src/share/classes/java/security/cert/X509CRL.java
Print this page
*** 70,80 ****
* <p>
* More information can be found in
* <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
* Public Key Infrastructure Certificate and CRL Profile</a>.
* <p>
! * The ASN.1 definition of <code>tbsCertList</code> is:
* <pre>
* TBSCertList ::= SEQUENCE {
* version Version OPTIONAL,
* -- if present, must be v2
* signature AlgorithmIdentifier,
--- 70,80 ----
* <p>
* More information can be found in
* <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
* Public Key Infrastructure Certificate and CRL Profile</a>.
* <p>
! * The ASN.1 definition of {@code tbsCertList} is:
* <pre>
* TBSCertList ::= SEQUENCE {
* version Version OPTIONAL,
* -- if present, must be v2
* signature AlgorithmIdentifier,
*** 92,107 ****
* }
* </pre>
* <p>
* CRLs are instantiated using a certificate factory. The following is an
* example of how to instantiate an X.509 CRL:
! * <pre><code>
* try (InputStream inStream = new FileInputStream("fileName-of-crl")) {
* CertificateFactory cf = CertificateFactory.getInstance("X.509");
* X509CRL crl = (X509CRL)cf.generateCRL(inStream);
* }
! * </code></pre>
*
* @author Hemma Prafullchandra
*
*
* @see CRL
--- 92,107 ----
* }
* </pre>
* <p>
* CRLs are instantiated using a certificate factory. The following is an
* example of how to instantiate an X.509 CRL:
! * <pre>{@code
* try (InputStream inStream = new FileInputStream("fileName-of-crl")) {
* CertificateFactory cf = CertificateFactory.getInstance("X.509");
* X509CRL crl = (X509CRL)cf.generateCRL(inStream);
* }
! * }</pre>
*
* @author Hemma Prafullchandra
*
*
* @see CRL
*** 120,131 ****
super("X.509");
}
/**
* Compares this CRL for equality with the given
! * object. If the <code>other</code> object is an
! * <code>instanceof</code> <code>X509CRL</code>, then
* its encoded form is retrieved and compared with the
* encoded form of this CRL.
*
* @param other the object to test for equality with this CRL.
*
--- 120,131 ----
super("X.509");
}
/**
* Compares this CRL for equality with the given
! * object. If the {@code other} object is an
! * {@code instanceof} {@code X509CRL}, then
* its encoded form is retrieved and compared with the
* encoded form of this CRL.
*
* @param other the object to test for equality with this CRL.
*
*** 223,233 ****
* supplied by the given provider. Note that the specified Provider object
* does not have to be registered in the provider list.
*
* This method was added to version 1.8 of the Java Platform Standard
* Edition. In order to maintain backwards compatibility with existing
! * service providers, this method is not <code>abstract</code>
* and it provides a default implementation.
*
* @param key the PublicKey used to carry out the verification.
* @param sigProvider the signature provider.
*
--- 223,233 ----
* supplied by the given provider. Note that the specified Provider object
* does not have to be registered in the provider list.
*
* This method was added to version 1.8 of the Java Platform Standard
* Edition. In order to maintain backwards compatibility with existing
! * service providers, this method is not {@code abstract}
* and it provides a default implementation.
*
* @param key the PublicKey used to carry out the verification.
* @param sigProvider the signature provider.
*
*** 243,253 ****
InvalidKeyException, SignatureException {
X509CRLImpl.verify(this, key, sigProvider);
}
/**
! * Gets the <code>version</code> (version number) value from the CRL.
* The ASN.1 definition for this is:
* <pre>
* version Version OPTIONAL,
* -- if present, must be v2<p>
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
--- 243,253 ----
InvalidKeyException, SignatureException {
X509CRLImpl.verify(this, key, sigProvider);
}
/**
! * Gets the {@code version} (version number) value from the CRL.
* The ASN.1 definition for this is:
* <pre>
* version Version OPTIONAL,
* -- if present, must be v2<p>
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*** 259,274 ****
*/
public abstract int getVersion();
/**
* <strong>Denigrated</strong>, replaced by {@linkplain
! * #getIssuerX500Principal()}. This method returns the <code>issuer</code>
* as an implementation specific Principal object, which should not be
* relied upon by portable code.
*
* <p>
! * Gets the <code>issuer</code> (issuer distinguished name) value from
* the CRL. The issuer name identifies the entity that signed (and
* issued) the CRL.
*
* <p>The issuer name field contains an
* X.500 distinguished name (DN).
--- 259,274 ----
*/
public abstract int getVersion();
/**
* <strong>Denigrated</strong>, replaced by {@linkplain
! * #getIssuerX500Principal()}. This method returns the {@code issuer}
* as an implementation specific Principal object, which should not be
* relied upon by portable code.
*
* <p>
! * Gets the {@code issuer} (issuer distinguished name) value from
* the CRL. The issuer name identifies the entity that signed (and
* issued) the CRL.
*
* <p>The issuer name field contains an
* X.500 distinguished name (DN).
