	Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.
abstract void	verify(PublicKey key, String sigProvider)	Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.

Methods inherited from class java.security.cert.CRL

getType, isRevoked, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.cert.X509Extension

getCriticalExtensionOIDs, getExtensionValue, getNonCriticalExtensionOIDs, hasUnsupportedCriticalExtension

Constructor Detail

X509CRL

protected X509CRL()

Creates a new X509CRL instance.

Method Detail

equals

public boolean equals(Object other)

Returns whether the specified object equals to this instance.

Overrides:

equals in class Object

Parameters:

other - the object to compare.

Returns:

true if the specified object is equal to this, otherwise false.

See Also:

Object.hashCode()

hashCode

public int hashCode()

Returns the hashcode of this CRL instance.

Overrides:

hashCode in class Object

Returns:

the hashcode.

See Also:

Object.equals(java.lang.Object)

getEncoded

public abstract byte[] getEncoded()
                           throws CRLException

Returns this CRL in ASN.1 DER encoded form.

Returns:

this CRL in ASN.1 DER encoded form.

Throws:

CRLException - if encoding fails.

verify

public abstract void verify(PublicKey key)
                     throws CRLException,
                            NoSuchAlgorithmException,
                            InvalidKeyException,
                            NoSuchProviderException,
                            SignatureException

Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key.

Parameters:

key - the public key to verify this CRL with.

Throws:

CRLException - if encoding or decoding fails.

NoSuchAlgorithmException - if a needed algorithm is not present.

InvalidKeyException - if the specified key is invalid.

NoSuchProviderException - if no provider can be found.

SignatureException - if errors occur on signatures.

verify

public abstract void verify(PublicKey key,
                            String sigProvider)
                     throws CRLException,
                            NoSuchAlgorithmException,
                            InvalidKeyException,
                            NoSuchProviderException,
                            SignatureException

Verifies this CRL by verifying that this CRL was signed with the corresponding private key to the specified public key. The signature verification engine of the specified provider will be used.

Parameters:

key - the public key to verify this CRL with.

sigProvider - the name of the provider for the signature algorithm.

Throws:

CRLException - if encoding decoding fails.

NoSuchAlgorithmException - if a needed algorithm is not present.

InvalidKeyException - if the specified key is invalid.

NoSuchProviderException - if the specified provider cannot be found.

SignatureException - if errors occur on signatures.

getVersion

public abstract int getVersion()

Returns the version number of this CRL.

Returns:

the version number of this CRL.

getIssuerDN

public abstract Principal getIssuerDN()

Do not use, use getIssuerX500Principal() instead. Returns the issuer as an implementation specific Principal object.

Returns:

the issuer distinguished name.

getIssuerX500Principal

public X500Principal getIssuerX500Principal()

Returns the issuer distinguished name of this CRL.

Returns:

the issuer distinguished name of this CRL.

getThisUpdate

public abstract Date getThisUpdate()

Returns the thisUpdate value of this CRL.

Returns:

the thisUpdate value of this CRL.

getNextUpdate

public abstract Date getNextUpdate()

Returns the nextUpdate value of this CRL.

Returns:

the nextUpdate value of this CRL, or null if none is present.

getRevokedCertificate

public abstract X509CRLEntry getRevokedCertificate(BigInteger serialNumber)

Returns the CRL entry with the specified certificate serial number.

Parameters:

serialNumber - the certificate serial number to search for a CRL entry.

Returns:

the entry for the specified certificate serial number, or null if not found.

getRevokedCertificate

public X509CRLEntry getRevokedCertificate(X509Certificate certificate)

Returns the CRL entry for the specified certificate.

Parameters:

certificate - the certificate to search a CRL entry for.

Returns:

the entry for the specified certificate, or null if not found.

getRevokedCertificates

public abstract Set<? extends X509CRLEntry> getRevokedCertificates()

Returns the set of revoked certificates.

Returns:

the set of revoked certificates, or null if no revoked certificates are in this CRL.

getTBSCertList

public abstract byte[] getTBSCertList()
                               throws CRLException

Returns the tbsCertList information of this CRL in DER encoded form.

Returns:

the CRL information in DER encoded form.

Throws:

CRLException - if encoding fails.

getSignature

public abstract byte[] getSignature()

Returns the signature bytes of this CRL.

Returns:

the signature bytes of this CRL.

getSigAlgName

public abstract String getSigAlgName()

Returns the name of the signature algorithm.

Returns:

the name of the signature algorithm.

getSigAlgOID

public abstract String getSigAlgOID()

Returns the OID of the signature algorithm.

Returns:

the OID of the signature algorithm.

getSigAlgParams

public abstract byte[] getSigAlgParams()

Returns the parameters of the signature algorithm in DER encoded form.

Returns:

the parameters of the signature algorithm in DER encoded form, or null if not present.