Constructor Detail

• X509v2CRLBuilder

  public X509v2CRLBuilder​(org.bouncycastle.asn1.x500.X500Name issuer,
                          java.util.Date thisUpdate)

  Basic constructor.

  Parameters:

  issuer - the issuer this CRL is associated with.

  thisUpdate - the date of this update.

• X509v2CRLBuilder

  public X509v2CRLBuilder​(org.bouncycastle.asn1.x500.X500Name issuer,
                          java.util.Date thisUpdate,
                          java.util.Locale dateLocale)

  Basic constructor with Locale. You may need to use this constructor if the default locale doesn't use a Gregorian calender so that the Time produced is compatible with other ASN.1 implementations.

  Parameters:

  issuer - the issuer this CRL is associated with.

  thisUpdate - the date of this update.

  dateLocale - locale to be used for date interpretation.

• X509v2CRLBuilder

  public X509v2CRLBuilder​(org.bouncycastle.asn1.x500.X500Name issuer,
                          org.bouncycastle.asn1.x509.Time thisUpdate)

  Basic constructor.

  Parameters:

  issuer - the issuer this CRL is associated with.

  thisUpdate - the Time of this update.

• X509v2CRLBuilder

  public X509v2CRLBuilder​(X509CRLHolder template)

  Create a builder for a version 2 CRL, initialised with another CRL.

  Parameters:

  template - template CRL to base the new one on.

Method Detail

• hasExtension

  public boolean hasExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

  Return if the extension indicated by OID is present.

  Parameters:

  oid - the OID for the extension of interest.

  Returns:

  the Extension, or null if it is not present.

• getExtension

  public org.bouncycastle.asn1.x509.Extension getExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

  Return the current value of the extension for OID.

  Parameters:

  oid - the OID for the extension we want to fetch.

  Returns:

  true if a matching extension is present, false otherwise.

• setNextUpdate

  public X509v2CRLBuilder setNextUpdate​(java.util.Date date)

  Set the date by which the next CRL will become available.

  Parameters:

  date - date of next CRL update.

  Returns:

  the current builder.

• setNextUpdate

  public X509v2CRLBuilder setNextUpdate​(java.util.Date date,
                                        java.util.Locale dateLocale)

  Set the date by which the next CRL will become available.

  Parameters:

  date - date of next CRL update.

  dateLocale - locale to be used for date interpretation.

  Returns:

  the current builder.

• setNextUpdate

  public X509v2CRLBuilder setNextUpdate​(org.bouncycastle.asn1.x509.Time date)

  Set the date by which the next CRL will become available.

  Parameters:

  date - date of next CRL update.

  Returns:

  the current builder.

• addCRLEntry

  public X509v2CRLBuilder addCRLEntry​(java.math.BigInteger userCertificateSerial,
                                      java.util.Date revocationDate,
                                      int reason)

  Add a CRL entry with the just reasonCode extension.

  Parameters:

  userCertificateSerial - serial number of revoked certificate.

  revocationDate - date of certificate revocation.

  reason - the reason code, as indicated in CRLReason, i.e CRLReason.keyCompromise, or 0 if not to be used.

  Returns:

  the current builder.

• addCRLEntry

  public X509v2CRLBuilder addCRLEntry​(java.math.BigInteger userCertificateSerial,
                                      java.util.Date revocationDate,
                                      int reason,
                                      java.util.Date invalidityDate)

  Add a CRL entry with an invalidityDate extension as well as a reasonCode extension. This is used where the date of revocation might be after issues with the certificate may have occurred.

  Parameters:

  userCertificateSerial - serial number of revoked certificate.

  revocationDate - date of certificate revocation.

  reason - the reason code, as indicated in CRLReason, i.e CRLReason.keyCompromise, or 0 if not to be used.

  invalidityDate - the date on which the private key for the certificate became compromised or the certificate otherwise became invalid.

  Returns:

  the current builder.

• addCRLEntry

  public X509v2CRLBuilder addCRLEntry​(java.math.BigInteger userCertificateSerial,
                                      java.util.Date revocationDate,
                                      org.bouncycastle.asn1.x509.Extensions extensions)

  Add a CRL entry with extensions.