*** 285,314 ****
* AttributeType,
* AttributeValue }
* AttributeType ::= OBJECT IDENTIFIER
* AttributeValue ::= ANY
* </pre>
! * The <code>Name</code> describes a hierarchical name composed of
* attributes,
* such as country name, and corresponding values, such as US.
! * The type of the <code>AttributeValue</code> component is determined by
! * the <code>AttributeType</code>; in general it will be a
! * <code>directoryString</code>. A <code>directoryString</code> is usually
! * one of <code>PrintableString</code>,
! * <code>TeletexString</code> or <code>UniversalString</code>.
*
* @return a Principal whose name is the issuer distinguished name.
*/
public abstract Principal getIssuerDN();
/**
* Returns the issuer (issuer distinguished name) value from the
! * CRL as an <code>X500Principal</code>.
* <p>
* It is recommended that subclasses override this method.
*
! * @return an <code>X500Principal</code> representing the issuer
* distinguished name
* @since 1.4
*/
public X500Principal getIssuerX500Principal() {
if (issuerPrincipal == null) {
--- 285,314 ----
* AttributeType,
* AttributeValue }
* AttributeType ::= OBJECT IDENTIFIER
* AttributeValue ::= ANY
* </pre>
! * The {@code Name} describes a hierarchical name composed of
* attributes,
* such as country name, and corresponding values, such as US.
! * The type of the {@code AttributeValue} component is determined by
! * the {@code AttributeType}; in general it will be a
! * {@code directoryString}. A {@code directoryString} is usually
! * one of {@code PrintableString},
! * {@code TeletexString} or {@code UniversalString}.
*
* @return a Principal whose name is the issuer distinguished name.
*/
public abstract Principal getIssuerDN();
/**
* Returns the issuer (issuer distinguished name) value from the
! * CRL as an {@code X500Principal}.
* <p>
* It is recommended that subclasses override this method.
*
! * @return an {@code X500Principal} representing the issuer
* distinguished name
* @since 1.4
*/
public X500Principal getIssuerX500Principal() {
if (issuerPrincipal == null) {
*** 316,342 ****
}
return issuerPrincipal;
}
/**
! * Gets the <code>thisUpdate</code> date from the CRL.
* The ASN.1 definition for this is:
* <pre>
* thisUpdate ChoiceOfTime
* ChoiceOfTime ::= CHOICE {
* utcTime UTCTime,
* generalTime GeneralizedTime }
* </pre>
*
! * @return the <code>thisUpdate</code> date from the CRL.
*/
public abstract Date getThisUpdate();
/**
! * Gets the <code>nextUpdate</code> date from the CRL.
*
! * @return the <code>nextUpdate</code> date from the CRL, or null if
* not present.
*/
public abstract Date getNextUpdate();
/**
--- 316,342 ----
}
return issuerPrincipal;
}
/**
! * Gets the {@code thisUpdate} date from the CRL.
* The ASN.1 definition for this is:
* <pre>
* thisUpdate ChoiceOfTime
* ChoiceOfTime ::= CHOICE {
* utcTime UTCTime,
* generalTime GeneralizedTime }
* </pre>
*
! * @return the {@code thisUpdate} date from the CRL.
*/
public abstract Date getThisUpdate();
/**
! * Gets the {@code nextUpdate} date from the CRL.
*
! * @return the {@code nextUpdate} date from the CRL, or null if
* not present.
*/
public abstract Date getNextUpdate();
/**
*** 386,405 ****
*/
public abstract Set<? extends X509CRLEntry> getRevokedCertificates();
/**
* Gets the DER-encoded CRL information, the
! * <code>tbsCertList</code> from this CRL.
* This can be used to verify the signature independently.
*
* @return the DER-encoded CRL information.
* @exception CRLException if an encoding error occurs.
*/
public abstract byte[] getTBSCertList() throws CRLException;
/**
! * Gets the <code>signature</code> value (the raw signature bits) from
* the CRL.
* The ASN.1 definition for this is:
* <pre>
* signature BIT STRING
* </pre>
--- 386,405 ----
*/
public abstract Set<? extends X509CRLEntry> getRevokedCertificates();
/**
* Gets the DER-encoded CRL information, the
! * {@code tbsCertList} from this CRL.
* This can be used to verify the signature independently.
*
* @return the DER-encoded CRL information.
* @exception CRLException if an encoding error occurs.
*/
public abstract byte[] getTBSCertList() throws CRLException;
/**
! * Gets the {@code signature} value (the raw signature bits) from
* the CRL.
* The ASN.1 definition for this is:
* <pre>
* signature BIT STRING
* </pre>
*** 420,430 ****
* -- contains a value of the type
* -- registered for use with the
* -- algorithm object identifier value
* </pre>
*
! * <p>The algorithm name is determined from the <code>algorithm</code>
* OID string.
*
* @return the signature algorithm name.
*/
public abstract String getSigAlgName();
--- 420,430 ----
* -- contains a value of the type
* -- registered for use with the
* -- algorithm object identifier value
* </pre>
*
! * <p>The algorithm name is determined from the {@code algorithm}
* OID string.
*
* @return the signature algorithm name.
*/
public abstract String getSigAlgName();