public class

X509CRLEntryImpl

extends X509CRLEntry
java.lang.Object
   ↳ java.security.cert.X509CRLEntry
     ↳ sun.security.x509.X509CRLEntryImpl

Class Overview

Abstract class for a revoked certificate in a CRL. This class is for each entry in the revokedCertificates, so it deals with the inner SEQUENCE. The ASN.1 definition for this is:

 revokedCertificates    SEQUENCE OF SEQUENCE  {
     userCertificate    CertificateSerialNumber,
     revocationDate     ChoiceOfTime,
     crlEntryExtensions Extensions OPTIONAL
                        -- if present, must be v2
 }  OPTIONAL

 CertificateSerialNumber  ::=  INTEGER

 Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension

 Extension  ::=  SEQUENCE  {
     extnId        OBJECT IDENTIFIER,
     critical      BOOLEAN DEFAULT FALSE,
     extnValue     OCTET STRING
                   -- contains a DER encoding of a value
                   -- of the type registered for use with
                   -- the extnId object identifier value
 }
 

Summary

Public Constructors
X509CRLEntryImpl(BigInteger num, Date date)
Constructs a revoked certificate entry using the given serial number and revocation date.
X509CRLEntryImpl(BigInteger num, Date date, CRLExtensions crlEntryExts)
Constructs a revoked certificate entry using the given serial number, revocation date and the entry extensions.
X509CRLEntryImpl(byte[] revokedCert)
Unmarshals a revoked certificate from its encoded form.
X509CRLEntryImpl(DerValue derValue)
Unmarshals a revoked certificate from its encoded form.
Public Methods
void encode(DerOutputStream outStrm)
Encodes the revoked certificate to an output stream.
X500Principal getCertificateIssuer()
Get the issuer of the X509Certificate described by this entry.
Set<String> getCriticalExtensionOIDs()
Gets a Set of the extension(s) marked CRITICAL in this X509CRLEntry.
byte[] getEncoded()
Returns the ASN.1 DER-encoded form of this CRL Entry, which corresponds to the inner SEQUENCE.
Extension getExtension(ObjectIdentifier oid)
get an extension
byte[] getExtensionValue(String oid)
Gets the DER encoded OCTET string for the extension value (extnValue) identified by the passed in oid String.
Set<String> getNonCriticalExtensionOIDs()
Gets a Set of the extension(s) marked NON-CRITICAL in this X509CRLEntry.
Integer getReasonCode()
get Reason Code from CRL entry.
Date getRevocationDate()
Gets the revocation date from this X509CRLEntry, the revocationDate.
BigInteger getSerialNumber()
Gets the serial number from this X509CRLEntry, i.e.
boolean hasExtensions()
Returns true if this revoked certificate entry has extensions, otherwise false.
boolean hasUnsupportedCriticalExtension()
Return true if a critical extension is found that is not supported, otherwise return false.
static X509CRLEntryImpl toImpl(X509CRLEntry entry)
Utility method to convert an arbitrary instance of X509CRLEntry to a X509CRLEntryImpl.
String toString()
Returns a printable string of this revoked certificate.
[Expand]
Inherited Methods
From class java.security.cert.X509CRLEntry
From class java.lang.Object
From interface java.security.cert.X509Extension

Public Constructors

public X509CRLEntryImpl (BigInteger num, Date date)

Constructs a revoked certificate entry using the given serial number and revocation date.

Parameters
num the serial number of the revoked certificate.
date the Date on which revocation took place.

public X509CRLEntryImpl (BigInteger num, Date date, CRLExtensions crlEntryExts)

Constructs a revoked certificate entry using the given serial number, revocation date and the entry extensions.

Parameters
num the serial number of the revoked certificate.
date the Date on which revocation took place.
crlEntryExts the extensions for this entry.

public X509CRLEntryImpl (byte[] revokedCert)

Unmarshals a revoked certificate from its encoded form.

Parameters
revokedCert the encoded bytes.
Throws
CRLException on parsing errors.

public X509CRLEntryImpl (DerValue derValue)

Unmarshals a revoked certificate from its encoded form.

Throws
CRLException on parsing errors.

Public Methods

public void encode (DerOutputStream outStrm)

Encodes the revoked certificate to an output stream.

Parameters
outStrm an output stream to which the encoded revoked certificate is written.
Throws
CRLException on encoding errors.

public X500Principal getCertificateIssuer ()

Get the issuer of the X509Certificate described by this entry. If the certificate issuer is also the CRL issuer, this method returns null.

This method is used with indirect CRLs. The default implementation always returns null. Subclasses that wish to support indirect CRLs should override it.

Returns
  • the issuer of the X509Certificate described by this entry or null if it is issued by the CRL issuer.

public Set<String> getCriticalExtensionOIDs ()

Gets a Set of the extension(s) marked CRITICAL in this X509CRLEntry. In the returned set, each extension is represented by its OID string.

Returns
  • a set of the extension oid strings in the Object that are marked critical.

public byte[] getEncoded ()

Returns the ASN.1 DER-encoded form of this CRL Entry, which corresponds to the inner SEQUENCE.

Returns
  • the encoded form of this certificate
Throws
CRLException if an encoding error occurs.

public Extension getExtension (ObjectIdentifier oid)

get an extension

Parameters
oid ObjectIdentifier of extension desired

public byte[] getExtensionValue (String oid)

Gets the DER encoded OCTET string for the extension value (extnValue) identified by the passed in oid String. The oid string is represented by a set of positive whole number separated by ".", that means,
<positive whole number>.<positive whole number>.<positive whole number>.<...>

Parameters
oid the Object Identifier value for the extension.
Returns
  • the DER encoded octet string of the extension value.

public Set<String> getNonCriticalExtensionOIDs ()

Gets a Set of the extension(s) marked NON-CRITICAL in this X509CRLEntry. In the returned set, each extension is represented by its OID string.

Returns
  • a set of the extension oid strings in the Object that are marked critical.

public Integer getReasonCode ()

get Reason Code from CRL entry.

Throws
IOException on error

public Date getRevocationDate ()

Gets the revocation date from this X509CRLEntry, the revocationDate.

Returns
  • the revocation date.

public BigInteger getSerialNumber ()

Gets the serial number from this X509CRLEntry, i.e. the userCertificate.

Returns
  • the serial number.

public boolean hasExtensions ()

Returns true if this revoked certificate entry has extensions, otherwise false.

Returns
  • true if this CRL entry has extensions, otherwise false.

public boolean hasUnsupportedCriticalExtension ()

Return true if a critical extension is found that is not supported, otherwise return false.

public static X509CRLEntryImpl toImpl (X509CRLEntry entry)

Utility method to convert an arbitrary instance of X509CRLEntry to a X509CRLEntryImpl. Does a cast if possible, otherwise reparses the encoding.

Throws
CRLException

public String toString ()

Returns a printable string of this revoked certificate.

Returns
  • value of this revoked certificate in a printable form.