|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.dstc.security.pki.X509CRLGen
Class for generating X.509 Certificate Revocation Lists (CRL's). The following code snippet illustrates the typical usage for this object:
X509CRLGen crlGen = new X509CRLGen(caSignature, caCert); cg.setThisUpdate(new Date()); Calendar c = Calendar.getInstance(); c.set(2002,5,21); cg.setNextUpdate(c.getTime()); cg.setCRLNumber(BigInteger.valueOf((long)635)); cg.addRevokedCert(BigInteger.valueOf((long)35467)); cg.addRevokedCert(BigInteger.valueOf((long)4587467)); X509CRL crl = crlGen.getCRL();
Field Summary | |
static int |
MODE_RAW_PKCS7
|
static int |
MODE_RAW_X509
|
Constructor Summary | |
X509CRLGen()
Default constructor. |
|
X509CRLGen(PrivateKey key,
String alg,
String provider,
X509Certificate cert)
Constructs X509CRLGen from the signer's private key,
the signature algorithm, the provider for the Signature
object to be used and the signer's certificate. |
|
X509CRLGen(PrivateKey key,
String alg,
X509Certificate cert)
Constructs X509CRLGen from the signer's private key,
the signature algorithm and the signer's certificate. |
|
X509CRLGen(Signature sigObject,
X509Certificate cert)
Constructs X509CRLGen from a(n initialized)
Signature object. |
|
X509CRLGen(String issName,
Signature sig)
Constructor using IssuerName and Signature. |
Method Summary | |
void |
addRevokedCert(BigInteger serial)
Add a revoked certificate to this CRL. |
void |
addRevokedCert(BigInteger serial,
Date revocationTime)
Add a revoked certificate to this CRL. |
void |
addRevokedCert(BigInteger serial,
Date revocationTime,
com.dstc.security.x509.Extensions extns)
Add a revoked certificate to this CRL. |
void |
addRevokedCert(BigInteger serial,
com.dstc.security.x509.Extensions extns)
Add a revoked certificate to this CRL. |
void |
addRevokedCert(X509CRLEntry entry)
Add a revoked certificate to this CRL. |
void |
deleteRevokedCert(BigInteger serial)
Delete a revoked certificate from this CRL. |
X509CRL |
getCRL()
Returns the CRL being generated by this X509CRLGen
object. |
byte[] |
getEncoded(int mode)
Returns the DER encoding of the CRL generated by this
X509CRLGen object. |
void |
setAuthorityKeyIdentifier(byte[] keyId)
Set the issuer's AuthorityKeyIdentifier
extension for this CRL. |
void |
setCRLNumber(BigInteger num)
Set this CRL's CRLNumber extension. |
void |
setIssuerDirectoryName(String name)
Set the issuer's DirectoryName as part of the IssuerAltName
extension for this CRL. |
void |
setIssuerDNSName(String name)
Set the issuer's DNSName as part of the IssuerAltName
extension for this CRL. |
void |
setIssuerEmail(String email)
Set the issuer's e-mail address as part of the IssuerAltName
extension for this CRL. |
void |
setIssuerIPAddress(String name)
Set the issuer's IP address as part of the IssuerAltName
extension for this CRL. |
void |
setIssuerURL(String name)
Set the issuer's URL as part of the IssuerAltName
extension for this CRL. |
void |
setNextUpdate(Date nextUpdate)
Set the Date for the next update. |
void |
setRevokedCerts(Set revCerts)
Add a set of revoked certificates to this CRL. |
void |
setThisUpdate(Date thisUpdate)
Set the Date for this update. |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
public static final int MODE_RAW_X509
public static final int MODE_RAW_PKCS7
Constructor Detail |
public X509CRLGen()
public X509CRLGen(PrivateKey key, String alg, X509Certificate cert) throws X509CRLGenException
Constructs X509CRLGen
from the signer's private key,
the signature algorithm and the signer's certificate.
key
- the signer's private key.alg
- the algorithm used to sign the CRL.cert
- the signer's certificate (the CA cert).public X509CRLGen(PrivateKey key, String alg, String provider, X509Certificate cert) throws X509CRLGenException
Constructs X509CRLGen
from the signer's private key,
the signature algorithm, the provider for the Signature
object to be used and the signer's certificate.
