You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
192 lines
5.0 KiB
192 lines
5.0 KiB
/*
|
|
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
|
|
* ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*
|
|
*/
|
|
|
|
package java.security.cert;
|
|
|
|
import java.math.BigInteger;
|
|
import java.util.Date;
|
|
import javax.security.auth.x500.X500Principal;
|
|
|
|
import sun.security.x509.X509CRLEntryImpl;
|
|
|
|
/**
|
|
* <p>Abstract class for a revoked certificate in a CRL (Certificate
|
|
* Revocation List).
|
|
*
|
|
* The ASN.1 definition for <em>revokedCertificates</em> is:
|
|
* <pre>
|
|
* revokedCertificates SEQUENCE OF SEQUENCE {
|
|
* userCertificate CertificateSerialNumber,
|
|
* revocationDate ChoiceOfTime,
|
|
* crlEntryExtensions Extensions OPTIONAL
|
|
* -- if present, must be v2
|
|
* } OPTIONAL
|
|
*
|
|
* CertificateSerialNumber ::= INTEGER
|
|
*
|
|
* Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
|
|
*
|
|
* Extension ::= SEQUENCE {
|
|
* extnId OBJECT IDENTIFIER,
|
|
* critical BOOLEAN DEFAULT FALSE,
|
|
* extnValue OCTET STRING
|
|
* -- contains a DER encoding of a value
|
|
* -- of the type registered for use with
|
|
* -- the extnId object identifier value
|
|
* }
|
|
* </pre>
|
|
*
|
|
* @see X509CRL
|
|
* @see X509Extension
|
|
*
|
|
* @author Hemma Prafullchandra
|
|
*/
|
|
|
|
public abstract class X509CRLEntry implements X509Extension {
|
|
|
|
/**
|
|
* Compares this CRL entry for equality with the given
|
|
* object. If the {@code other} object is an
|
|
* {@code instanceof} {@code X509CRLEntry}, then
|
|
* its encoded form (the inner SEQUENCE) is retrieved and compared
|
|
* with the encoded form of this CRL entry.
|
|
*
|
|
* @param other the object to test for equality with this CRL entry.
|
|
* @return true iff the encoded forms of the two CRL entries
|
|
* match, false otherwise.
|
|
*/
|
|
public boolean equals(Object other) {
|
|
if (this == other)
|
|
return true;
|
|
if (!(other instanceof X509CRLEntry))
|
|
return false;
|
|
try {
|
|
byte[] thisCRLEntry = this.getEncoded();
|
|
byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded();
|
|
|
|
if (thisCRLEntry.length != otherCRLEntry.length)
|
|
return false;
|
|
for (int i = 0; i < thisCRLEntry.length; i++)
|
|
if (thisCRLEntry[i] != otherCRLEntry[i])
|
|
return false;
|
|
} catch (CRLException ce) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Returns a hashcode value for this CRL entry from its
|
|
* encoded form.
|
|
*
|
|
* @return the hashcode value.
|
|
*/
|
|
public int hashCode() {
|
|
int retval = 0;
|
|
try {
|
|
byte[] entryData = this.getEncoded();
|
|
for (int i = 1; i < entryData.length; i++)
|
|
retval += entryData[i] * i;
|
|
|
|
} catch (CRLException ce) {
|
|
return(retval);
|
|
}
|
|
return(retval);
|
|
}
|
|
|
|
/**
|
|
* Returns the ASN.1 DER-encoded form of this CRL Entry,
|
|
* that is the inner SEQUENCE.
|
|
*
|
|
* @return the encoded form of this certificate
|
|
* @exception CRLException if an encoding error occurs.
|
|
*/
|
|
public abstract byte[] getEncoded() throws CRLException;
|
|
|
|
/**
|
|
* Gets the serial number from this X509CRLEntry,
|
|
* the <em>userCertificate</em>.
|
|
*
|
|
* @return the serial number.
|
|
*/
|
|
public abstract BigInteger getSerialNumber();
|
|
|
|
/**
|
|
* Get the issuer of the X509Certificate described by this entry. If
|
|
* the certificate issuer is also the CRL issuer, this method returns
|
|
* null.
|
|
*
|
|
* <p>This method is used with indirect CRLs. The default implementation
|
|
* always returns null. Subclasses that wish to support indirect CRLs
|
|
* should override it.
|
|
*
|
|
* @return the issuer of the X509Certificate described by this entry
|
|
* or null if it is issued by the CRL issuer.
|
|
*
|
|
* @since 1.5
|
|
*/
|
|
public X500Principal getCertificateIssuer() {
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Gets the revocation date from this X509CRLEntry,
|
|
* the <em>revocationDate</em>.
|
|
*
|
|
* @return the revocation date.
|
|
*/
|
|
public abstract Date getRevocationDate();
|
|
|
|
/**
|
|
* Returns true if this CRL entry has extensions.
|
|
*
|
|
* @return true if this entry has extensions, false otherwise.
|
|
*/
|
|
public abstract boolean hasExtensions();
|
|
|
|
/**
|
|
* Returns a string representation of this CRL entry.
|
|
*
|
|
* @return a string representation of this CRL entry.
|
|
*/
|
|
public abstract String toString();
|
|
|
|
/**
|
|
* Returns the reason the certificate has been revoked, as specified
|
|
* in the Reason Code extension of this CRL entry.
|
|
*
|
|
* @return the reason the certificate has been revoked, or
|
|
* {@code null} if this CRL entry does not have
|
|
* a Reason Code extension
|
|
* @since 1.7
|
|
*/
|
|
public CRLReason getRevocationReason() {
|
|
if (!hasExtensions()) {
|
|
return null;
|
|
}
|
|
return X509CRLEntryImpl.getRevocationReason(this);
|
|
}
|
|
}
|