public class

X509CRLSelector

extends Object
implements CRLSelector
java.lang.Object
   ↳ java.security.cert.X509CRLSelector

Class Overview

A CRL selector (CRLSelector for selecting X509CRLs that match the specified criteria.

When constructed, all criteria are set to default values that will match any X509CRL.

Summary

Public Constructors
X509CRLSelector()
Creates a new X509CertSelector.
Public Methods
void addIssuer(X500Principal issuer)
Adds an issuer to the criterion for the issuer distinguished names.
void addIssuerName(byte[] iss_name)
Adds an issuer to the criterion for the issuer distinguished names.
void addIssuerName(String iss_name)
Do not use:, use addIssuer(X500Principal) or addIssuerName(byte[]) instead.
Object clone()
Clones this X509CRL instance.
X509Certificate getCertificateChecking()
Returns the certificate hint to find CRLs.
Date getDateAndTime()
Returns the criterion for the CRL update period.
Collection<Object> getIssuerNames()
Returns the criterion for the issuer distinguished names.
Collection<X500Principal> getIssuers()
Returns the criterion for the issuer distinguished names.
BigInteger getMaxCRL()
Returns the criterion for the maximum CRL number.
BigInteger getMinCRL()
Returns the criterion for the minimum CRL number.
boolean match(CRL crl)
Returns whether the specified CRL matches all the criteria collected in this instance.
void setCertificateChecking(X509Certificate cert)
Sets a certificate hint to find CRLs.
void setDateAndTime(Date dateAndTime)
Sets the criterion for the CRL update period.
void setIssuerNames(Collection<?> names)
Do not use: use setIssuers(Collection) or one of addIssuerName(byte[]) instead.
void setIssuers(Collection<X500Principal> issuers)
Sets the criterion for the issuer distinguished names.
void setMaxCRLNumber(BigInteger maxCRL)
Sets the criterion for the maximum CRL number.
void setMinCRLNumber(BigInteger minCRL)
Sets the criterion for the minimum CRL number.
String toString()
Returns a string representation of this X509CRLSelector instance.
[Expand]
Inherited Methods
From class java.lang.Object
From interface java.security.cert.CRLSelector

Public Constructors

public X509CRLSelector ()

Since: API Level 1

Creates a new X509CertSelector.

Public Methods

public void addIssuer (X500Principal issuer)

Since: API Level 1

Adds an issuer to the criterion for the issuer distinguished names.

The CRL issuer must match at least one of the specified distinguished names.

Parameters
issuer the issuer to add to the criterion

public void addIssuerName (byte[] iss_name)

Since: API Level 1

Adds an issuer to the criterion for the issuer distinguished names.

The CRL issuer must match at least one of the specified distinguished names.

Parameters
iss_name the issuer to add to the criterion in ASN.1 DER encoded form.
Throws
IOException if parsing fails.

public void addIssuerName (String iss_name)

Since: API Level 1

Do not use:, use addIssuer(X500Principal) or addIssuerName(byte[]) instead. It can fail to match some CRLs because of a loss of encoding information in a RFC 2253 string.

Adds an issuer to the criterion for the issuer distinguished names. The CRK issuer must match at least one of the specified distinguished names.

Parameters
iss_name the RFC 2253 encoded name.
Throws
IOException if parsing fails.

public Object clone ()

Since: API Level 1

Clones this X509CRL instance.

Returns
  • the cloned instance.

public X509Certificate getCertificateChecking ()

Since: API Level 1

Returns the certificate hint to find CRLs. It's not a criterion but may help finding relevant CRLs.

Returns
  • the certificate hint or null if none set.

public Date getDateAndTime ()

Since: API Level 1

Returns the criterion for the CRL update period.

The CRL's thisUpdate value must be equal or before the returned date and the nextUpdate value must be after the returned date.

Returns
  • the date to search for valid CRL's or null if the date is not checked.

public Collection<Object> getIssuerNames ()

Since: API Level 1

Returns the criterion for the issuer distinguished names.

The CRL issuer must match at least one of the distinguished names.

Returns
  • a copy of the list of issuer distinguished names to match, or null if any issuer distinguished name will do. The elements may be strings or ASN.1 DER encoded byte arrays.

public Collection<X500Principal> getIssuers ()

Since: API Level 1

Returns the criterion for the issuer distinguished names.

The CRL issuer must match at least one of the distinguished names.

Returns
  • the unmodifiable list of issuer distinguished names to match, or null if any issuer distinguished name will do.

public BigInteger getMaxCRL ()

Since: API Level 1

Returns the criterion for the maximum CRL number.

The CRL must have a number extension with a value less than or equal to the returned value.

Returns
  • the maximum CRL number or null if the maximum CRL number is not checked.

public BigInteger getMinCRL ()

Since: API Level 1

Returns the criterion for the minimum CRL number.

The CRL must have a number extension with a value greater than or equal to the returned value.

Returns
  • the minimum CRL number or null if the minimum CRL number is not to be checked.

public boolean match (CRL crl)

Since: API Level 1

Returns whether the specified CRL matches all the criteria collected in this instance.

Parameters
crl the CRL to check.
Returns
  • true if the CRL matches all the criteria, otherwise false.

public void setCertificateChecking (X509Certificate cert)

Since: API Level 1

Sets a certificate hint to find CRLs. It's not a criterion but may help finding relevant CRLs.

Parameters
cert the certificate hint or null.

public void setDateAndTime (Date dateAndTime)

Since: API Level 1

Sets the criterion for the CRL update period.

The CRL's thisUpdate value must be equal or before the specified date and the nextUpdate value must be after the specified date.

Parameters
dateAndTime the date to search for valid CRL's or null to not check the date.

public void setIssuerNames (Collection<?> names)

Since: API Level 1

Do not use: use setIssuers(Collection) or one of addIssuerName(byte[]) instead. Sets the criterion for the issuer distinguished names.

The CRL issuer must match at least one of the specified distinguished names.

The specified parameter names is a collection with an entry for each name to be included in the criterion. The name is specified as a String or a byte array specifying the name (in RFC 2253 or ASN.1 DER encoded form)

Parameters
names the list of issuer distinguished names to match, or null if any issuer distinguished name will do.
Throws
IOException if parsing fails.

public void setIssuers (Collection<X500Principal> issuers)

Since: API Level 1

Sets the criterion for the issuer distinguished names.

The CRL issuer must match at least one of the specified distinguished names.

Parameters
issuers the list of issuer distinguished names to match, or null if any issuer distinguished name will do.

public void setMaxCRLNumber (BigInteger maxCRL)

Since: API Level 1

Sets the criterion for the maximum CRL number.

The CRL must have a number extension with a value less than or equal to the specified parameter.

Parameters
maxCRL the maximum CRL number or null to not check the maximum CRL number.

public void setMinCRLNumber (BigInteger minCRL)

Since: API Level 1

Sets the criterion for the minimum CRL number.

The CRL must have a number extension with a value greater than or equal to the specified parameter.

Parameters
minCRL the minimum CRL number or null to not check the minimum CRL number

public String toString ()

Since: API Level 1

Returns a string representation of this X509CRLSelector instance.

Returns
  • a string representation of this X509CRLSelector instance.