ReasonCode (6.0 API Documentation)

java.lang.Object
- iaik.x509.V3Extension
- - iaik.x509.extensions.ReasonCode

public class ReasonCode
extends V3Extension

This class implements the ReasonCode extension. The ReasonCode extension is a non critical standard X509v2 CRL entry extension.

Each extension is associated with a specific certificateExtension object identifier, derived from:

 certificateExtension  OBJECT IDENTIFIER ::=
                            {joint-iso-ccitt(2) ds(5) 29}
 id-ce                 OBJECT IDENTIFIER ::=  certificateExtension

The object identifier for the CRLNumber extension is defined as:

id-ce-cRLReason OBJECT IDENTIFIER ::= { id-ce 21 }

which corresponds to the OID string "2.5.29.21".

The X.509 Certificate and CRL profile presented in RFC 3280 specifies the reason code crl entry extension for identifying the reason for a certificate revocation. CAs are strongly encouraged to include reason codes in CRL entries; however, the reason code CRL entry extension should be absent instead of using the unspecified reasonCode value.

ASN.1 definition:

 reasonCode ::= { CRLReason }
 

 CRLReason ::= ENUMERATED {
    unspecified             (0),
    keyCompromise           (1),
    cACompromise            (2),
    affiliationChanged      (3),
    superseded              (4),
    cessationOfOperation    (5),
    certificateHold         (6),
    removeFromCRL           (8),
    privilegeWithdrawn      (9),
    aACompromise           (10)}

Since in the IAIK-JCE environment revoked certificates are implementations of the iaik.x509.RevokedCertificate class, a reasonCode CRL entry extension may be added to a revoked certificate by using the addExtension method of the iaik.x509.RevokedCertificate class. Any revoked certificate itself is added to a certificate revocation list by using a proper addCertificate method of the iaik.x509.X509CRL class, e.g.:

 //Create a revoked certificate from a X509Certificate and set the revocation date
 //to the current date; the X509Certificate is read in from a file:
 GregorianCalendar date = (GregorianCalendar)Calendar.getInstance();
 InputStream fis = new FileInputStream("cert.der");
 X509Certificate cert = new X509Certificate(fis);
 fis.close();
 RevokedCertificate rev_cert = new RevokedCertificate(cert, date.getTime());
 //add the reason code CRL entry extension to the revoked certificate:
 ReasonCode reasonCode = new ReasonCode(ReasonCode.keyCompromise);
 rev_cert.addExtension(reasonCode);
 //add the revoked certificate to the crl
 X509CRL crl = new X509CRL();
  ...
 crl.addCertificate(rev_cert);

Version:: File Revision 23
See Also:: X509CRL, X509Certificate, RevokedCertificate

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`aACompromise` Certificate revocation reason `aACompromise`.
`static int`	`affiliationChanged` Certificate revocation reason `affiliationChanged`.
`static int`	`cACompromise` Certificate revocation reason `cACompromise`.
`static int`	`certificateHold` Certificate revocation reason `certificateHold`.
`static int`	`cessationOfOperation` Certificate revocation reason `cessationOfOperation`.
`static int`	`keyCompromise` Certificate revocation reason `keyCompromise`.
`static ObjectID`	`oid` The object identifier of this ReasonCode extension.
`static int`	`privilegeWithdrawn` Certificate revocation reason `privilegeWithdrawn`.
`static int`	`removeFromCRL` Certificate revocation reason `removeFromCRL`.
`static int`	`superseded` Certificate revocation reason `superseded`.
`static int`	`unspecified` Certificate revocation reason `unspecified`.

Fields inherited from class iaik.x509.V3Extension
critical

Constructor Summary

Constructors
Constructor and Description
`ReasonCode()` Default constructor.
`ReasonCode(int reasonCode)` Creates a new `ReasonCode` from a `int` specifying the reason for certificate revocation.

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`equals(java.lang.Object obj)` Compares this `ReasonCode` to the specified object.
`ObjectID`	`getObjectID()` Returns the object ID of this `ReasonCode` extension
`int`	`getReasonCode()` Returns the reason code specifying the reason for certificate revocation.
`java.lang.String`	`getReasonCodeName()` Returns the name of the reason code as String.
`int`	`hashCode()` Returns a hashcode for this identity.
`void`	`init(ASN1Object obj)` Inits this `ReasonCode` implementation with an ASN1object representing the value of this extension.
`void`	`setReasonCode(int reasonCode)` Sets the reason code for this `ReasonCode` object.
`ASN1Object`	`toASN1Object()` Returns an ASN1Object representing the value of this `ReasonCode` extension object.
`java.lang.String`	`toString()` Returns a string that represents the contents of the `ReasonCode` extension.

Methods inherited from class iaik.x509.V3Extension
getName, isCritical, setCritical

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Field Detail
  - unspecified
```
public static final int unspecified
```
    Certificate revocation reason unspecified.
    
    See Also:
    Constant Field Values
  - keyCompromise
```
public static final int keyCompromise
```
    Certificate revocation reason keyCompromise.
    
    See Also:
    Constant Field Values
  - cACompromise
```
public static final int cACompromise
```
    Certificate revocation reason cACompromise.
    
    See Also:
    Constant Field Values
  - affiliationChanged
```
public static final int affiliationChanged
```
    Certificate revocation reason affiliationChanged.
    
    See Also:
    Constant Field Values
  - superseded
```
public static final int superseded
```
    Certificate revocation reason superseded.
    
    See Also:
    Constant Field Values
  - cessationOfOperation
```
public static final int cessationOfOperation
```
    Certificate revocation reason cessationOfOperation.
    
