X509CRLSelector

public class X509CRLSelector extends Object
implements CRLSelector

A CRLSelector that selects X509CRLs that match all specified criteria. This class is particularly useful when selecting CRLs from a CertStore to check revocation status of a particular certificate.

When first constructed, an X509CRLSelector has no criteria enabled and each of the get methods return a default value (null). Therefore, the match method would return true for any X509CRL. Typically, several criteria are enabled (by calling setIssuers or setDateAndTime, for instance) and then the X509CRLSelector is passed to CertStore.getCRLs or some similar method.

Please refer to RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile for definitions of the X.509 CRL fields and extensions mentioned below.

Concurrent Access

Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize.

Public Constructor Summary

X509CRLSelector()
Creates an X509CRLSelector.

Public Method Summary

void
addIssuer(X500Principal issuer)
Adds a name to the issuerNames criterion.
void
addIssuerName(byte[] name)
Adds a name to the issuerNames criterion.
void
addIssuerName(String name)
Denigrated, use {@linkplain #addIssuer(X500Principal)} or {@linkplain #addIssuerName(byte[])} instead.
Object
clone()
Returns a copy of this object.
X509Certificate
getCertificateChecking()
Returns the certificate being checked.