org.bouncycastle.x509

Class X509V2CRLGenerator


public class X509V2CRLGenerator
extends java.lang.Object

class to produce an X.509 Version 2 CRL.

Constructor Summary

X509V2CRLGenerator()

Method Summary

void
addCRL(X509CRL other)
Add the CRLEntry objects contained in a previous CRL.
void
addCRLEntry(BigInteger userCertificate, Date revocationDate, int reason)
Reason being as indicated by CRLReason, i.e.
void
addCRLEntry(BigInteger userCertificate, Date revocationDate, int reason, Date invalidityDate)
Add a CRL entry with an Invalidity Date extension as well as a CRLReason extension.
void
addCRLEntry(BigInteger userCertificate, Date revocationDate, X509Extensions extensions)
Add a CRL entry with extensions.
void
addExtension(String oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 0)
void
addExtension(String oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 0)
void
addExtension(DERObjectIdentifier oid, boolean critical, byte[] value)
add a given extension field for the standard extensions tag (tag 0)
void
addExtension(DERObjectIdentifier oid, boolean critical, DEREncodable value)
add a given extension field for the standard extensions tag (tag 0)
X509CRL
generate(PrivateKey key)
generate an X509 CRL, based on the current issuer and subject using the default provider.
X509CRL
generate(PrivateKey key, SecureRandom random)
generate an X509 CRL, based on the current issuer and subject using the default provider and an user defined SecureRandom object as source of randomness.
X509CRL
generate(PrivateKey key, String provider)
generate an X509 certificate, based on the current issuer and subject using the passed in provider for the signing.
X509CRL
generate(PrivateKey key, String provider, SecureRandom random)
generate an X509 CRL, based on the current issuer and subject, using the passed in provider for the signing.
X509CRL
generateX509CRL(PrivateKey key)
Deprecated. use generate(key, "BC")
X509CRL
generateX509CRL(PrivateKey key, SecureRandom random)
Deprecated. use generate(key, random, "BC")
X509CRL
generateX509CRL(PrivateKey key, String provider)
Deprecated. use generate()
X509CRL
generateX509CRL(PrivateKey key, String provider, SecureRandom random)
Deprecated. use generate()
Iterator
getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.
void
reset()
reset the generator
void
setIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
void
setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.
void
setNextUpdate(Date date)
void
setSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm.
void
setThisUpdate(Date date)

Constructor Details

X509V2CRLGenerator

public X509V2CRLGenerator()

Method Details

addCRL

public void addCRL(X509CRL other)
            throws CRLException
Add the CRLEntry objects contained in a previous CRL.
Parameters:
other - the X509CRL to source the other entries from.

addCRLEntry

public void addCRLEntry(BigInteger userCertificate,
                        Date revocationDate,
                        int reason)
Reason being as indicated by CRLReason, i.e. CRLReason.keyCompromise or 0 if CRLReason is not to be used

addCRLEntry

public void addCRLEntry(BigInteger userCertificate,
                        Date revocationDate,
                        int reason,
                        Date invalidityDate)
Add a CRL entry with an Invalidity Date extension as well as a CRLReason extension. Reason being as indicated by CRLReason, i.e. CRLReason.keyCompromise or 0 if CRLReason is not to be used

addCRLEntry

public void addCRLEntry(BigInteger userCertificate,
                        Date revocationDate,
                        X509Extensions extensions)
Add a CRL entry with extensions.

addExtension

public void addExtension(String oid,
                         boolean critical,
                         byte[] value)
add a given extension field for the standard extensions tag (tag 0)

addExtension

public void addExtension(String oid,
                         boolean critical,
                         DEREncodable value)
add a given extension field for the standard extensions tag (tag 0)

addExtension

public void addExtension(DERObjectIdentifier oid,
                         boolean critical,
                         byte[] value)
add a given extension field for the standard extensions tag (tag 0)

addExtension

public void addExtension(DERObjectIdentifier oid,
                         boolean critical,
                         DEREncodable value)
add a given extension field for the standard extensions tag (tag 0)

generate

public X509CRL generate(PrivateKey key)
            throws CRLException,
                   IllegalStateException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 CRL, based on the current issuer and subject using the default provider.

Note: this differs from the deprecated method in that the default provider is used - not "BC".


generate

public X509CRL generate(PrivateKey key,
                        SecureRandom random)
            throws CRLException,
                   IllegalStateException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 CRL, based on the current issuer and subject using the default provider and an user defined SecureRandom object as source of randomness.

Note: this differs from the deprecated method in that the default provider is used - not "BC".


generate

public X509CRL generate(PrivateKey key,
                        String provider)
            throws CRLException,
                   IllegalStateException,
                   NoSuchProviderException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 certificate, based on the current issuer and subject using the passed in provider for the signing.

generate

public X509CRL generate(PrivateKey key,
                        String provider,
                        SecureRandom random)
            throws CRLException,
                   IllegalStateException,
                   NoSuchProviderException,
                   NoSuchAlgorithmException,
                   SignatureException,
                   InvalidKeyException
generate an X509 CRL, based on the current issuer and subject, using the passed in provider for the signing.

generateX509CRL

public X509CRL generateX509CRL(PrivateKey key)
            throws SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate(key, "BC")

generate an X509 CRL, based on the current issuer and subject using the default provider "BC".

generateX509CRL

public X509CRL generateX509CRL(PrivateKey key,
                               SecureRandom random)
            throws SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate(key, random, "BC")

generate an X509 CRL, based on the current issuer and subject using the default provider "BC" and an user defined SecureRandom object as source of randomness.

generateX509CRL

public X509CRL generateX509CRL(PrivateKey key,
                               String provider)
            throws NoSuchProviderException,
                   SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate()

generate an X509 certificate, based on the current issuer and subject using the passed in provider for the signing.

generateX509CRL

public X509CRL generateX509CRL(PrivateKey key,
                               String provider,
                               SecureRandom random)
            throws NoSuchProviderException,
                   SecurityException,
                   SignatureException,
                   InvalidKeyException

Deprecated. use generate()

generate an X509 CRL, based on the current issuer and subject, using the passed in provider for the signing.

getSignatureAlgNames

public Iterator getSignatureAlgNames()
Return an iterator of the signature names supported by the generator.
Returns:
an iterator containing recognised names.

reset

public void reset()
reset the generator

setIssuerDN

public void setIssuerDN(X500Principal issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

setIssuerDN

public void setIssuerDN(X509Name issuer)
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the certificate.

setNextUpdate

public void setNextUpdate(Date date)

setSignatureAlgorithm

public void setSignatureAlgorithm(String signatureAlgorithm)
Set the signature algorithm. This can be either a name or an OID, names are treated as case insensitive.
Parameters:
signatureAlgorithm - string representation of the algorithm name.

setThisUpdate

public void setThisUpdate(Date date)