  Parameters:

  userCertificateSerial - serial number of revoked certificate.

  revocationDate - date of certificate revocation.

  extensions - extension set to be associated with this CRLEntry.

  Returns:

  the current builder.

• addCRL

  public X509v2CRLBuilder addCRL​(X509CRLHolder other)

  Add the CRLEntry objects contained in a previous CRL.

  Parameters:

  other - the X509CRLHolder to source the other entries from.

  Returns:

  the current builder.

• addExtension

  public X509v2CRLBuilder addExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                       boolean isCritical,
                                       org.bouncycastle.asn1.ASN1Encodable value)
                                throws CertIOException

  Add a given extension field for the standard extensions tag (tag 3)

  Parameters:

  oid - the OID defining the extension type.

  isCritical - true if the extension is critical, false otherwise.

  value - the ASN.1 structure that forms the extension's value.

  Returns:

  this builder object.

  Throws:

  CertIOException

• addExtension

  public X509v2CRLBuilder addExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                       boolean isCritical,
                                       byte[] encodedValue)
                                throws CertIOException

  Add a given extension field for the standard extensions tag (tag 3) using a byte encoding of the extension value.

  Parameters:

  oid - the OID defining the extension type.

  isCritical - true if the extension is critical, false otherwise.

  encodedValue - a byte array representing the encoding of the extension value.

  Returns:

  this builder object.

  Throws:

  CertIOException

• addExtension

  public X509v2CRLBuilder addExtension​(org.bouncycastle.asn1.x509.Extension extension)
                                throws CertIOException

  Add a given extension field for the standard extensions tag (tag 3).

  Parameters:

  extension - the full extension value.

  Returns:

  this builder object.

  Throws:

  CertIOException

• replaceExtension

  public X509v2CRLBuilder replaceExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                           boolean isCritical,
                                           org.bouncycastle.asn1.ASN1Encodable value)
                                    throws CertIOException

  Replace the extension field for the passed in extension's extension ID with a new version.

  Parameters:

  oid - the OID defining the extension type.

  isCritical - true if the extension is critical, false otherwise.

  value - the ASN.1 structure that forms the extension's value.

  Returns:

  this builder object.

  Throws:

  CertIOException - if there is an issue with the new extension value.

  java.lang.IllegalArgumentException - if the extension to be replaced is not present.

• replaceExtension

  public X509v2CRLBuilder replaceExtension​(org.bouncycastle.asn1.x509.Extension extension)
                                    throws CertIOException

  Replace the extension field for the passed in extension's extension ID with a new version.

  Parameters:

  extension - the full extension value.

  Returns:

  this builder object.

  Throws:

  CertIOException - if there is an issue with the new extension value.

  java.lang.IllegalArgumentException - if the extension to be replaced is not present.

• replaceExtension

  public X509v2CRLBuilder replaceExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid,
                                           boolean isCritical,
                                           byte[] encodedValue)
                                    throws CertIOException

  Replace a given extension field for the standard extensions tag (tag 3) with the passed in byte encoded extension value.

  Parameters:

  oid - the OID defining the extension type.

  isCritical - true if the extension is critical, false otherwise.

  encodedValue - a byte array representing the encoding of the extension value.

  Returns:

  this builder object.

  Throws:

  CertIOException - if there is an issue with the new extension value.

  java.lang.IllegalArgumentException - if the extension to be replaced is not present.

• removeExtension

  public X509v2CRLBuilder removeExtension​(org.bouncycastle.asn1.ASN1ObjectIdentifier oid)

  Remove the extension indicated by OID.

  Parameters:

  oid - the OID of the extension to be removed.

  Returns:

  this builder object.

  Throws:

  java.lang.IllegalArgumentException - if the extension to be removed is not present.

• build

  public X509CRLHolder build​(ContentSigner signer)

  Generate an X.509 CRL, based on the current issuer and subject using the passed in signer.

  Parameters:

  signer - the content signer to be used to generate the signature validating the certificate.

  Returns:

  a holder containing the resulting signed certificate.