public class X509CRLSelector extends Object
implements CRLSelector

A CRLSelector that selects X509CRLs that match all specified criteria. This class is particularly useful when selecting CRLs from a CertStore to check revocation status of a particular certificate.

When first constructed, an X509CRLSelector has no criteria enabled and each of the get methods return a default value (null). Therefore, the match method would return true for any X509CRL. Typically, several criteria are enabled (by calling setIssuers or setDateAndTime, for instance) and then the X509CRLSelector is passed to CertStore.getCRLs or some similar method.

Please refer to RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile for definitions of the X.509 CRL fields and extensions mentioned below.

Concurrent Access

Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize.

Public Constructor Summary

Creates an X509CRLSelector.

Public Method Summary

addIssuer(X500Principal issuer)
Adds a name to the issuerNames criterion.
addIssuerName(byte[] name)
Adds a name to the issuerNames criterion.
addIssuerName(String name)
Denigrated, use {@linkplain #addIssuer(X500Principal)} or {@linkplain #addIssuerName(byte[])} instead.
Returns a copy of this object.
Returns the certificate being checked.