Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
The BSD License Copyright (c) 2010-2012 RIPE NCC All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the RIPE NCC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 package net.ripe.rpki.commons.crypto.crl;
 
 
 import java.net.URI;
 import java.util.Set;
 
 import static net.ripe.rpki.commons.crypto.x509cert.X509CertificateBuilderHelper.*;
 
 public class X509Crl implements CertificateRepositoryObject {
 
     private static final long serialVersionUID = 1L;
 
     private final byte[] encoded;
 
     private transient X509CRL crl;
 
     public X509Crl(byte[] encoded) { //NOPMD - ArrayIsStoredDirectly
         Validate.notNull(encoded);
         this. = encoded;
     }
 
     public X509Crl(X509CRL crl) {
         Validate.notNull(crl);
         try {
             this. = crl;
             this. = crl.getEncoded();
         } catch (CRLException e) {
             throw new IllegalArgumentException(e);
         }
     }
 
     @Override
     public byte[] getEncoded() {
         return ;
     }
 
    public X509CRL getCrl() {
        if ( == null) {
             = makeX509CRLFromEncoded();
        }
        return ;
    }
    public static X509Crl parseDerEncoded(byte[] encodedValidationResult validationResult) {
        try {
            X509Crl crl = new X509Crl(makeX509CRLFromEncoded(encoded));
            validationResult.pass(.);
            return crl;
        } catch (IllegalArgumentException e) {
            validationResult.error(.);
            throw e;
        }
    }
    private static X509CRL makeX509CRLFromEncoded(byte[] encoded) {
        if (encoded == null) {
            return null;
        }
        ByteArrayInputStream in = null;
        try {
            in = new ByteArrayInputStream(encoded);
            CertificateFactory factory = CertificateFactory.getInstance("X.509");
            return (X509CRLfactory.generateCRL(in);
        } catch (CertificateException e) {
            throw new IllegalArgumentException(e);
        } catch (CRLException e) {
            throw new IllegalArgumentException(e);
        } finally {
            if (in != null) {
                IOUtils.closeQuietly(in);
            }
        }
    }
    @Override
    public int hashCode() {
        final int prime = 31;
        int result = 1;
        result = prime * result + Arrays.hashCode();
        return result;
    }
    @Override
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null) {
            return false;
        }
        if (getClass() != obj.getClass()) {
            return false;
        }
        final X509Crl other = (X509Crlobj;
        return Arrays.equals(other.encoded);
    }
    public byte[] getAuthorityKeyIdentifier() {
        return X509CertificateUtil.getAuthorityKeyIdentifier(getCrl());
    }
    public DateTime getThisUpdateTime() {
        return new DateTime(getCrl().getThisUpdate(), .);
    }
    public DateTime getNextUpdateTime() {
        return new DateTime(getCrl().getNextUpdate(), .);
    }
    public X500Principal getIssuer() {
        return getCrl().getIssuerX500Principal();
    }
    @Override
    public void validate(String locationCertificateRepositoryObjectValidationContext contextCrlLocator crlLocatorValidationOptions optionsValidationResult result) {
        X509CrlValidator crlValidator = new X509CrlValidator(optionsresultcontext.getCertificate());
        crlValidator.validate(locationthis);
    }
    public int getVersion() {
        return getCrl().getVersion();
    }
    public String getSigAlgName() {
        return getCrl().getSigAlgName();
    }
        SortedSet<Entryresult = new TreeSet<Entry>();
        Set<? extends X509CRLEntryentries = getCrl().getRevokedCertificates();
        if (entries != null) {
            for (X509CRLEntry entry : entries) {
                result.add(new Entry(entry));
            }
        }
        return result;
    }
    public Entry getRevokedCertificate(BigInteger serialNumber) {
        X509CRLEntry entry = getCrl().getRevokedCertificate(serialNumber);
        return entry == null ? null : new Entry(entry);
    }
    public BigInteger getNumber() {
        try {
            byte[] extensionValue = getCrl().getExtensionValue(..getId());
            if (extensionValue == null) {
                return null;
            }
            ASN1Integer number = (ASN1Integer) X509ExtensionUtil.fromExtensionValue(extensionValue);
            return number.getPositiveValue();
        } catch (IOException e) {
            throw new X509CrlException("cannot get CRLNumber extension from CRL"e);
        }
    }
    @Override
    public URI getCrlUri() {
        return null;
    }

    
This method is required by the interface, but should never be called on X509Crl objects.. it's pointless. They don't have an AIA.

    @Override
    public URI getParentCertificateUri() {
        throw new UnsupportedOperationException();
    }
    public void verify(PublicKey publicKeythrows SignatureException {
        try {
            getCrl().verify(publicKey);
        } catch (InvalidKeyException e) {
            throw new IllegalArgumentException(e);
        } catch (CRLException e) {
            throw new IllegalArgumentException(e);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e);
        } catch (NoSuchProviderException e) {
            throw new IllegalArgumentException(e);
        }
    }
    public boolean isRevoked(X509Certificate certificate) {
        return getCrl().isRevoked(certificate);
    }
    public static class X509CRLEntryComparator implements Comparator<X509CRLEntry> {
        @Override
        public int compare(X509CRLEntry o1X509CRLEntry o2) {
            return o1.getSerialNumber().compareTo(o2.getSerialNumber());
        }
    }
    public static class Entry extends EqualsSupport implements Comparable<Entry>, Serializable {
        private static final long serialVersionUID = 1L;
        private final BigInteger serialNumber;
        private final DateTime revocationDateTime;
        public Entry(BigInteger serialDateTime revocationDateTime) {
            Validate.notNull(serial"serial is required");
            Validate.notNull(revocationDateTime"revocationDateTime is required");
            this. = serial;
            this. = revocationDateTime.withMillisOfSecond(0);
        }
        public Entry(X509CRLEntry entry) {
            this. = entry.getSerialNumber();
            this. = new DateTime(entry.getRevocationDate(), .);
        }
        public BigInteger getSerialNumber() {
            return ;
        }
        public DateTime getRevocationDateTime() {
            return ;
        }
        @Override
        public int compareTo(Entry o) {
            return getSerialNumber().compareTo(o.getSerialNumber());
        }
    }
New to GrepCode? Check out our FAQ X