Package eu.emi.security.authn.x509.helpers.pkipath

Class PlainCRLValidator

    • Constructor Detail

      • PlainCRLValidator

        public PlainCRLValidator​(RevocationParametersExt revocationParams,
                         java.util.Collection<? extends StoreUpdateListener> listeners)
        Constructs a new validator instance. CRLs (Certificate Revocation Lists) are taken from the trusted CAs certificate extension and downloaded, unless CRL checking is disabled. Additional CRLs may be provided explicitly using the constructor argument. Such additional CRLs are preferred to the ones defined by the CA extensions.
        Parameters:
        revocationParams - configuration of CRL sources
        listeners - initial listeners to be notified about CRL background updates

    • Method Detail

      • createCRLStore

        protected PlainCRLStoreSpi createCRLStore​(CRLParameters crlParams,
                                          java.util.Timer t)
        This method can be overridden if a different implementation of the PlainCRLStoreSpi (its subclass) should be used.
        Parameters:
        crlParams - source definition
        t - timer to be used for scheduling updates
        Returns:
        initialized CRL store SPI

      • getRevocationParameters

        public RevocationParametersExt getRevocationParameters()
        Returns a copy (so modifications won't change this validator internal state) of revocation parameters.
        Returns:
        revocation parameters

      • getCRLUpdateInterval

        public long getCRLUpdateInterval()
        Returns the interval between subsequent reloads of CRLs. This setting is used for all CRLs (those defined in CA certificates and manually configured). Implementation does not guarantees that the CRL is updated exactly after this interval.
        Returns:
        the current refresh interval in milliseconds

      • setCRLUpdateInterval

        public void setCRLUpdateInterval​(long updateInterval)
        Sets a new interval between subsequent of CRLs. This setting is used for all CRLs (those defined in CA certificates and manually configured). Implementation does not guarantees that the CRL is updated exactly after this interval.
        Parameters:
        updateInterval - the new interval to be set in milliseconds

      • getCrls

        public java.util.List<java.lang.String> getCrls()
        Returns the current list of additional CRL locations. See class description for details.
        Returns:
        The current list of additional CRLs. The returned list is a copy of the list actually used so its modifications does not influence the validator.

      • setCrls

        public void setCrls​(java.util.List<java.lang.String> crls)
        Sets a new list of additional CRL locations. See class description for details.
        Parameters:
        crls - the new list.