/* * @(#)X509CRLEntry.java 1.16 03/12/19 * * Copyright 2004 Sun Microsystems, Inc. All rights reserved. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ package java.security.cert; import java.math.BigInteger; import java.util.Date; import java.util.Set; import javax.security.auth.x500.X500Principal; /** *

Abstract class for a revoked certificate in a CRL (Certificate * Revocation List). * * The ASN.1 definition for revokedCertificates is: * 

 * revokedCertificates    SEQUENCE OF SEQUENCE  {
 *     userCertificate    CertificateSerialNumber,
 *     revocationDate     ChoiceOfTime,
 *     crlEntryExtensions Extensions OPTIONAL
 *                        -- if present, must be v2
 * }  OPTIONAL
 *

 * CertificateSerialNumber  ::=  INTEGER
 *

 * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
 *

 * Extension  ::=  SEQUENCE  {
 *     extnId        OBJECT IDENTIFIER,
 *     critical      BOOLEAN DEFAULT FALSE,
 *     extnValue     OCTET STRING
 *                   -- contains a DER encoding of a value
 *                   -- of the type registered for use with
 *                   -- the extnId object identifier value
 * }
 *
* * @see X509CRL * @see X509Extension * * @author Hemma Prafullchandra * @version 1.16 03/12/19 */ public abstract class X509CRLEntry implements X509Extension { /** * Compares this CRL entry for equality with the given * object. If the other object is an * instanceof X509CRLEntry, then * its encoded form (the inner SEQUENCE) is retrieved and compared * with the encoded form of this CRL entry. * * @param other the object to test for equality with this CRL entry. * @return true iff the encoded forms of the two CRL entries * match, false otherwise. */ public boolean equals(Object other) { if (this == other) return true; if (!(other instanceof X509CRLEntry)) return false; try { byte[] thisCRLEntry = this.getEncoded(); byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded(); if (thisCRLEntry.length != otherCRLEntry.length) return false; for (int i = 0; i < thisCRLEntry.length; i++) if (thisCRLEntry[i] != otherCRLEntry[i]) return false; } catch (CRLException ce) { return false; } return true; } /** * Returns a hashcode value for this CRL entry from its * encoded form. * * @return the hashcode value. */ public int hashCode() { int retval = 0; try { byte[] entryData = this.getEncoded(); for (int i = 1; i < entryData.length; i++) retval += entryData[i] * i; } catch (CRLException ce) { return(retval); } return(retval); } /** * Returns the ASN.1 DER-encoded form of this CRL Entry, * that is the inner SEQUENCE. * * @return the encoded form of this certificate * @exception CRLException if an encoding error occurs. */ public abstract byte[] getEncoded() throws CRLException; /** * Gets the serial number from this X509CRLEntry, * the userCertificate. * * @return the serial number. */ public abstract BigInteger getSerialNumber(); /** * Get the issuer of the X509Certificate described by this entry. If * the certificate issuer is also the CRL issuer, this method returns * null. * *

This method is used with indirect CRLs. The default implementation * always returns null. Subclasses that wish to support indirect CRLs * should override it. * * @return the issuer of the X509Certificate described by this entry * or null if it is issued by the CRL issuer. * * @since 1.5 */ public X500Principal getCertificateIssuer() { return null; } /** * Gets the revocation date from this X509CRLEntry, * the revocationDate. * * @return the revocation date. */ public abstract Date getRevocationDate(); /** * Returns true if this CRL entry has extensions. * * @return true if this entry has extensions, false otherwise. */ public abstract boolean hasExtensions(); /** * Returns a string representation of this CRL entry. * * @return a string representation of this CRL entry. */ public abstract String toString(); }