iaik.x509.extensions

Class ExpiredCertsOnCRL

java.lang.Object

iaik.x509.V3Extension

iaik.x509.extensions.ExpiredCertsOnCRL

public class ExpiredCertsOnCRL
extends V3Extension

This class implements the ExpiredCertsOnCRL extension. The ExpiredCertsOnCRL extension is a non critical ITU-T X509v2 CRL entry extension.

Each extension is associated with a specific certificateExtension object identifier, derived from:

 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension
 

The object identifier for the CRLNumber extension is defined as:

id-ce-cRLReason OBJECT IDENTIFIER ::= { id-ce 60 }

which corresponds to the OID string "2.5.29.60".

The ExpiredCertsOnCRL CRL extension is not specified by IETF-PKIX. It is defined by the ITU-T Recommendation X.509 and indicates that a CRL containing this extension will include revocation status information for certificates that have been already expired. When used, the ExpiredCertsOnCRL contains the date on which the CRL starts to keep revocation status information for expired certificates (i.e. revocation entries are not removed from the CRL for any certificates that expire at or after the date contained in the ExpiredCertsOnCRL extension.

ASN.1 definition:

 ExpiredCertsOnCRL ::= GeneralizedTime
 

For adding an ExpiredCertsOnCRL extension object to a X509v2 certificate revocation list, use the addExtension method of the iaik.x509.X509CRL class:

 Date date = ...;
 ExpiredCertsOnCRL expiredCertsOnCRL = new ExpiredCertsOnCRL(date);
 X505CRL crl = new X509CRL();
   ...
 crl.addExtension(expiredCertsOnCRL);
 

To get an ExpiredCertsOnCRL extension from a X509CRL use its getExtension method:

 X505CRL crl = ...;
 ExpiredCertsOnCRL expiredCertsOnCRL = (ExpiredCertsOnCRL)crl.getExtension(ExpiredCertsOnCRL.oid);
 Date date = expiredCertsOnCRL.getDate();
 

Version:

File Revision 5

See Also:

X509CRL

Field Summary

Fields

Modifier and Type	Field and Description
static ObjectID	oid The object identifier of this ExpiredCertsOnCRL extension.

Fields inherited from class iaik.x509.V3Extension

critical

Constructor Summary

Constructors

Constructor and Description
ExpiredCertsOnCRL() Default constructor.
ExpiredCertsOnCRL(java.util.Date date) Creates a new ExpiredCertsOnCRL extension for the given date.

Method Summary

Modifier and Type	Method and Description
java.util.Date	getDate() Returns the date from which on revocation status information for expired certificates is included in the CRL.
ObjectID	getObjectID() Returns the object ID of this ExpiredCertsOnCRL extension
int	hashCode() Returns a hashcode for this identity.
void	init(ASN1Object obj) Inits this ExpiredCertsOnCRL implementation with an ASN1object representing the value of this extension.
void	setDate(java.util.Date date) Sets the date from which on revocation status information for expired certificates is included in the CRL.
ASN1Object	toASN1Object() Returns an ASN1Object representing the value of this ExpiredCertsOnCRL extension object.
java.lang.String	toString() Returns a string that represents the contents of the ExpiredCertsOnCRL extension.

Methods inherited from class iaik.x509.V3Extension

getName, isCritical, setCritical

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

oid

public static final ObjectID oid

The object identifier of this ExpiredCertsOnCRL extension. The corresponding OID string is "2.5.29.60".

Constructor Detail

ExpiredCertsOnCRL

public ExpiredCertsOnCRL()

Default constructor.

Creates an empty ExpiredCertsOnCRL object.

Use setDate for specifying the date, from which on to include revocation status information for expired certificates, e.g.:

 ExpiredCertsOnCRL expiredCertsOnCRL = new ExpiredCertsOnCRL();
 Date date = ...;
 expiredCertsOnCRL.setDate(date);
 

ExpiredCertsOnCRL

public ExpiredCertsOnCRL(java.util.Date date)

Creates a new ExpiredCertsOnCRL extension for the given date.

For instance:

 Date date = ...;
 ExpiredCertsOnCRL expiredCertsOnCRL = new ExpiredCertsOnCRL(date);
 

Parameters:

date - the date from which on to include revocation status information for expired certificates

Throws:

java.lang.NullPointerException - if the given date value is null

Method Detail

getObjectID

public ObjectID getObjectID()

Returns the object ID of this ExpiredCertsOnCRL extension

Specified by:

getObjectID in class V3Extension

Returns:

the object ID (2.5.29.60)

init

public void init(ASN1Object obj)
          throws X509ExtensionException

Inits this ExpiredCertsOnCRL implementation with an ASN1object representing the value of this extension.

The given ASN1Object represents a GeneraizedTime giving the date from which on revocation status information for expired certificates is included in the CRL.

This method is used by the X509Extensions class when parsing the ASN.1 representation of a CRL for properly initializing an included ExpiredCertsOnCRL extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.

Specified by:

init in class V3Extension

Parameters:

obj - the ExpiredCertsOnCRL as ASN1Object

Throws:

X509ExtensionException - an error occurs when parsing the supplied ASN.1 object

toASN1Object

public ASN1Object toASN1Object()

Returns an ASN1Object representing the value of this ExpiredCertsOnCRL extension object.

The returned ASN1Object is an ASN.1 GenaralizedTime representing the date from which on revocation status information for expired certificates is included in the CRL:

 ExpiredCertsOnCRL ::= GenaralizedTime
 

Specified by:

toASN1Object in class V3Extension

Returns:

the value of this ExpiredCertsOnCRL as ASN1Object

setDate

public void setDate(java.util.Date date)

Sets the date from which on revocation status information for expired certificates is included in the CRL.

 ExpiredCertsOnCRL expiredCertsOnCRL = new ExpiredCertsOnCRL();
 Date date = ...;
 expiredCertsOnCRL.setExpiredCertsOnCRL(date);
 

Parameters:

date - the date from which on to include revocation status information for expired certificates

Throws:

java.lang.NullPointerException - if the given date value is null

getDate

public java.util.Date getDate()

Returns the date from which on revocation status information for expired certificates is included in the CRL.

Returns:

the date from which on revocation status information for expired certificates is included in the CRL

hashCode

public int hashCode()

Returns a hashcode for this identity.

Specified by:

hashCode in class V3Extension

Returns:

a hash code for this identity

toString

public java.lang.String toString()

Returns a string that represents the contents of the ExpiredCertsOnCRL extension.

Overrides:

toString in class java.lang.Object

Returns:

the string representation