gnu.java.security.x509

Class X509CRL

Implemented Interfaces:
GnuPKIExtension, X509Extension

public class X509CRL
extends X509CRL
implements GnuPKIExtension

X.509 certificate revocation lists.

Constructor Summary

X509CRL(InputStream encoded)
Create a new X.509 CRL.

Method Summary

boolean
equals(Object o)
Determine whether this Object is semantically equal to another Object.
Set<E>
getCriticalExtensionOIDs()
byte[]
getEncoded()
Extension
getExtension(OID oid)
Returns the extension object for the given object identifier.
byte[]
getExtensionValue(String oid)
Collection<E>
getExtensions()
Principal
getIssuerDN()
X500Principal
getIssuerX500Principal()
Date
getNextUpdate()
Set<E>
getNonCriticalExtensionOIDs()
X509CRLEntry
getRevokedCertificate(BigInteger serialNo)
Set<E>
getRevokedCertificates()
String
getSigAlgName()
String
getSigAlgOID()
byte[]
getSigAlgParams()
byte[]
getSignature()
byte[]
getTBSCertList()
Date
getThisUpdate()
int
getVersion()
boolean
hasUnsupportedCriticalExtension()
int
hashCode()
Get a value that represents this Object, as uniquely as possible within the confines of an int.
boolean
isRevoked(Certificate cert)
String
toString()
Convert this Object to a human-readable String.
void
verify(PublicKey key)
void
verify(PublicKey key, String provider)

Methods inherited from class java.security.cert.X509CRL

equals, extends X509CRLEntry> getRevokedCertificates, getEncoded, getIssuerDN, getIssuerX500Principal, getNextUpdate, getRevokedCertificate, getSigAlgName, getSigAlgOID, getSigAlgParams, getSignature, getTBSCertList, getThisUpdate, getVersion, hashCode, verify, verify

Methods inherited from class java.security.cert.CRL

getType, isRevoked, toString

Methods inherited from class java.lang.Object

clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

X509CRL

public X509CRL(InputStream encoded)
            throws CRLException,
                   IOException
Create a new X.509 CRL.
Parameters:
encoded - The DER encoded CRL.
Throws:
CRLException - If the input bytes are incorrect.
IOException - If the input bytes cannot be read.

Method Details

equals

public boolean equals(Object o)
Determine whether this Object is semantically equal to another Object.

There are some fairly strict requirements on this method which subclasses must follow:

  • It must be transitive. If a.equals(b) and b.equals(c), then a.equals(c) must be true as well.
  • It must be symmetric. a.equals(b) and b.equals(a) must have the same value.
  • It must be reflexive. a.equals(a) must always be true.
  • It must be consistent. Whichever value a.equals(b) returns on the first invocation must be the value returned on all later invocations.
  • a.equals(null) must be false.
  • It must be consistent with hashCode(). That is, a.equals(b) must imply a.hashCode() == b.hashCode(). The reverse is not true; two objects that are not equal may have the same hashcode, but that has the potential to harm hashing performance.

This is typically overridden to throw a ClassCastException if the argument is not comparable to the class performing the comparison, but that is not a requirement. It is legal for a.equals(b) to be true even though a.getClass() != b.getClass(). Also, it is typical to never cause a NullPointerException.

In general, the Collections API (java.util) use the equals method rather than the == operator to compare objects. However, IdentityHashMap is an exception to this rule, for its own good reasons.

The default implementation returns this == o.

