iaik.x509.stream

Class X509CRLStream

java.lang.Object

iaik.x509.stream.X509CRLStream

public class X509CRLStream
extends java.lang.Object

A CRL stream object parses a CRL from a given stream and notifies a CRL listener about the contents of the CRL during parsing. This allows parsing large CRL verify efficiently, because this method does not require keeping all contents of the CRL in memory. The contents are processed on-the-fly.

A typical use-case may look like this:

  X509Certificates[] consideredCertificates = ...; 
  X509Certificates crlIssuerCertificate = ...; 
  RevokedCertificatesCRLListener listener = 
      new RevokedCertificatesCRLListener(consideredCertificates, crlIssuerCertificate);
  X509CRLStream crlStream = new X509CRLStream(listener);
 
  URL crlUrl = ...; 
  InputStream crlInputStream = crlUrl.openStream();
  crlStream.parse(crlInputStream);
 
  Hashtable revocationEntriesTable = listener.getRevokedCertificates();
 
  for (int i = 0; i < consideredCertificates.length; i++) { 
    RevokedCertificate revocationEntry = (RevokedCertificate)
        revocationEntriesTable.remove(consideredCertificates[i]); 
    if (revocationEntry != null) { 
      // this certificate is listed on the CRL, check reason code, check
      revocation time,...
    } 
  }
 
 

where the consideredCertificates is a list of certificate which should be checked for revocation. The revocationEntriesTable contains the CRL entries indexed with the certificate objects. Please note that only such revocation entries are in this table which correspond to certificates in the list specified by consideredCertificates.

Constructor Summary

Constructors

Constructor and Description
X509CRLStream(CRLListener listener) Creates a new CRL stream parser which notifies the given listener about the contents of the CRL.

Method Summary

Methods

Modifier and Type	Method and Description
CRLListener	getListener() Gets the CRL listener used by this CRLStream.
void	parse(java.io.InputStream crlStream) Parse the CRL from the given stream.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

X509CRLStream

public X509CRLStream(CRLListener listener)

Creates a new CRL stream parser which notifies the given listener about the contents of the CRL.

Parameters:

listener - The listener to notify during parsing.

Method Detail

parse

public void parse(java.io.InputStream crlStream)
           throws java.io.IOException,
                  java.security.cert.CRLException

Parse the CRL from the given stream. The stream must provide the CRL in DER encoded format.

Parameters:

crlStream - The stream that provides the CRL in DER encoded format.

Throws:

java.io.IOException - If reading from the stream fails.

java.security.cert.CRLException - If the CRL has an invalid format.

getListener

public CRLListener getListener()

Gets the CRL listener used by this CRLStream.

Returns:

the CRL listener