key
- the signer's private key.alg
- the algorithm used to sign the CRL.provider
- the provider to use for the internal Signature
instance.cert
- the signer's certificate (the CA cert).public X509CRLGen(Signature sigObject, X509Certificate cert)
Constructs X509CRLGen
from a(n initialized)
Signature
object.
sigObject
- the (initialized) Signature
object used
to sign the CRL.cert
- the signer's certificate (the CA cert).public X509CRLGen(String issName, Signature sig)
issName
- String
representing the X500Name of
the issuer.sig
- the (initialized) Signature
object used
to sign the CRL.Method Detail |
public void setThisUpdate(Date thisUpdate)
Set the Date
for this update.
thisUpdate
- the date this CRL was issued.public void setNextUpdate(Date nextUpdate)
Set the Date
for the next update.
nextUpdate
- the date the next CRL will be issued.public void addRevokedCert(BigInteger serial)
Add a revoked certificate to this CRL.
serial
- the serial number of the Certificate which is
being revoked.public void addRevokedCert(BigInteger serial, com.dstc.security.x509.Extensions extns)
Add a revoked certificate to this CRL.
serial
- the serial number of the Certificate which is
being revoked.extns
- a set of Extensions
to add to this CRL.public void addRevokedCert(BigInteger serial, Date revocationTime)
Add a revoked certificate to this CRL.
serial
- the serial number of the Certificate which is
being revoked.revocationTime
- the Date
from which this certificate
has been revoked.public void addRevokedCert(BigInteger serial, Date revocationTime, com.dstc.security.x509.Extensions extns)
Add a revoked certificate to this CRL.
serial
- the serial number of the Certificate which is
being revoked.revocationTime
- the Date
from which this certificate
has been revoked.extns
- a set of Extensions
to add to this CRL.public void addRevokedCert(X509CRLEntry entry)
Add a revoked certificate to this CRL.
entry
- the X509CRLEntry
object corresponding to the
certificate being revoked.public void setRevokedCerts(Set revCerts)
Add a set of revoked certificates to this CRL.
revCerts
- the Set
of X509CRLEntry
objects corresponding to the certificates being revoked.public void deleteRevokedCert(BigInteger serial)
Delete a revoked certificate from this CRL.
serial
- the serial number of the Certificate which is
being deleted from this CRL.public void setIssuerEmail(String email)
Set the issuer's e-mail address as part of the IssuerAltName
extension for this CRL.
email
- the issuer's e-mail address.public void setIssuerDNSName(String name)
Set the issuer's DNSName as part of the IssuerAltName
extension for this CRL.
name
- the issuer's DNSName.public void setIssuerDirectoryName(String name)
Set the issuer's DirectoryName as part of the IssuerAltName
extension for this CRL.
name
- the issuer's DirectoryName.public void setIssuerURL(String name)
Set the issuer's URL as part of the IssuerAltName
extension for this CRL.
name
- the issuer's URL.public void setIssuerIPAddress(String name)
Set the issuer's IP address as part of the IssuerAltName
extension for this CRL.
name
- the issuer's IP address.public void setAuthorityKeyIdentifier(byte[] keyId) throws X509CRLGenException
Set the issuer's AuthorityKeyIdentifier
extension for this CRL.
keyId
- a byte array which identifies the issuer's key pair.public void setCRLNumber(BigInteger num) throws X509CRLGenException
Set this CRL's CRLNumber
extension.
num
- the serial number associated to this CRL.public X509CRL getCRL() throws X509CRLGenException
Returns the CRL being generated by this X509CRLGen
object.
java.security.cert.X509CRL
generated by
this object.public byte[] getEncoded(int mode) throws X509CRLGenException
Returns the DER encoding of the CRL generated by this
X509CRLGen
object.
The encoding can be in X.509 format or PKCS7 format depending on the argument given to this method.
mode == 0 == MODE_RAW_X509 (X.509 encoding) mode == 1 == MODE_RAW_PKCS7 (PKCS7 encoding)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |