Skip navigation links

oracle.security.crypto.cert
Class CRL

java.lang.Object
oracle.security.crypto.cert.CRL

All Implemented Interfaces:

java.io.Externalizable, java.io.Serializable, oracle.security.crypto.asn1.ASN1Object, oracle.security.crypto.util.Streamable

public class CRL

extends java.lang.Object

implements oracle.security.crypto.asn1.ASN1Object, java.io.Externalizable

This class encapsulates a X.509 certificate revocation list (CRL) of RevokedCertificate objects.

Note: the methods and constructors that input a CRL do not automatically verify it. You need to explicitly call the verify method, after the issuer's public key has been set.

See Also:

RevokedCertificate, Serialized Form

Constructor Summary

CRL()
Create an empty CRL.

CRL(java.io.File f)
Input a CRL from a file.

CRL(java.io.InputStream is)
Input a CRL from a stream.

CRL(java.net.URL url)
Input a CRL from a URL.

CRL(X500Name issuer, oracle.security.crypto.core.PrivateKey privKey)
Deprecated. Use CRL(), setIssuer(X500Name), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

CRL(X500Name issuer, oracle.security.crypto.core.PrivateKey privKey, java.util.Date thisUpdate, java.util.Date nextUpdate, java.util.List<? extends RevokedCertificate> revokedCertificates)
Deprecated. Use CRL(), setIssuer(X500Name), setDates(Date, Date), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier), setRevokedCertificates(List)

CRL(X500Name issuer, oracle.security.crypto.core.PrivateKey privKey, java.util.Date thisUpdate, java.util.Date nextUpdate, java.util.Vector<? extends RevokedCertificate> revokedCertificates)
Make a new CRL.

CRL(X500Name issuer, oracle.security.crypto.core.PrivateKey privKey, int days)
Deprecated. Use CRL(), setIssuer(X500Name), setDates(int), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

CRL(X500Name issuer, oracle.security.crypto.core.PrivateKey privKey, int days, oracle.security.crypto.core.AlgorithmIdentifier sigAlg)
Deprecated. Use CRL(), setIssuer(X500Name), setDates(int), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

CRL(X509 issuer)
Deprecated. Use CRL() , setIssuerCertificate(X509Certificate)

CRL(X509 issuer, java.io.File f)
Deprecated. Use CRL() , setIssuerCertificate(X509Certificate), input(InputStream)

CRL(X509 issuer, java.io.InputStream is)
Deprecated. Use CRL() , setIssuerCertificate(X509Certificate), input(InputStream)

CRL(X509 issuer, java.net.URL url)
Deprecated. Use CRL() , setIssuerCertificate(X509Certificate), input(InputStream)

Method Summary

void	addCertificate(java.math.BigInteger sn) Add a certificate serial number to the revoked list.
void	addCertificate(java.math.BigInteger sn, java.util.Date d) Add a certificate serial number to the revoked list with the given revocation date.
void	addCertificate(RevokedCertificate rc) Add a RevokedCertificate to the list.
void	addExtension(X509Extension ext) Add an extension.
boolean	equals(java.lang.Object o) Compare this CRL to the specified object.
java.util.Set<java.lang.String>	getCriticalExtensionOIDs()
java.util.Date	getDate() Get this CRL's date.
byte[]	getEncoded() Returns the encoded form of this object.
X509Extension	getExtension(oracle.security.crypto.asn1.ASN1ObjectID type) Return the extension with the specified OID, or null if it is not present.
X509ExtensionSet	getExtensionSet() Returns the set of X509Extensions.
byte[]	getExtensionValue(java.lang.String oid)
X500Name	getIssuer() Returns the issuer of this CRL.
java.security.Principal	getIssuerDN()
javax.security.auth.x500.X500Principal	getIssuerX500Principal()
java.util.Date	getNextDate() Get the date of the next update (i.e., last date of validity for this CRL).
java.util.Date	getNextUpdate()
java.util.Set<java.lang.String>	getNonCriticalExtensionOIDs()
RevokedCertificate	getRevokedCertificate(java.math.BigInteger sn) Returns the revocation record for the given serial number, or null if it is not on the list.
java.security.cert.X509CRLEntry	getRevokedCertificate(java.security.cert.X509Certificate certificate)
java.util.Vector<RevokedCertificate>	getRevokedCertificates() Deprecated.
java.util.ArrayList<RevokedCertificate>	getRevokedCertificatesAsList() Get the list of CRL entries.
java.util.Map<java.math.BigInteger,RevokedCertificate>	getRevokedCertificatesAsMap() Get a map of RevokedCertificates indexed by serial number
java.lang.String	getSigAlgName()
java.lang.String	getSigAlgOID()
byte[]	getSigAlgParams()
byte[]	getSigBytes() Signs the certificate and returns the signature bytes.
byte[]	getSignature()
byte[]	getTBSCertList()
java.util.Date	getThisUpdate()
int	getVersion()
int	hashCode()
boolean	hasUnrecognizedCriticalExtension() Returns true if this CRL or any of its revoked certificate entries has an unrecognized critical extension.
boolean	hasUnsupportedCriticalExtension()
void	input(java.io.InputStream is) Input this CRL from a stream.
boolean	isRevoked(java.math.BigInteger sn) Checks whether this serial number is on the list.
boolean	isRevoked(java.security.cert.Certificate cert)
int	length() Returns the length of the DER encoding of this CRL.
void	output(java.io.OutputStream os) Output this CRL to a stream.
void	readExternal(java.io.ObjectInput is)
java.util.Date	revocationDate(java.math.BigInteger sn) Returns the revocation date for the given serial number, or null if it is not on the list.
java.util.Enumeration<java.math.BigInteger>	revokedSerialNos() Deprecated. Use getRevokedCertificatesAsList() and then get Iterator
void	setDate(java.util.Date thisUpdate) Set the date of this CRL.
void	setDates(java.util.Date thisUpdate, java.util.Date nextUpdate) Set the dates of validity for this CRL.
void	setDates(int days) Set the dates of validity for this CRL.
void	setExtensions(X509ExtensionSet exts) Set the X509Extensionss.
void	setIssuer(X500Name issuer) Set the issuer of this CRL.
void	setIssuerCertificate(X509 issuerCert) Deprecated. Use setIssuerCertificate(X509Certificate)
void	setIssuerCertificate(java.security.cert.X509Certificate ic) Set the issuer of this CRL and the issuer's public key from a certificate.
void	setPrivateKey(oracle.security.crypto.core.PrivateKey key) Deprecated. Use setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)
void	setPrivateKey(oracle.security.crypto.core.PrivateKey key, oracle.security.crypto.core.AlgorithmIdentifier sigAlgID) Deprecated. Use setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)
void	setPrivateKey(java.security.PrivateKey key, oracle.security.crypto.core.AlgorithmIdentifier sigAlgID) Set issuer's signature private key and signature algorithm.
void	setPublicKey(oracle.security.crypto.core.PublicKey key) Deprecated. Use setPublicKey(java.security.PublicKey)
void	setPublicKey(java.security.PublicKey key) Set the issuer's public key for later verification.
void	setRevokedCertificates(java.util.List<? extends RevokedCertificate> rcs) Set the vector of RevokedCertificates.
void	setRevokedCertificates(java.util.Vector<? extends RevokedCertificate> rcs) Deprecated. Use setRevokedCertificates(List)
void	setSigAlgID(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID)
void	sign() Signs this CRL.
void	sign(oracle.security.crypto.core.RandomBitsSource rbs) Deprecated. Use sign()
static CRL	toCRL(java.security.cert.X509CRL crl) Converts an X509CRL to CRL.
java.lang.String	toString() Returns a verbose humanly readable representation of this CRL.
java.security.cert.X509CRL	toX509CRL() Get the X509CRL.
boolean	verify() Verify the CRL.
void	verify(java.security.PublicKey key)
void	verify(java.security.PublicKey key, java.lang.String sigProvider)
boolean	verifyDate() Verify that the CRL is already/still valid.
boolean	verifySignature() Verify the CRL signature.
void	writeExternal(java.io.ObjectOutput os)

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

CRL

public CRL()

Create an empty CRL.

CRL

public CRL(java.io.InputStream is)
    throws java.io.IOException

Input a CRL from a stream.

Throws:

java.io.IOException - if there was an I/O error

CRL

public CRL(java.io.File f)
    throws java.io.IOException

Input a CRL from a file.

Throws:

java.io.IOException - if there was an I/O error

CRL

public CRL(java.net.URL url)
    throws java.io.IOException

Input a CRL from a URL.

Throws:

java.io.IOException - if there was an I/O error

CRL

public CRL(X509 issuer)

Deprecated. Use CRL() , setIssuerCertificate(X509Certificate)

Make a new CRL, which is expected to be issued by the given issuer. This constructor is to be called by a verifier. The input method will throw an exception if the CRL it reads was not issued by the specified issuer.

Parameters:

issuer - the certificate of the expected issuer

See Also:

input(InputStream)

CRL

public CRL(X509 issuer,
           java.io.InputStream is)
    throws java.io.IOException

Deprecated. Use CRL() , setIssuerCertificate(X509Certificate), input(InputStream)

Input from a stream a CRL issued by the given issuer.

Throws:

java.io.IOException - if there was an I/O error, or the CRL was not issued by the specified issuer

CRL

public CRL(X509 issuer,
           java.io.File f)
    throws java.io.FileNotFoundException,
           java.io.IOException

Deprecated. Use CRL() , setIssuerCertificate(X509Certificate), input(InputStream)

Input from a file a CRL issued by the given issuer.

Throws:

java.io.IOException - if there was an I/O error, or the CRL was not issued by the specified issuer

java.io.FileNotFoundException

CRL

public CRL(X509 issuer,
           java.net.URL url)
    throws java.io.IOException

Deprecated. Use CRL() , setIssuerCertificate(X509Certificate), input(InputStream)

Input from a URL a CRL issued by the given issuer.

Throws:

java.io.IOException - if there was an I/O error, or the CRL was not issued by the specified issuer

CRL

public CRL(X500Name issuer,
           oracle.security.crypto.core.PrivateKey privKey,
           java.util.Date thisUpdate,
           java.util.Date nextUpdate,
           java.util.Vector<? extends RevokedCertificate> revokedCertificates)

Make a new CRL. This constructor is to be called by a CA issuer. The CRL is not actually signed until the sign or output method is called.

Parameters:

issuer - the issuer's name

privKey - the issuer's private signing key

thisUpdate - the date of this CRL

nextUpdate - the upper limit on the date of the next CRL (or null)

revokedCertificates - the list of RevokedCertificates

See Also:

sign(), Use {@link #CRL()}, {@link #setIssuer(X500Name)}, {@link #setDates(Date, Date)}, {@link #setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)}, {@link #setRevokedCertificates(List)}

CRL

public CRL(X500Name issuer,
           oracle.security.crypto.core.PrivateKey privKey,
           java.util.Date thisUpdate,
           java.util.Date nextUpdate,
           java.util.List<? extends RevokedCertificate> revokedCertificates)

Deprecated. Use CRL(), setIssuer(X500Name), setDates(Date, Date), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier), setRevokedCertificates(List)

Make a new CRL. This constructor is to be called by a CA issuer. The CRL is not actually signed until the sign or output method is called.

Parameters:

issuer - the issuer's name

privKey - the issuer's private signing key

thisUpdate - the date of this CRL

nextUpdate - the upper limit on the date of the next CRL (or null)

revokedCertificates - the list of RevokedCertificates

See Also:

sign(), output(OutputStream)

CRL

public CRL(X500Name issuer,
           oracle.security.crypto.core.PrivateKey privKey,
           int days)

Deprecated. Use CRL(), setIssuer(X500Name), setDates(int), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

Make a new CRL with an empty list of certificates. This constructor is to be called by a CA issuer. The CRL is not actually signed until the sign or output method is called.

Parameters:

issuer - the issuer's name

privKey - the issuer's private signing key

days - the number of days until the next update (or <=0 for no update)

See Also:

sign(), output(OutputStream)

CRL

public CRL(X500Name issuer,
           oracle.security.crypto.core.PrivateKey privKey,
           int days,
           oracle.security.crypto.core.AlgorithmIdentifier sigAlg)

Deprecated. Use CRL(), setIssuer(X500Name), setDates(int), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

Parameters:

issuer - the issuer's name

privKey - the issuer's private signing key

days - the number of days until the next update (or <=0 for no update)

sigAlg - signature algorithm to use

See Also:

sign(), output(OutputStream)

CRL

public CRL(X500Name issuer,
           oracle.security.crypto.core.PrivateKey privKey)

Deprecated. Use CRL(), setIssuer(X500Name), setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

Make a new CRL with an empty list of certificates and no scheduled next update. This constructor is to be called by a CA issuer.

