FileDocCategorySizeDatePackage
TBSCertList.javaAPI DocAndroid 1.5 API16552Wed May 06 22:41:06 BST 2009org.apache.harmony.security.x509

TBSCertList

public class TBSCertList extends Object
The class encapsulates the ASN.1 DER encoding/decoding work with TBSCertList structure which is the part of X.509 CRL (as specified in RFC 3280 - Internet X.509 Public Key Infrastructure. Certificate and Certificate Revocation List (CRL) Profile. http://www.ietf.org/rfc/rfc3280.txt): 
TBSCertList ::= SEQUENCE {
version Version OPTIONAL,
-- if present, MUST be v2
signature AlgorithmIdentifier,
issuer Name,
thisUpdate Time,
nextUpdate Time OPTIONAL,
revokedCertificates SEQUENCE OF SEQUENCE {
userCertificate CertificateSerialNumber,
revocationDate Time,
crlEntryExtensions Extensions OPTIONAL
-- if present, MUST be v2
} OPTIONAL,
crlExtensions [0] EXPLICIT Extensions OPTIONAL
-- if present, MUST be v2
}

Fields Summary
private final int
version
private final AlgorithmIdentifier
signature
private final org.apache.harmony.security.x501.Name
issuer
private final Date
thisUpdate
private final Date
nextUpdate
private final List
revokedCertificates
private final Extensions
crlExtensions
private byte[]
encoding
public static final org.apache.harmony.security.asn1.ASN1Sequence
ASN1
X.509 TBSCertList encoder/decoder.
Constructors Summary
public TBSCertList(AlgorithmIdentifier signature, org.apache.harmony.security.x501.Name issuer, Date thisUpdate)
Constructs the instance of TBSCertList without optional fields. Take a note, that regarding to the rfc 3280 (p. 49): "When CRLs are issued, the CRLs MUST be version 2 CRLs, include the date by which the next CRL will be issued in the nextUpdate field (section 5.1.2.5), include the CRL number extension (section 5.2.3), and include the authority key identifier extension (section 5.2.1). Conforming applications that support CRLs are REQUIRED to process both version 1 and version 2 complete CRLs that provide revocation information for all certificates issued by one CA. Conforming applications are NOT REQUIRED to support processing of delta CRLs, indirect CRLs, or CRLs with a scope other than all certificates issued by one CA."

param
signature: AlgorithmIdentifier
param
issuer: Name
param
thisUpdate: Time

    

                                                                                                                                              
       
                
        this.version = 1; 
        this.signature = signature; 
        this.issuer = issuer;
        this.thisUpdate = thisUpdate;
        this.nextUpdate = null;
        this.revokedCertificates = null;
        this.crlExtensions = null;
public TBSCertList(int version, AlgorithmIdentifier signature, org.apache.harmony.security.x501.Name issuer, Date thisUpdate, Date nextUpdate, List revokedCertificates, Extensions crlExtensions)
Constructs the instance of TBSCertList with all optional fields

param
version: version of the CRL. Should be 1 or 2. Note that if the version of CRL is 1, then nextUpdate, crlExtensions fields of CRL and crlEntryExtensions field of CRL entry must not be presented in CRL. FIXME: do check for it.
param
signature: AlgorithmIdentifier
param
issuer: Name
param
thisUpdate: Time
param
nextUpdate: Time
param
revokedCertificates: List
param
crlExtensions: Extensions

        this.version = version; 
        this.signature = signature; 
        this.issuer = issuer;
        this.thisUpdate = thisUpdate;
        this.nextUpdate = nextUpdate;
        this.revokedCertificates = revokedCertificates;
        this.crlExtensions = crlExtensions;
private TBSCertList(int version, AlgorithmIdentifier signature, org.apache.harmony.security.x501.Name issuer, Date thisUpdate, Date nextUpdate, List revokedCertificates, Extensions crlExtensions, byte[] encoding)

        this.version = version; 
        this.signature = signature; 
        this.issuer = issuer;
        this.thisUpdate = thisUpdate;
        this.nextUpdate = nextUpdate;
        this.revokedCertificates = revokedCertificates;
        this.crlExtensions = crlExtensions;
        this.encoding = encoding;
Methods Summary
public voiddumpValue(java.lang.StringBuffer buffer)
Places the string representation of extension value into the StringBuffer object.

