CRLSource

public abstract class CRLSource

This is an abstract class for holding a X509 CRL instance. The functionality of CRL is given by this class. The sub-classes will provide different initialization method for loading the CRL, for example, through a file or through LDAP.

Author:kcyee

Fields

crl

protected X509CRL crl

Internal storage of X509 CRL

ready

protected boolean ready

Indicates the CRL has been loaded correctly or not

Constructors

CRLSource

public CRLSource()

Default constructor. It initializes the object. But the object is still unusable until init() is called.

Methods

getIssuer

public String getIssuer()

Gets the distinguished name (DN) of the issuer of the CRL.

Throws:
Returns:

the DN of the issuer

getNextUpdate

public Date getNextUpdate()

Gets the next update date of the CRL.

Throws:
Returns:

the next update date

getThisUpdate

public Date getThisUpdate()

Gets the last update date of the CRL.

Throws:
Returns:

the last update date

init

public abstract void init()

Initializes the object. The initialization procedure depends on the source of the CRL. So, we declare this method as abstract here, leaving the sub-classes to concern about the initialization.

Throws:
  • CRLException – Initialization error occurs

isReady

public boolean isReady()

Gets the readiness of the object. The object will be ready for use after init() is called. And the internal X509 CRL storage is populated.

Returns:true if the object is ready for use; false if otherwise

isRevoked

public boolean isRevoked(Certificate cert)

Checks the specified certificate against the CRL to see whether the certificate has been revoked or not.

Parameters:
  • cert – the certificate to be tested against the CRL
Throws:
Returns:

true if the specified certificate is revoked according to the CRL; false if otherwise

isRevoked

public boolean isRevoked(CertSource cert)

Checks the specified certificate against the CRL to see whether the certificate has been revoked or not.

Parameters:
  • cert – the certificate to be tested against the CRL
Throws:
Returns:

true if the specified certificate is revoked according to the CRL; false if otherwise

verifySignature

public boolean verifySignature(PublicKey pubKey)

Verifies the CRL to check whether is is signed by the private key corresponding to the specified public key or not.

Parameters:
  • pubKey – the public key used to verify
Throws:
Returns:

true if the CRL is signed by the private key corresponding to pubKey; false if otherwise

verifySignature

public boolean verifySignature(Certificate cert)

Verifies the CRL to check whether is is signed by the private key corresponding to the public key in the specified certificate or not.

Parameters:
  • cert – the certificate storing the public key to be used for verification
Throws:
Returns:

true if the CRL is signed by the private key corresponding to the public key stored in cert; false if otherwise

verifySignature

public boolean verifySignature(CertSource cert)

Verifies the CRL to check whether is is signed by the private key corresponding to the public key in the specified certificate or not.

Parameters:
  • cert – the certificate storing the public key to be used for verification
Throws:
Returns:

true if the CRL is signed by the private key corresponding to the public key stored in cert; false if otherwise