    See Also:
    Constant Field Values
  - certificateHold
```
public static final int certificateHold
```
    Certificate revocation reason certificateHold.
    
    See Also:
    Constant Field Values
  - removeFromCRL
```
public static final int removeFromCRL
```
    Certificate revocation reason removeFromCRL.
    
    See Also:
    Constant Field Values
  - privilegeWithdrawn
```
public static final int privilegeWithdrawn
```
    Certificate revocation reason privilegeWithdrawn.
    
    See Also:
    Constant Field Values
  - aACompromise
```
public static final int aACompromise
```
    Certificate revocation reason aACompromise.
    
    See Also:
    Constant Field Values
  - oid
```
public static final ObjectID oid
```
    The object identifier of this ReasonCode extension. The corresponding OID string is "2.5.29.21".
- Constructor Detail
  - ReasonCode
```
public ReasonCode()
```
    Default constructor.
    Creates an empty ReasonCode object.
    Use setReasonCode for specifying some particular reason for certificate revocation, e.g.:
```
 ReasonCode reasonCode = new ReasonCode();
 reasonCode.setReasonCode(ReasonCode.keyCompromise);
 
```
  - ReasonCode
```
public ReasonCode(int reasonCode)
```
    Creates a new ReasonCode from a int specifying the reason for certificate revocation.
    For instance:
```
 ReasonCode reasonCode = new ReasonCode(ReasonCode.keyCompromise);
 
```
    Parameters:
    reasonCode - the reason code specifying the reason for certificate revocation
- Method Detail
  - getObjectID
```
public ObjectID getObjectID()
```
    Returns the object ID of this ReasonCode extension
    
    Specified by:
    
    getObjectID in class V3Extension
    
    Returns:
    the object ID
  - init
```
public void init(ASN1Object obj)
```
    Inits this ReasonCode implementation with an ASN1object representing the value of this extension.
    The given ASN1Object represents an Integer which specifies the reason for certifcate revocation.
    The given ASN1Object is the one created by toASN1Object().
    This method is used by the X509Extensions class when parsing the ASN.1 representation of a CRL for properly initializing an included ReasonCode extension. This method initializes the extension only with its value, but not with its critical specification. For that reason, this method shall not be explicitly called by an application.
    
    Specified by:
    
    init in class V3Extension
    
    Parameters:
    obj - the ReasonCode as ASN1Object
  - toASN1Object
```
public ASN1Object toASN1Object()
```
    Returns an ASN1Object representing the value of this ReasonCode extension object.
    The returned ASN1Object is an ASN.1 Enumerated representing an Integer which specifies the reason for certifcate revocation:
```
 reasonCode ::= { CRLReason }

 CRLReason ::= ENUMERATED {
    unspecified             (0),
    keyCompromise           (1),
    cACompromise            (2),
    affiliationChanged      (3),
    superseded              (4),
    cessationOfOperation    (5),
    certificateHold         (6),
    removeFromCRL           (8),
    privilegeWithdrawn      (9),
    aACompromise           (10)}
 
```
    Specified by:
    
    toASN1Object in class V3Extension
    
    Returns:
    the value of this ReasonCode as ASN1Object
  - setReasonCode
```
public void setReasonCode(int reasonCode)
```
    Sets the reason code for this ReasonCode object.
    For instance:
```
 ReasonCode reasonCode = new ReasonCode();
 reasonCode.setReasonCode(ReasonCode.keyCompromise);
 
```
    Parameters:
    reasonCode - the reason code specifying the reason for certifcate revocation
  - getReasonCode
```
public int getReasonCode()
```
    Returns the reason code specifying the reason for certificate revocation.
    The following integer value - reason code mapping is used:
    - 0: unspecified
    - 1: keyCompromise
    - 2: cACompromise
    - 3: affiliationChanged
    - 4: superseded
    - 5: cessationOfOperation
    - 6: certificateHold
    - 8: removeFromCRL
    - 9: privilegeWithdrawn
    - 10: aACompromise
    Returns:
    the reason code as int
  - getReasonCodeName
```
public java.lang.String getReasonCodeName()
```
    Returns the name of the reason code as String.
    
    Returns:
    the name of the reason code, e.g. "KeyCompromise"
  - hashCode
```
public int hashCode()
```
    Returns a hashcode for this identity.
    
    Specified by:
    
    hashCode in class V3Extension
    
    Returns:
    a hash code for this identity
  - equals
```
public boolean equals(java.lang.Object obj)
```
    Compares this ReasonCode to the specified object.
    
    Overrides:
    
    equals in class java.lang.Object
    
    Parameters:
    obj - the object to compare this ReasonCode against.
    
    Returns:
    true, if the given object is equal to this ReasonCode (same reason code value), false otherwise
  - toString
```
public java.lang.String toString()
```
    Returns a string that represents the contents of the ReasonCode extension.
    
    Overrides:
    
    toString in class java.lang.Object
    
    Returns:
    the string representation

Class ReasonCode

Field Summary

Fields inherited from class iaik.x509.V3Extension

Constructor Summary

Method Summary

Methods inherited from class iaik.x509.V3Extension

Methods inherited from class java.lang.Object

Field Detail

unspecified

keyCompromise

cACompromise

affiliationChanged

superseded

cessationOfOperation

certificateHold

removeFromCRL

privilegeWithdrawn

aACompromise

oid

Constructor Detail

ReasonCode

ReasonCode

Method Detail

getObjectID

init

toASN1Object

setReasonCode

getReasonCode

getReasonCodeName

hashCode

equals

toString