Overrides:
equals in interface X509CRL
Parameters:
Returns:
whether this Object is semantically equal to another

getCriticalExtensionOIDs

public Set<E> getCriticalExtensionOIDs()
Specified by:
getCriticalExtensionOIDs in interface X509Extension

getEncoded

public byte[] getEncoded()
            throws CRLException
Overrides:
getEncoded in interface X509CRL

getExtension

public Extension getExtension(OID oid)
Returns the extension object for the given object identifier.
Specified by:
getExtension in interface GnuPKIExtension
Parameters:
oid - The OID of the extension to get.
Returns:
The extension, or null if there is no such extension.

getExtensionValue

public byte[] getExtensionValue(String oid)
Specified by:
getExtensionValue in interface X509Extension

getExtensions

public Collection<E> getExtensions()
Specified by:
getExtensions in interface GnuPKIExtension

getIssuerDN

public Principal getIssuerDN()
Overrides:
getIssuerDN in interface X509CRL

getIssuerX500Principal

public X500Principal getIssuerX500Principal()
Overrides:
getIssuerX500Principal in interface X509CRL

getNextUpdate

public Date getNextUpdate()
Overrides:
getNextUpdate in interface X509CRL

getNonCriticalExtensionOIDs

public Set<E> getNonCriticalExtensionOIDs()
Specified by:
getNonCriticalExtensionOIDs in interface X509Extension

getRevokedCertificate

public X509CRLEntry getRevokedCertificate(BigInteger serialNo)
Overrides:
getRevokedCertificate in interface X509CRL

getRevokedCertificates

public Set<E> getRevokedCertificates()

getSigAlgName

public String getSigAlgName()
Overrides:
getSigAlgName in interface X509CRL

getSigAlgOID

public String getSigAlgOID()
Overrides:
getSigAlgOID in interface X509CRL

getSigAlgParams

public byte[] getSigAlgParams()
Overrides:
getSigAlgParams in interface X509CRL

getSignature

public byte[] getSignature()
Overrides:
getSignature in interface X509CRL

getTBSCertList

public byte[] getTBSCertList()
            throws CRLException
Overrides:
getTBSCertList in interface X509CRL

getThisUpdate

public Date getThisUpdate()
Overrides:
getThisUpdate in interface X509CRL

getVersion

public int getVersion()
Overrides:
getVersion in interface X509CRL

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()
Specified by:
hasUnsupportedCriticalExtension in interface X509Extension

hashCode

public int hashCode()
Get a value that represents this Object, as uniquely as possible within the confines of an int.

There are some requirements on this method which subclasses must follow:

  • Semantic equality implies identical hashcodes. In other words, if a.equals(b) is true, then a.hashCode() == b.hashCode() must be as well. However, the reverse is not necessarily true, and two objects may have the same hashcode without being equal.
  • It must be consistent. Whichever value o.hashCode() returns on the first invocation must be the value returned on all later invocations as long as the object exists. Notice, however, that the result of hashCode may change between separate executions of a Virtual Machine, because it is not invoked on the same object.

Notice that since hashCode is used in Hashtable and other hashing classes, a poor implementation will degrade the performance of hashing (so don't blindly implement it as returning a constant!). Also, if calculating the hash is time-consuming, a class may consider caching the results.

The default implementation returns System.identityHashCode(this)

Overrides:
hashCode in interface X509CRL
Returns:
the hash code for this Object

isRevoked

public boolean isRevoked(Certificate cert)
Overrides:
isRevoked in interface CRL

toString

public String toString()
Convert this Object to a human-readable String. There are no limits placed on how long this String should be or what it should contain. We suggest you make it as intuitive as possible to be able to place it into System.out.println() and such.

It is typical, but not required, to ensure that this method never completes abruptly with a RuntimeException.

This method will be called when performing string concatenation with this object. If the result is null, string concatenation will instead use "null".

The default implementation returns getClass().getName() + "@" + Integer.toHexString(hashCode()).

Overrides:
toString in interface CRL
Returns:
the String representing this Object, which may be null

verify

public void verify(PublicKey key)
            throws CRLException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException
Overrides:
verify in interface X509CRL

verify

public void verify(PublicKey key,
                   String provider)
            throws CRLException,
                   NoSuchAlgorithmException,
                   InvalidKeyException,
                   NoSuchProviderException,
                   SignatureException
Overrides:
verify in interface X509CRL

X509CRL.java -- X.509 certificate revocation list. Copyright (C) 2003, 2004, 2010 Free Software Foundation, Inc. This file is part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; see the file COPYING. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.