Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

iaik.x509.ocsp.extensions
Class CrlID

java.lang.Object
  |
  +--iaik.x509.V3Extension
        |
        +--iaik.x509.ocsp.extensions.CrlID
public class CrlID
extends V3Extension

This class implements the OCSP CrlID (CRL References) extension.

As with all OCSP extensions, support of the CrlID extension is optional for client and servers. The critical flag should not be set.

Each OCSP extension is associated with a specific ocsp extension object identifier, derived from RFC 2560: 

 id-pkix  OBJECT IDENTIFIER  ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) }

 id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }       
        -- arc for access descriptors

 id-ad-ocsp      OBJECT IDENTIFIER ::= { id-ad 1 }
 
 id-pkix-ocsp    OBJECT IDENTIFIER ::= { id-ad-ocsp }
The object identifier for the CrlID extension is defined as: 
 id-pkix-ocsp-crl  OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 }
which corresponds to the OID string "1.3.6.1.5.5.7.48.1.3".

The Online Certificate Status Protocol (RFC 2560) specifies the CrlID extension for allowing a responder to indicate the CRL on which a revoked or onHold certificate is found. This can be useful where OCSP is used between repositories, and also as an auditing mechanism. The CRL may be specified by a URL (the URL at which the CRL is available), a number (value of the CRL number extension of the relevant crl) or a time (the time at which the relevant CRL was created). These extensions will be specified as singleExtensions to be included into a SingleResponse.

ASN.1 definition: 

 CrlID ::= SEQUENCE {
    crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
    crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
    crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }

For adding a CrlID extension object to a SingleResponse, use the addExtension method, e.g.: 

 String crlUrl = ...;
 CrlID crlID = new CrlID();
 crlID.setCrlUrl(crlUrl);
 singleResponse.addExtension(CrlID);

Version:
File Revision 8
See Also:
SingleResponse, V3Extension, X509Extensions

Field Summary
static ObjectID oid
          The object identifier of this CrlID extension.
 
Fields inherited from class iaik.x509.V3Extension
critical
 
Constructor Summary
CrlID()
          Default constructor.
 
Method Summary
 int getCrlNum(int crlNum)
          Gets the crl number, if included The crl number specifies the value of the CRL number extension of the corresponding crl.
 Date getCrlTime()
          Gets the crl time, if included.
 String getCrlUrl()
          Gets the crl url, if included.
 ObjectID getObjectID()
          Returns the object ID of this CrlID extension
 int hashCode()
          Returns a hashcode for this identity.
 void init(ASN1Object obj)
          Inits this CrlID implementation with an ASN1object representing the value of this extension.
 void setCrlNum(int crlNum)
          Sets the crl number.
 void setCrlTime(Date time)
          Sets the crl time.
 void setCrlUrl(String crlUrl)
          Sets the crl url.
 ASN1Object toASN1Object()
          Returns an ASN1Object representing the value of this CrlID extension.
 String toString()
          Returns a string that represents the contents of this CrlID extension.
 
Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

oid

public static final ObjectID oid
The object identifier of this CrlID extension. The corresponding OID string is "1.3.6.1.5.5.7.48.1.3".
Constructor Detail

CrlID

public CrlID()
Default constructor. Creates an empty CrlID object. Use methods setCrlUrl, setCrlNum, setCrlTime for setting the fields of this CrlID as required.
Method Detail

setCrlUrl

public void setCrlUrl(String crlUrl)
Sets the crl url. The crl url specifies the URL at which the crl is available.
Parameters:
crlUrl - the crl url to be set

getCrlUrl

public String getCrlUrl()
Gets the crl url, if included. The crl url specifies the URL at which the crl is available.
Returns:
the crl url, if included

setCrlNum

public void setCrlNum(int crlNum)
Sets the crl number. The crl number specifies the value of the CRL number extension of the corresponding crl.
Parameters:
crlNum - the crl number to be set

getCrlNum

public int getCrlNum(int crlNum)
Gets the crl number, if included The crl number specifies the value of the CRL number extension of the corresponding crl.
Returns:
the crl number, if included; otherwise -1

setCrlTime

public void setCrlTime(Date time)
Sets the crl time. The crl time specifies the time at which the relevant CRL was issued.
Parameters:
crlTime - the time at which the relevant CRL was issued.

getCrlTime

public Date getCrlTime()
Gets the crl time, if included. The crl time specifies the time at which the relevant CRL was issued.
Returns:
the crl time, if included; otherwise null

getObjectID

public ObjectID getObjectID()
Returns the object ID of this CrlID extension
Overrides:
getObjectID in class V3Extension
Returns:
the object ID

init

public void init(ASN1Object obj)
          throws X509ExtensionException
Inits this CrlID implementation with an ASN1object representing the value of this extension.

The given ASN1Object is the one created by toASN1Object().

This method is used by the X509Extensions class when parsing the ASN.1 representation of a OCSP object for properly initializing an included CrlID extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

The ASN1Object supplied to this method will reflect the ASN.1 representation of the CrlID extension value: 

 CrlID ::= SEQUENCE {
   crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
   crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
   crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
Overrides:
init in class V3Extension
Parameters:
obj - the CrlID as ASN1Object (SEQUENCE)
Throws:
X509ExtensionException - if the extension cannot be initialized from its ASN1 representation

toASN1Object

public ASN1Object toASN1Object()
Returns an ASN1Object representing the value of this CrlID extension.

The ASN1Object returned by this method will reflect the ASN.1 representation of the CrlID extension value: 

 CrlID ::= SEQUENCE {
   crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
   crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
   crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
Overrides:
toASN1Object in class V3Extension
Returns:
the value of this CrlID as ASN1Object (SEQUENCE)

hashCode

public int hashCode()
Returns a hashcode for this identity.
Overrides:
hashCode in class V3Extension
Returns:
a hash code for this identity

toString

public String toString()
Returns a string that represents the contents of this CrlID extension.
Overrides:
toString in class Object
Returns:
the string representation
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK