/* * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package java.security.cert; import java.math.BigInteger; import java.util.Date; import javax.security.auth.x500.X500Principal; import sun.security.x509.X509CRLEntryImpl; /** *

Abstract class for a revoked certificate in a CRL (Certificate * Revocation List). * * The ASN.1 definition for revokedCertificates is: *

 * revokedCertificates    SEQUENCE OF SEQUENCE  {
 *     userCertificate    CertificateSerialNumber,
 *     revocationDate     ChoiceOfTime,
 *     crlEntryExtensions Extensions OPTIONAL
 *                        -- if present, must be v2
 * }  OPTIONAL
 *
 * CertificateSerialNumber  ::=  INTEGER
 *
 * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
 *
 * Extension  ::=  SEQUENCE  {
 *     extnId        OBJECT IDENTIFIER,
 *     critical      BOOLEAN DEFAULT FALSE,
 *     extnValue     OCTET STRING
 *                   -- contains a DER encoding of a value
 *                   -- of the type registered for use with
 *                   -- the extnId object identifier value
 * }
 * 
* * @see X509CRL * @see X509Extension * * @author Hemma Prafullchandra */ public abstract class X509CRLEntry implements X509Extension { /** * Compares this CRL entry for equality with the given * object. If the {@code other} object is an * {@code instanceof} {@code X509CRLEntry}, then * its encoded form (the inner SEQUENCE) is retrieved and compared * with the encoded form of this CRL entry. * * @param other the object to test for equality with this CRL entry. * @return true iff the encoded forms of the two CRL entries * match, false otherwise. */ public boolean equals(Object other) { if (this == other) return true; if (!(other instanceof X509CRLEntry)) return false; try { byte[] thisCRLEntry = this.getEncoded(); byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded(); if (thisCRLEntry.length != otherCRLEntry.length) return false; for (int i = 0; i < thisCRLEntry.length; i++) if (thisCRLEntry[i] != otherCRLEntry[i]) return false; } catch (CRLException ce) { return false; } return true; } /** * Returns a hashcode value for this CRL entry from its * encoded form. * * @return the hashcode value. */ public int hashCode() { int retval = 0; try { byte[] entryData = this.getEncoded(); for (int i = 1; i < entryData.length; i++) retval += entryData[i] * i; } catch (CRLException ce) { return(retval); } return(retval); } /** * Returns the ASN.1 DER-encoded form of this CRL Entry, * that is the inner SEQUENCE. * * @return the encoded form of this certificate * @exception CRLException if an encoding error occurs. */ public abstract byte[] getEncoded() throws CRLException; /** * Gets the serial number from this X509CRLEntry, * the userCertificate. * * @return the serial number. */ public abstract BigInteger getSerialNumber(); /** * Get the issuer of the X509Certificate described by this entry. If * the certificate issuer is also the CRL issuer, this method returns * null. * *

This method is used with indirect CRLs. The default implementation * always returns null. Subclasses that wish to support indirect CRLs * should override it. * * @return the issuer of the X509Certificate described by this entry * or null if it is issued by the CRL issuer. * * @since 1.5 */ public X500Principal getCertificateIssuer() { return null; } /** * Gets the revocation date from this X509CRLEntry, * the revocationDate. * * @return the revocation date. */ public abstract Date getRevocationDate(); /** * Returns true if this CRL entry has extensions. * * @return true if this entry has extensions, false otherwise. */ public abstract boolean hasExtensions(); /** * Returns a string representation of this CRL entry. * * @return a string representation of this CRL entry. */ public abstract String toString(); /** * Returns the reason the certificate has been revoked, as specified * in the Reason Code extension of this CRL entry. * * @return the reason the certificate has been revoked, or * {@code null} if this CRL entry does not have * a Reason Code extension * @since 1.7 */ public CRLReason getRevocationReason() { if (!hasExtensions()) { return null; } return X509CRLEntryImpl.getRevocationReason(this); } }