X509CRLSelector

public class X509CRLSelector extends Object
implements CRLSelector

A CRLSelector that selects X509CRLs that match all specified criteria. This class is particularly useful when selecting CRLs from a CertStore to check revocation status of a particular certificate.

When first constructed, an X509CRLSelector has no criteria enabled and each of the get methods return a default value (null). Therefore, the match method would return true for any X509CRL. Typically, several criteria are enabled (by calling setIssuers or setDateAndTime, for instance) and then the X509CRLSelector is passed to CertStore.getCRLs or some similar method.

Please refer to RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile for definitions of the X.509 CRL fields and extensions mentioned below.

Concurrent Access

Unless otherwise specified, the methods defined in this class are not thread-safe. Multiple threads that need to access a single object concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating separate objects need not synchronize.

Public Constructor Summary

X509CRLSelector()
Creates an X509CRLSelector.

Public Method Summary

void
addIssuer(X500Principal issuer)
Adds a name to the issuerNames criterion.
void
addIssuerName(byte[] name)
Adds a name to the issuerNames criterion.
void
addIssuerName(String name)
Denigrated, use {@linkplain #addIssuer(X500Principal)} or {@linkplain #addIssuerName(byte[])} instead.
Object
clone()
Returns a copy of this object.
X509Certificate
getCertificateChecking()
Returns the certificate being checked.
Date
getDateAndTime()
Returns the dateAndTime criterion.
Collection<Object>
getIssuerNames()
Returns a copy of the issuerNames criterion.
Collection<X500Principal>
getIssuers()
Returns the issuerNames criterion.
BigInteger
getMaxCRL()
Returns the maxCRLNumber criterion.
BigInteger
getMinCRL()
Returns the minCRLNumber criterion.
boolean
match(CRL crl)
Decides whether a CRL should be selected.
void
setCertificateChecking(X509Certificate cert)
Sets the certificate being checked.
void
setDateAndTime(Date dateAndTime)
Sets the dateAndTime criterion.
void
setIssuerNames(Collection<?> names)
Note: use {@linkplain #setIssuers(Collection)} instead or only specify the byte array form of distinguished names when using this method.
void
setIssuers(Collection<X500Principal> issuers)
Sets the issuerNames criterion.
void
setMaxCRLNumber(BigInteger maxCRL)
Sets the maxCRLNumber criterion.
void
setMinCRLNumber(BigInteger minCRL)
Sets the minCRLNumber criterion.
String
toString()
Returns a printable representation of the X509CRLSelector.

Inherited Method Summary

Public Constructors

public X509CRLSelector ()

Creates an X509CRLSelector. Initially, no criteria are set so any X509CRL will match.

Public Methods

public void addIssuer (X500Principal issuer)

Adds a name to the issuerNames criterion. The issuer distinguished name in the X509CRL must match at least one of the speci