        buffer.append("X.509 CRL v").append(version); //$NON-NLS-1$
        buffer.append("\nSignature Algorithm: ["); //$NON-NLS-1$
        signature.dumpValue(buffer);
        buffer.append(']");
        buffer.append("\nIssuer: ").append(issuer.getName(X500Principal.RFC2253)); //$NON-NLS-1$
        buffer.append("\n\nThis Update: ").append(thisUpdate); //$NON-NLS-1$
        buffer.append("\nNext Update: ").append(nextUpdate).append('\n"); //$NON-NLS-1$
        if (revokedCertificates != null) {
            buffer.append("\nRevoked Certificates: ") //$NON-NLS-1$
                .append(revokedCertificates.size()).append(" ["); //$NON-NLS-1$
            int number = 1;
            for (Iterator it = revokedCertificates.iterator();it.hasNext();) {
                buffer.append("\n  [").append(number++).append(']"); //$NON-NLS-1$
                ((RevokedCertificate) it.next()).dumpValue(buffer, "  "); //$NON-NLS-1$
                buffer.append('\n");
            }
            buffer.append("]\n"); //$NON-NLS-1$
        }
        if (crlExtensions != null) {
            buffer.append("\nCRL Extensions: ") //$NON-NLS-1$
                .append(crlExtensions.size()).append(" ["); //$NON-NLS-1$
            crlExtensions.dumpValue(buffer, "  "); //$NON-NLS-1$
            buffer.append("]\n"); //$NON-NLS-1$
        }
public booleanequals(java.lang.Object tbs)

        if (!(tbs instanceof TBSCertList)) {
            return false;
        }
        TBSCertList tbscert = (TBSCertList) tbs;
        return (version == tbscert.version)
            && (signature.equals(tbscert.signature))
            // FIXME use Name.equals when it will be implemented
            && (Arrays.equals(issuer.getEncoded(), tbscert.issuer.getEncoded()))
            && ((thisUpdate.getTime() / 1000) 
                    == (tbscert.thisUpdate.getTime() / 1000))
            && ((nextUpdate == null) 
                    ? tbscert.nextUpdate == null
                    : ((nextUpdate.getTime() / 1000) 
                        == (tbscert.nextUpdate.getTime() / 1000)))
            && ((((revokedCertificates == null) 
                            || (tbscert.revokedCertificates == null))
                    && (revokedCertificates == tbscert.revokedCertificates))
                || (revokedCertificates.containsAll(tbscert.revokedCertificates)
                    && (revokedCertificates.size() 
                        == tbscert.revokedCertificates.size())))
            && ((crlExtensions == null)
                    ? tbscert.crlExtensions == null
                    : crlExtensions.equals(tbscert.crlExtensions));
public ExtensionsgetCrlExtensions()
Returns the value of crlExtensions field of the structure.

return
extensions

        return crlExtensions;
public byte[]getEncoded()
Returns ASN.1 encoded form of this X.509 TBSCertList value.

return
a byte array containing ASN.1 encode form.

        if (encoding == null) {
            encoding = ASN1.encode(this);
        }
        return encoding;
public org.apache.harmony.security.x501.NamegetIssuer()
Returns the value of issuer field of the structure.

return
issuer

        return issuer;
public java.util.DategetNextUpdate()
Returns the value of nextUpdate field of the structure.

return
nextUpdate

        return nextUpdate;
public java.util.ListgetRevokedCertificates()
Returns the value of revokedCertificates field of the structure.

return
revokedCertificates

        return revokedCertificates;
public AlgorithmIdentifiergetSignature()
Returns the value of signature field of the structure.

return
signature

        return signature;
public java.util.DategetThisUpdate()
Returns the value of thisUpdate field of the structure.

return
thisUpdate

        return thisUpdate;
public intgetVersion()
Returns the value of version field of the structure.

return
version

        return version;