org.bouncycastle.x509

Class X509CRLStoreSelector

Implemented Interfaces:
Cloneable, Selector

public class X509CRLStoreSelector
extends X509CRLSelector
implements Selector

This class is a Selector implementation for X.509 certificate revocation lists.
See Also:
Selector, X509Store, X509StoreCRLCollection

Method Summary

Object
clone()
X509AttributeCertificate
getAttrCertificateChecking()
Returns the attribute certificate being checked.
static X509CRLStoreSelector
getInstance(X509CRLSelector selector)
Returns an instance of this from a X509CRLSelector.
Collection
getIssuers()
byte[]
getIssuingDistributionPoint()
Returns the issuing distribution point.
BigInteger
getMaxBaseCRLNumber()
Get the maximum base CRL number.
boolean
isCompleteCRLEnabled()
If true only complete CRLs are returned.
boolean
isDeltaCRLIndicatorEnabled()
Returns if this selector must match CRLs with the delta CRL indicator extension set.
boolean
isIssuingDistributionPointEnabled()
Returns if the issuing distribution point criteria should be applied.
boolean
match(Object obj)
void
setAttrCertificateChecking(X509AttributeCertificate attrCert)
Sets the attribute certificate being checked.
void
setCompleteCRLEnabled(boolean completeCRLEnabled)
If set to true only complete CRLs are returned.
void
setDeltaCRLIndicatorEnabled(boolean deltaCRLIndicator)
If this is set to true the CRL reported contains the delta CRL indicator CRL extension.
void
setIssuers(Collection issuers)
void
setIssuingDistributionPoint(byte[] issuingDistributionPoint)
Sets the issuing distribution point.
void
setIssuingDistributionPointEnabled(boolean issuingDistributionPointEnabled)
Enables or disables the issuing distribution point check.
void
setMaxBaseCRLNumber(BigInteger maxBaseCRLNumber)
Sets the maximum base CRL number.

Method Details

clone

public Object clone()
Specified by:
clone in interface Selector

getAttrCertificateChecking

public X509AttributeCertificate getAttrCertificateChecking()
Returns the attribute certificate being checked.
Returns:
Returns the attribute certificate being checked.

getInstance

public static X509CRLStoreSelector getInstance(X509CRLSelector selector)
Returns an instance of this from a X509CRLSelector.
Parameters:
selector - A X509CRLSelector instance.
Returns:
An instance of an X509CRLStoreSelector.

getIssuers

public Collection getIssuers()

getIssuingDistributionPoint

public byte[] getIssuingDistributionPoint()
Returns:
Returns the issuing distribution point.

getMaxBaseCRLNumber

public BigInteger getMaxBaseCRLNumber()
Get the maximum base CRL number. Defaults to null.
Returns:
Returns the maximum base CRL number.

isCompleteCRLEnabled

public boolean isCompleteCRLEnabled()
If true only complete CRLs are returned. Defaults to false.
Returns:
true if only complete CRLs are returned.

isDeltaCRLIndicatorEnabled

public boolean isDeltaCRLIndicatorEnabled()
Returns if this selector must match CRLs with the delta CRL indicator extension set. Defaults to false.
Returns:
Returns true if only CRLs with the delta CRL indicator extension are selected.

isIssuingDistributionPointEnabled

public boolean isIssuingDistributionPointEnabled()
Returns if the issuing distribution point criteria should be applied. Defaults to false.

You may also set the issuing distribution point criteria if not a missing issuing distribution point should be assumed.

Returns:
Returns if the issuing distribution point check is enabled.

match

public boolean match(Object obj)
Specified by:
match in interface Selector

setAttrCertificateChecking

public void setAttrCertificateChecking(X509AttributeCertificate attrCert)
Sets the attribute certificate being checked. This is not a criterion. Rather, it is optional information that may help a X509Store find CRLs that would be relevant when checking revocation for the specified attribute certificate. If null is specified, then no such optional information is provided.
Parameters:
attrCert - the X509AttributeCertificate being checked (or null)

setCompleteCRLEnabled

public void setCompleteCRLEnabled(boolean completeCRLEnabled)
Parameters:
completeCRLEnabled - true if only complete CRLs should be returned.

setDeltaCRLIndicatorEnabled

public void setDeltaCRLIndicatorEnabled(boolean deltaCRLIndicator)
Parameters:
deltaCRLIndicator - true if the delta CRL indicator extension must be in the CRL.

setIssuers

public void setIssuers(Collection issuers)

setIssuingDistributionPoint

public void setIssuingDistributionPoint(byte[] issuingDistributionPoint)
Parameters:
issuingDistributionPoint - The issuing distribution point to set. This is the DER encoded OCTET STRING extension value.

setIssuingDistributionPointEnabled

public void setIssuingDistributionPointEnabled(boolean issuingDistributionPointEnabled)
Enables or disables the issuing distribution point check.
Parameters:
issuingDistributionPointEnabled - true to enable the issuing distribution point check.

setMaxBaseCRLNumber

public void setMaxBaseCRLNumber(BigInteger maxBaseCRLNumber)
Sets the maximum base CRL number. Setting to null disables this cheack.

This is only meaningful for delta CRLs. Complete CRLs must have a CRL number which is greater or equal than the base number of the corresponding CRL.

Parameters:
maxBaseCRLNumber - The maximum base CRL number to set.