Parameters:

issuer - the issuer's name

privKey - the issuer's private signing key

Method Detail

toCRL

public static CRL toCRL(java.security.cert.X509CRL crl)

Converts an X509CRL to CRL.

If the X509CRL was wrapper object obtained by toX509CRL() then this method simply returns the underlying CRL object.

Parameters:

cert -

Returns:

setIssuer

public void setIssuer(X500Name issuer)

Set the issuer of this CRL.

setIssuerCertificate

public void setIssuerCertificate(X509 issuerCert)

Deprecated. Use setIssuerCertificate(X509Certificate)

Set the issuer of this CRL and the issuer's public key from a certificate.

setIssuerCertificate

public void setIssuerCertificate(java.security.cert.X509Certificate ic)

Set the issuer of this CRL and the issuer's public key from a certificate.

getIssuer

public X500Name getIssuer()

Returns the issuer of this CRL.

setPublicKey

public void setPublicKey(oracle.security.crypto.core.PublicKey key)

Deprecated. Use setPublicKey(java.security.PublicKey)

Set the issuer's public key for later verification.

setPublicKey

public void setPublicKey(java.security.PublicKey key)

Set the issuer's public key for later verification.

setPrivateKey

public void setPrivateKey(oracle.security.crypto.core.PrivateKey key)

Deprecated. Use setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

Set issuer's signature private key. The default signature algorithm for the given key will be used.

setPrivateKey

public void setPrivateKey(oracle.security.crypto.core.PrivateKey key,
                          oracle.security.crypto.core.AlgorithmIdentifier sigAlgID)

Deprecated. Use setPrivateKey(java.security.PrivateKey, AlgorithmIdentifier)

Set issuer's signature private key and signature algorithm.

setPrivateKey

public void setPrivateKey(java.security.PrivateKey key,
                          oracle.security.crypto.core.AlgorithmIdentifier sigAlgID)

Set issuer's signature private key and signature algorithm.

Parameters:

key -

sigAlgID -

setSigAlgID

public void setSigAlgID(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID)

getDate

public java.util.Date getDate()

Get this CRL's date.

getNextDate

public java.util.Date getNextDate()

Get the date of the next update (i.e., last date of validity for this CRL).

getRevokedCertificates

@Deprecated
public java.util.Vector<RevokedCertificate> getRevokedCertificates()

Deprecated.

Get the vector of CRL entries.

Returns:

a Vector of RevokedCertificate, or null if none are defined.

getRevokedCertificatesAsList

public java.util.ArrayList<RevokedCertificate> getRevokedCertificatesAsList()

Get the list of CRL entries.

Returns:

a ArrayList of RevokedCertificate, or null if none are defined.

getRevokedCertificatesAsMap

public java.util.Map<java.math.BigInteger,RevokedCertificate> getRevokedCertificatesAsMap()

Get a map of RevokedCertificates indexed by serial number

Returns:

revokedSerialNos

public java.util.Enumeration<java.math.BigInteger> revokedSerialNos()

Deprecated. Use getRevokedCertificatesAsList() and then get Iterator

Get the serial numbers of the CRL entries.

Returns:

an (possibly empty) Enumeration of the BigInteger serial numbers of the revoked certificates in this CRL.

setRevokedCertificates

public void setRevokedCertificates(java.util.Vector<? extends RevokedCertificate> rcs)

Deprecated. Use setRevokedCertificates(List)

Set the vector of RevokedCertificates.

setRevokedCertificates

public void setRevokedCertificates(java.util.List<? extends RevokedCertificate> rcs)

Set the vector of RevokedCertificates.

setDate

public void setDate(java.util.Date thisUpdate)

Set the date of this CRL. Does not set the date of the next update.

setDates

public void setDates(java.util.Date thisUpdate,
                     java.util.Date nextUpdate)

Set the dates of validity for this CRL.

setDates

public void setDates(int days)

Set the dates of validity for this CRL.

Parameters:

days - the number of days before the next update

addCertificate

public void addCertificate(java.math.BigInteger sn)

Add a certificate serial number to the revoked list. Uses the current time as the revocation date.

addCertificate

public void addCertificate(java.math.BigInteger sn,
                           java.util.Date d)

Add a certificate serial number to the revoked list with the given revocation date.

addCertificate

public void addCertificate(RevokedCertificate rc)

Add a RevokedCertificate to the list.

getExtensionSet

public X509ExtensionSet getExtensionSet()

Returns the set of X509Extensions.

Returns:

A X509ExtensionSet, or null if no extensions are defined.

getExtension

public X509Extension getExtension(oracle.security.crypto.asn1.ASN1ObjectID type)

Return the extension with the specified OID, or null if it is not present.

setExtensions

public void setExtensions(X509ExtensionSet exts)

Set the X509Extensionss.

addExtension

public void addExtension(X509Extension ext)

Add an extension.

getRevokedCertificate

public RevokedCertificate getRevokedCertificate(java.math.BigInteger sn)

Returns the revocation record for the given serial number, or null if it is not on the list.

revocationDate

public java.util.Date revocationDate(java.math.BigInteger sn)

Returns the revocation date for the given serial number, or null if it is not on the list.

isRevoked

public boolean isRevoked(java.math.BigInteger sn)

Checks whether this serial number is on the list.

hasUnrecognizedCriticalExtension

public boolean hasUnrecognizedCriticalExtension()

Returns true if this CRL or any of its revoked certificate entries has an unrecognized critical extension.

verify

public boolean verify()
               throws oracle.security.crypto.core.AuthenticationException

Verify the CRL. Checks the date and signature. The issuer's public key has to be set.

Throws:

oracle.security.crypto.core.AuthenticationException

verifyDate

public boolean verifyDate()

Verify that the CRL is already/still valid.

verifySignature

public boolean verifySignature()
                        throws oracle.security.crypto.core.AuthenticationException

Verify the CRL signature. The issuer's public key has to be set.

Throws:

oracle.security.crypto.core.AuthenticationException

sign

public void sign()
          throws oracle.security.crypto.core.SignatureException

Signs this CRL. The issuer's private key has to be set. The default random number generator is used, if needed.

Note: Making any modifications to the contents of the CRL after signing invalidates the signature. The sign method must be invoked again after any modifications for a valid signature to be computed.

Throws:

oracle.security.crypto.core.SignatureException - if there is an error during signing

sign

public void sign(oracle.security.crypto.core.RandomBitsSource rbs)
          throws oracle.security.crypto.core.SignatureException

Deprecated. Use sign()

Signs this CRL. The issuer's private key has to be set.

Note: Making any modifications to the contents of the CRL after signing invalidates the signature. The sign method must be invoked again after any modifications for a valid signature to be computed.

Parameters:

rbs - the random number generator to be used for signing, if needed

Throws:

oracle.security.crypto.core.SignatureException - if there is an error during signing

getSigBytes

public byte[] getSigBytes()
                   throws oracle.security.crypto.core.SignatureException

Signs the certificate and returns the signature bytes.

Throws:

oracle.security.crypto.core.SignatureException

output

public void output(java.io.OutputStream os)
            throws java.io.IOException

Output this CRL to a stream.

Specified by:

output in interface oracle.security.crypto.util.Streamable

Throws:

java.io.IOException - if there was an I/O error

input

public void input(java.io.InputStream is)
           throws java.io.IOException

Input this CRL from a stream.

Specified by:

input in interface oracle.security.crypto.util.Streamable

Throws:

java.io.IOException - if there was an I/O error, or the issuer was specified before and does not match the CRL that was read in

length

public int length()

Returns the length of the DER encoding of this CRL.

Throws a StreamableOutputException if an error occurs while generating the DER encoding.

Specified by:

length in interface oracle.security.crypto.util.Streamable

equals

public boolean equals(java.lang.Object o)

Compare this CRL to the specified object. Returns true if and only if the argument is not null and is an CRL object which has the same DER encoding as this object.

Overrides:

equals in class java.lang.Object

toString

public java.lang.String toString()

Returns a verbose humanly readable representation of this CRL. This method is recommended to be used only for debugging.

Overrides:

toString in class java.lang.Object

getEncoded

public byte[] getEncoded()

Returns the encoded form of this object.

Throws a StreamableOutputException if an error occurs while generating the encoded bytes.

getIssuerDN

public java.security.Principal getIssuerDN()

Returns:

See Also:

java.security.cert.X509CRL#getIssuerDN()}

getIssuerX500Principal

public javax.security.auth.x500.X500Principal getIssuerX500Principal()

Returns:

See Also:

java.security.cert.X509CRL#getIssuerX500Principal()}

getNextUpdate

public java.util.Date getNextUpdate()

Returns:

See Also:

java.security.cert.X509CRL#getNextUpdate()}

getRevokedCertificate

public java.security.cert.X509CRLEntry getRevokedCertificate(java.security.cert.X509Certificate certificate)

Parameters:

certificate -

Returns:

See Also:

java.security.cert.X509CRL#getRevokedCertificate(X509Certificate)}

getSigAlgName

public java.lang.String getSigAlgName()

Returns:

See Also:

java.security.cert.X509CRL#getSigAlgName()}

getSigAlgOID

public java.lang.String getSigAlgOID()

Returns:

See Also:

java.security.cert.X509CRL#getSigAlgOID()}

getSigAlgParams

public byte[] getSigAlgParams()

Returns:

See Also:

java.security.cert.X509CRL#getSigAlgParams()}

getSignature

public byte[] getSignature()

Returns:

See Also:

java.security.cert.X509CRL#getSignature()}

getTBSCertList

public byte[] getTBSCertList()
                      throws java.security.cert.CRLException

Returns:

Throws:

java.security.cert.CRLException

See Also:

java.security.cert.X509CRL#getTBSCertList()}

getThisUpdate

public java.util.Date getThisUpdate()

Returns:

See Also:

java.security.cert.X509CRL#getThisUpdate()}

getVersion

public int getVersion()

Returns:

See Also:

java.security.cert.X509CRL#getVersion()}

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object

verify

public void verify(java.security.PublicKey key,
                   java.lang.String sigProvider)
            throws java.security.cert.CRLException,
                   java.security.NoSuchAlgorithmException,
                   java.security.InvalidKeyException,
                   java.security.NoSuchProviderException,
                   java.security.SignatureException

Parameters:

key -

sigProvider -

Throws:

java.security.cert.CRLException

java.security.NoSuchAlgorithmException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.SignatureException

See Also:

java.security.cert.X509CRL#verify(java.security.PublicKey, String)}

verify

public void verify(java.security.PublicKey key)
            throws java.security.cert.CRLException,
                   java.security.NoSuchAlgorithmException,
                   java.security.InvalidKeyException,
                   java.security.NoSuchProviderException,
                   java.security.SignatureException

Parameters:

key -

Throws:

java.security.cert.CRLException

java.security.NoSuchAlgorithmException

java.security.InvalidKeyException

java.security.NoSuchProviderException

java.security.SignatureException

See Also:

java.security.cert.X509CRL#verify(java.security.PublicKey)}

isRevoked

public boolean isRevoked(java.security.cert.Certificate cert)

Parameters:

cert -

Returns:

See Also:

java.security.cert.X509CRL#isRevoked(Certificate)}

getCriticalExtensionOIDs

public java.util.Set<java.lang.String> getCriticalExtensionOIDs()

Returns:

See Also:

java.security.cert.X509CRL#getCriticalExtensionOIDs()}

getExtensionValue

public byte[] getExtensionValue(java.lang.String oid)

Parameters:

oid -

Returns:

See Also:

java.security.cert.X509CRL#getExtensionValue(String)}

getNonCriticalExtensionOIDs

public java.util.Set<java.lang.String> getNonCriticalExtensionOIDs()

Returns:

See Also:

java.security.cert.X509CRL#getNonCriticalExtensionOIDs()}

hasUnsupportedCriticalExtension

public boolean hasUnsupportedCriticalExtension()

Returns:

See Also:

java.security.cert.X509CRL#hasUnsupportedCriticalExtension()}

writeExternal

public void writeExternal(java.io.ObjectOutput os)
                   throws java.io.IOException

Specified by:

writeExternal in interface java.io.Externalizable

Throws:

java.io.IOException

readExternal

public void readExternal(java.io.ObjectInput is)
                  throws java.io.IOException,
                         java.lang.ClassNotFoundException

Specified by:

readExternal in interface java.io.Externalizable

Throws:

java.io.IOException

java.lang.ClassNotFoundException

toX509CRL

public java.security.cert.X509CRL toX509CRL()

Get the X509CRL. This does not actually convert the CRL, rather it just returns a wrapper class which adapts the CRL class to the X509CRL interface.

If you want to convert to an X509CRL of the different implementation do not use this method, Instead use CertificateFactory.generateCRL

Returns:

Skip navigation links